Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Производитель ПО
Наименование ПО
libfreebl3
(any)
libfreebl3-32bit
(any)
libfreebl3-x86
(any)
libsoftokn3
(any)
libsoftokn3-32bit
(any)
libsoftokn3-x86
(any)
MozillaFirefox
(any)
MozillaFirefox-devel
(any)
MozillaFirefox-translations
(any)
mozilla-nss
(any)
mozilla-nss-32bit
(any)
mozilla-nss-devel
(any)
mozilla-nss-tools
(any)
mozilla-nss-x86
(any)
Описание
Mozilla Firefox обновлен до версии 24.7ESR.
Были устранены следующие уязвимости безопасности:
* CVE-2014-1544 -
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html">https://www.mozilla.org/security/announce/2014/mfsa2014-63.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-63.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html">https://www.mozilla.org/security/announce/2014/mfsa2014-63.html>
/> * CVE-2014-1548 -
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html">https://www.mozilla.org/security/announce/2014/mfsa2014-56.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-56.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html">https://www.mozilla.org/security/announce/2014/mfsa2014-56.html>
/> * CVE-2014-1549 -
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html">https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-57.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html">https://www.mozilla.org/security/announce/2014/mfsa2014-57.html>
/> * CVE-2014-1550 -
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html">https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-58.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html">https://www.mozilla.org/security/announce/2014/mfsa2014-58.html>
/> * CVE-2014-1551 -
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html">https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-59.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html">https://www.mozilla.org/security/announce/2014/mfsa2014-59.html>
/> * CVE-2014-1552 -
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html">https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-66.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html">https://www.mozilla.org/security/announce/2014/mfsa2014-66.html>
/> * CVE-2014-1555 -
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html">https://www.mozilla.org/security/announce/2014/mfsa2014-61.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-61.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html">https://www.mozilla.org/security/announce/2014/mfsa2014-61.html>
/> * CVE-2014-1556 -
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html">https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-62.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html">https://www.mozilla.org/security/announce/2014/mfsa2014-62.html>
/> * CVE-2014-1557 -
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html">https://www.mozilla.org/security/announce/2014/mfsa2014-64.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-64.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html">https://www.mozilla.org/security/announce/2014/mfsa2014-64.html>
/> * CVE-2014-1558, CVE-2014-1559, CVE-2014-1560 -
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html">https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-65.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html">https://www.mozilla.org/security/announce/2014/mfsa2014-65.html>
/> * CVE-2014-1561 -
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html">https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-60.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html">https://www.mozilla.org/security/announce/2014/mfsa2014-60.html>
/>
Уязвимости:
* CVE-2014-1557
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557>
/> * CVE-2014-1547
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547>
/> * CVE-2014-1548
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548>
/> * CVE-2014-1556
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556>
/> * CVE-2014-1544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544>
/> * CVE-2014-1555
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555>">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555>
Были устранены следующие уязвимости безопасности:
* CVE-2014-1544 -
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html">https://www.mozilla.org/security/announce/2014/mfsa2014-63.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-63.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-63.html">https://www.mozilla.org/security/announce/2014/mfsa2014-63.html>
/> * CVE-2014-1548 -
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html">https://www.mozilla.org/security/announce/2014/mfsa2014-56.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-56.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-56.html">https://www.mozilla.org/security/announce/2014/mfsa2014-56.html>
/> * CVE-2014-1549 -
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html">https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-57.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-57.html">https://www.mozilla.org/security/announce/2014/mfsa2014-57.html>
/> * CVE-2014-1550 -
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html">https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-58.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-58.html">https://www.mozilla.org/security/announce/2014/mfsa2014-58.html>
/> * CVE-2014-1551 -
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html">https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-59.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-59.html">https://www.mozilla.org/security/announce/2014/mfsa2014-59.html>
/> * CVE-2014-1552 -
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html">https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-66.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-66.html">https://www.mozilla.org/security/announce/2014/mfsa2014-66.html>
/> * CVE-2014-1555 -
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html">https://www.mozilla.org/security/announce/2014/mfsa2014-61.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-61.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-61.html">https://www.mozilla.org/security/announce/2014/mfsa2014-61.html>
/> * CVE-2014-1556 -
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html">https://www.mozilla.org/security/announce/2014/mfsa2014-62.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-62.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-62.html">https://www.mozilla.org/security/announce/2014/mfsa2014-62.html>
/> * CVE-2014-1557 -
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html">https://www.mozilla.org/security/announce/2014/mfsa2014-64.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-64.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-64.html">https://www.mozilla.org/security/announce/2014/mfsa2014-64.html>
/> * CVE-2014-1558, CVE-2014-1559, CVE-2014-1560 -
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html">https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-65.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-65.html">https://www.mozilla.org/security/announce/2014/mfsa2014-65.html>
/> * CVE-2014-1561 -
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html">https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
/> <https://www.mozilla.org/security/announce/2014/mfsa2014-60.html>
https://www.mozilla.org/security/announce/2014/mfsa2014-60.html">https://www.mozilla.org/security/announce/2014/mfsa2014-60.html>
/>
Уязвимости:
* CVE-2014-1557
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557>
/> * CVE-2014-1547
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547>
/> * CVE-2014-1548
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548>
/> * CVE-2014-1556
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556>
/> * CVE-2014-1544
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544>
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544>
/> * CVE-2014-1555
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555>">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555>
Как исправить
Проблема может быть решена обновлением операционной системы до следующих версий пакетов в зависимости от архитектуры:
SUSE Linux Enterprise Software Development Kit 11 SP3:
i586, ia64, ppc64, s390x, x86_64:
MozillaFirefox-devel - 24.7.0esr-0.8.2
mozilla-nss-devel - 3.16.2-0.8.1
SUSE Linux Enterprise Server 11 SP2 LTSS:
i586, s390x, x86_64:
libfreebl3 - 3.16.2-0.3.1
MozillaFirefox-translations - 24.7.0esr-0.3.1
mozilla-nss-devel - 3.16.2-0.3.1
mozilla-nss-tools - 3.16.2-0.3.1
mozilla-nss - 3.16.2-0.3.1
MozillaFirefox - 24.7.0esr-0.3.1
SUSE Linux Enterprise Server 10 SP4 LTSS:
i586, s390x, x86_64:
mozilla-nss - 3.16.2-0.5.1
mozilla-nss-devel - 3.16.2-0.5.1
mozilla-nss-tools - 3.16.2-0.5.1
SUSE Linux Enterprise Server 11 SP3 for VMware:
i586, x86_64:
MozillaFirefox - 24.7.0esr-0.8.2
MozillaFirefox-translations - 24.7.0esr-0.8.2
libfreebl3 - 3.16.2-0.8.1
mozilla-nss - 3.16.2-0.8.1
libsoftokn3 - 3.16.2-0.8.1
mozilla-nss-tools - 3.16.2-0.8.1
SUSE Linux Enterprise Server 10 SP3 LTSS:
i586, s390x, x86_64:
mozilla-nss - 3.16.2-0.5.1
mozilla-nss-devel - 3.16.2-0.5.1
mozilla-nss-tools - 3.16.2-0.5.1
SUSE Linux Enterprise Server 11 SP3:
ppc64, s390x, x86_64:
libsoftokn3-32bit - 3.16.2-0.8.1
mozilla-nss-32bit - 3.16.2-0.8.1
libfreebl3-32bit - 3.16.2-0.8.1
SUSE Linux Enterprise Server 11 SP1 LTSS:
i586, s390x, x86_64:
MozillaFirefox-translations - 24.7.0esr-0.3.1
libfreebl3 - 3.16.2-0.3.1
MozillaFirefox - 24.7.0esr-0.3.1
mozilla-nss-tools - 3.16.2-0.3.1
mozilla-nss - 3.16.2-0.3.1
SUSE Linux Enterprise Desktop 11 SP3:
i586, x86_64:
MozillaFirefox - 24.7.0esr-0.8.2
MozillaFirefox-translations - 24.7.0esr-0.8.2
libfreebl3 - 3.16.2-0.8.1
mozilla-nss - 3.16.2-0.8.1
libsoftokn3 - 3.16.2-0.8.1
mozilla-nss-tools - 3.16.2-0.8.1
SUSE Linux Enterprise Software Development Kit 11 SP3:
i586, ia64, ppc64, s390x, x86_64:
MozillaFirefox-devel - 24.7.0esr-0.8.2
mozilla-nss-devel - 3.16.2-0.8.1
SUSE Linux Enterprise Server 11 SP2 LTSS:
i586, s390x, x86_64:
libfreebl3 - 3.16.2-0.3.1
MozillaFirefox-translations - 24.7.0esr-0.3.1
mozilla-nss-devel - 3.16.2-0.3.1
mozilla-nss-tools - 3.16.2-0.3.1
mozilla-nss - 3.16.2-0.3.1
MozillaFirefox - 24.7.0esr-0.3.1
SUSE Linux Enterprise Server 10 SP4 LTSS:
i586, s390x, x86_64:
mozilla-nss - 3.16.2-0.5.1
mozilla-nss-devel - 3.16.2-0.5.1
mozilla-nss-tools - 3.16.2-0.5.1
SUSE Linux Enterprise Server 11 SP3 for VMware:
i586, x86_64:
MozillaFirefox - 24.7.0esr-0.8.2
MozillaFirefox-translations - 24.7.0esr-0.8.2
libfreebl3 - 3.16.2-0.8.1
mozilla-nss - 3.16.2-0.8.1
libsoftokn3 - 3.16.2-0.8.1
mozilla-nss-tools - 3.16.2-0.8.1
SUSE Linux Enterprise Server 10 SP3 LTSS:
i586, s390x, x86_64:
mozilla-nss - 3.16.2-0.5.1
mozilla-nss-devel - 3.16.2-0.5.1
mozilla-nss-tools - 3.16.2-0.5.1
SUSE Linux Enterprise Server 11 SP3:
ppc64, s390x, x86_64:
libsoftokn3-32bit - 3.16.2-0.8.1
mozilla-nss-32bit - 3.16.2-0.8.1
libfreebl3-32bit - 3.16.2-0.8.1
SUSE Linux Enterprise Server 11 SP1 LTSS:
i586, s390x, x86_64:
MozillaFirefox-translations - 24.7.0esr-0.3.1
libfreebl3 - 3.16.2-0.3.1
MozillaFirefox - 24.7.0esr-0.3.1
mozilla-nss-tools - 3.16.2-0.3.1
mozilla-nss - 3.16.2-0.3.1
SUSE Linux Enterprise Desktop 11 SP3:
i586, x86_64:
MozillaFirefox - 24.7.0esr-0.8.2
MozillaFirefox-translations - 24.7.0esr-0.8.2
libfreebl3 - 3.16.2-0.8.1
mozilla-nss - 3.16.2-0.8.1
libsoftokn3 - 3.16.2-0.8.1
mozilla-nss-tools - 3.16.2-0.8.1
Ссылки
http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00001.html
https://bugzilla.novell.com/887746
http://download.suse.com/patch/finder/?keywords=196914b4be33c9d122303fc5b0d25025
http://download.suse.com/patch/finder/?keywords=2d6344b3abcf62e1e68e8c9dda3fd4c4
http://download.suse.com/patch/finder/?keywords=a771192da5dca3c7e01bde7b62b1e0fd
http://download.suse.com/patch/finder/?keywords=aeabea2b6efdbb9fcccb116e66006d7c
http://download.suse.com/patch/finder/?keywords=f2f8ae117761a6715e1f6766fd35660f
Источник: CVE
Наименование: CVE-2014-1555
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555
Источник: CVE
Наименование: CVE-2014-1547
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547
Источник: CVE
Наименование: CVE-2014-1557
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557
Источник: CVE
Наименование: CVE-2014-1556
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556
Источник: CVE
Наименование: CVE-2014-1544
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544
Источник: CVE
Наименование: CVE-2014-1548
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548
https://bugzilla.novell.com/887746
http://download.suse.com/patch/finder/?keywords=196914b4be33c9d122303fc5b0d25025
http://download.suse.com/patch/finder/?keywords=2d6344b3abcf62e1e68e8c9dda3fd4c4
http://download.suse.com/patch/finder/?keywords=a771192da5dca3c7e01bde7b62b1e0fd
http://download.suse.com/patch/finder/?keywords=aeabea2b6efdbb9fcccb116e66006d7c
http://download.suse.com/patch/finder/?keywords=f2f8ae117761a6715e1f6766fd35660f
Источник: CVE
Наименование: CVE-2014-1555
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1555
Источник: CVE
Наименование: CVE-2014-1547
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1547
Источник: CVE
Наименование: CVE-2014-1557
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1557
Источник: CVE
Наименование: CVE-2014-1556
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1556
Источник: CVE
Наименование: CVE-2014-1544
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1544
Источник: CVE
Наименование: CVE-2014-1548
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1548