Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: openSUSE 11.0 Mozilla Update Failure

  1. #1
    Robert Carlson NNTP User

    Default openSUSE 11.0 Mozilla Update Failure

    Have been running 11.0 since yesterday. Following install, the number
    of updates was very large. All went smoothly. This evening, however,
    the following Mozilla update fails repeatedly (after running install, it
    just comes back):

    Name: mozilla-xulrunner181
    Summary: mozilla-xulrunner181: Add latest security fixes
    Type: security
    New Version: 239
    Restart: No

    Details:
    This update backports security fixes to the Mozilla XULRunner engine. It
    fixes following security issues: CVE-2008-0017 / MFSA 2008-54: The
    http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x
    before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before
    1.1.13 does not check for an allocation failure, which allows remote
    attackers to cause a denial of service (crash) and possibly execute
    arbitrary code via an HTTP index response with a crafted 200 header,
    which triggers memory corruption and a buffer overflow. CVE-2008-5012 /
    MFSA 2008-48: Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x
    before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change
    the source URI when processing a canvas element and an HTTP redirect,
    which allows remote attackers to bypass the same origin policy and
    access arbitrary images that are not directly accessible to the
    attacker. NOTE: this issue can be leveraged to enumerate software on the
    client by performing redirections related to moz-icon. CVE-2008-5013 /
    MFSA 2008-49: Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x
    before 1.1.13 do not properly check when the Flash module has been
    dynamically unloaded properly, which allows remote attackers to execute
    arbitrary code via a crafted SWF file that "dynamically unloads itself
    from an outside JavaScript function," which triggers an access of an
    expired memory address. CVE-2008-5014 / MFSA 2008-50: jslock.cpp in
    Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18,
    Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows
    remote attackers to cause a denial of service (crash) and possibly
    execute arbitrary code by modifying the window.__proto__.__proto__
    object in a way that causes a lock on a non-native object, which
    triggers an assertion failure related to the OBJ_IS_NATIVE function.
    CVE-2008-5016 / MFSA 2008-52: The layout engine in Mozilla Firefox 3.x
    before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before
    1.1.13 allows remote attackers to cause a denial of service (crash) via
    multiple vectors that trigger an assertion failure or other
    consequences. CVE-2008-5017 / MFSA 2008-52: Integer overflow in
    xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x
    before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before
    2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to
    cause a denial of service (crash) via unknown vectors. CVE-2008-5018 /
    MFSA 2008-52: The JavaScript engine in Mozilla Firefox 3.x before 3.0.4,
    Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and
    SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of
    service (crash) via vectors related to "insufficient class checking" in
    the Date class. CVE-2008-5021 / MFSA 2008-55: nsFrameManager in Firefox
    3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before
    2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to
    cause a denial of service (crash) and possibly execute arbitrary code by
    modifying properties of a file input element while it is still being
    initialized, then using the blur method to access uninitialized memory.
    CVE-2008-5022 / MFSA 2008-56: The nsXMLHttpRequest::NotifyEventListeners
    method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,
    Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows
    remote attackers to bypass the same-origin policy and execute arbitrary
    script via multiple listeners, which bypass the inner window check.
    CVE-2008-5023 / MFSA 2008-57: Firefox 3.x before 3.0.4, Firefox 2.x
    before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers
    to bypass the protection mechanism for codebase principals and execute
    arbitrary script via the -moz-binding CSS property in a signed JAR file.
    CVE-2008-5024 / MFSA 2008-58: Mozilla Firefox 3.x before 3.0.4, Firefox
    2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x
    before 1.1.13 do not properly escape quote characters used for XML
    processing, allows remote attackers to conduct XML injection attacks via
    the default namespace in an E4X document. CVE-2008-5052 / MFSA 2008-52:
    The AppendAttributeValue function in the JavaScript engine in Mozilla
    Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and
    SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of
    service (crash) via unknown vectors that trigger memory corruption, as
    demonstrated by e4x/extensions/regress-410192.js.

  2. #2

    Exclamation Re: openSUSE 11.0 Mozilla Update Failure

    It's the same for me. Had 11.0 64 for a month or two, all updates went well. Now every time i login it starts packagekitd and it says updating, but nothing's downloading (I'm running conky). If I kill it and try to do manual update, it finds that mozilla-xulrunner 181 needs an update. I start the update, it seems everything went well, but when i restart my comp, everything starts again. I tried removing it, them reinstalling it, nothing changed.

  3. #3
    spiro2903 NNTP User

    Default Re: openSUSE 11.0 Mozilla Update Failure


    It's the same for me. Had 11.0 64 for a month or two, all updates went
    well. Now every time i login it starts packagekitd and it says updating,
    but nothing's downloading (I'm running conky). If I kill it and try to
    do manual update, it finds that mozilla-xulrunner 181 needs an update. I
    start the update, it seems everything went well, but when i restart my
    comp, everything starts again. I tried removing it, them reinstalling
    it, nothing changed.


    --
    spiro2903
    ------------------------------------------------------------------------
    spiro2903's Profile: http://forums.opensuse.org/member.php?userid=8153
    View this thread: http://forums.opensuse.org/showthread.php?t=403544


  4. #4

    Default Re: openSUSE 11.0 Mozilla Update Failure

    I'm still looking for the answer. Can you tell me do you have songbird installed? Don't know if it's relevant but since it's built on xulrunner it might be. Besides I'm also having some sound problems...

  5. #5
    spiro2903 NNTP User

    Default Re: openSUSE 11.0 Mozilla Update Failure


    I'm still looking for the answer. Can you tell me do you have songbird
    installed? Don't know if it's relevant but since it's built on xulrunner
    it might be. Besides I'm also having some sound problems...


    --
    spiro2903
    ------------------------------------------------------------------------
    spiro2903's Profile: http://forums.opensuse.org/member.php?userid=8153
    View this thread: http://forums.opensuse.org/showthread.php?t=403544


  6. #6
    Join Date
    Oct 2008
    Location
    Andover, England
    Posts
    5

    Exclamation Re: openSUSE 11.0 Mozilla Update Failure

    Has anyone found the answer to this yet?

    I'm finding openSUSE getting more like MS (Shock Horror) every day.
    It makes me very and

    I have been using SUSE since 8.2 but might be about to change allegiance!

  7. #7
    rosco136 NNTP User

    Default Re: openSUSE 11.0 Mozilla Update Failure


    Has anyone found the answer to this yet?

    I'm finding openSUSE getting more like MS (Shock Horror) every day.
    It makes me very and

    I have been using SUSE since 8.2 but might be about to change
    allegiance!


    --
    rosco136
    ------------------------------------------------------------------------
    rosco136's Profile: http://forums.opensuse.org/member.php?userid=12325
    View this thread: http://forums.opensuse.org/showthread.php?t=403544


  8. #8
    Join Date
    Jun 2008
    Location
    relative
    Posts
    1,172

    Default Re: openSUSE 11.0 Mozilla Update Failure

    Quote Originally Posted by rosco136 View Post
    Has anyone found the answer to this yet?

    I'm finding openSUSE getting more like MS (Shock Horror) every day.
    It makes me very and

    I have been using SUSE since 8.2 but might be about to change allegiance!
    Are you updating it from the updater applet? Maybe this rpm have some dependencies what the applet can't solve. Go to YaST > Software Management and try updating from there.
    http://mydailyhash.wordpress.com/
    http://yami.googlecode.com/

  9. #9
    ram88 NNTP User

    Default Re: openSUSE 11.0 Mozilla Update Failure


    rosco136;1936975 Wrote:
    > Has anyone found the answer to this yet?
    >
    > I'm finding openSUSE getting more like MS (Shock Horror) every day.
    > It makes me very and
    >
    > I have been using SUSE since 8.2 but might be about to change
    > allegiance!

    Are you updating it from the updater applet? Maybe this rpm have some
    dependencies what the applet can't solve. Go to YaST > Software
    Management and try updating from there.


    --
    http://yami.googlecode.com/
    http://akoskm.blogspot.com/
    ------------------------------------------------------------------------
    ram88's Profile: http://forums.opensuse.org/member.php?userid=1058
    View this thread: http://forums.opensuse.org/showthread.php?t=403544


  10. #10

    Default Re: openSUSE 11.0 Mozilla Update Failure

    Actually I sort of gave up after a while and installed openSUSE 11.1 (this wasn't my only problem), allthough I think 11.0 is somewhat faster and more stable. Frankly I'm waiting for 11.2 and hopefully 2.6.28 or 29 kernel I don't think I'm going to another distro, but lets just hope the next one won't be a work in progress but a well finished product.

    There are some solutions to this problem here:
    Problem with mozilla-xulrunner181 on a 11.0 - openSUSE Forums

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •