SUSE: 2017:0714-1 Important: MozillaFirefox Critical Memory Safety Issue

suse

March 17, 2017

An update that fixes 10 vulnerabilities is now available

Summary

This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed (bsc#1028391): - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP - CVE-2017-5401: Memory Corruption when handling ErrorResult - CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters - CVE-2017-5404: Use-after-free working with ranges in selections - CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports - CVE-2017-5408: Cross-origin reading of video captions in violation of CORS - CVE-2017-5409: File deletion via callback parameter in Mozilla Windows

Topics Covered

security advisory critical issue software update important SUSE Linux memory safety MozillaFirefox

References

#1028391

Cross- CVE-2017-5398 CVE-2017-5400 CVE-2017-5401

CVE-2017-5402 CVE-2017-5404 CVE-2017-5405

CVE-2017-5407 CVE-2017-5408 CVE-2017-5409

CVE-2017-5410

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP2

SUSE Linux Enterprise Software Development Kit 12-SP1

SUSE Linux Enterprise Server for SAP 12

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2

SUSE Linux Enterprise Server 12-SP2

SUSE Linux Enterprise Server 12-SP1

SUSE Linux Enterprise Server 12-LTSS

SUSE Linux Enterprise Desktop 12-SP2

SUSE Linux Enterprise Desktop 12-SP1

https://www.suse.com/security/cve/CVE-2017-5398.html

https://www.suse.com/security/cve/CVE-2017-5400.html

https://www.suse.com/security/cve/CVE-2017-5401.html

https://www.suse.com/security/cve...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2017:0714-1

Rating: important

Topics Covered

security advisory critical issue software update important SUSE Linux memory safety MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:0714-1 Important: MozillaFirefox Critical Memory Safety Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:0714-1 Important: MozillaFirefox Critical Memory Safety Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!