Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2017:1248-1 Important: MozillaFirefox Security Fixes

suse
Calendar Grey May 11, 2017
Dist Suse Esm H88
Critical fixes for MozillaFirefox and other packages are now available in the latest SUSE security update.
An update that fixes 29 vulnerabilities is now available

Summary

Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 (close to release draft) and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox (bsc#1035082) - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generated code - MFSA 2017-11/CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 - MFSA 2017-11/CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing - MFSA 2017-11/CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing - MFSA 2017-11/CVE-2017-5437: Vulnerabilities in Libevent library - MFSA 2017-11/CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2

Topics%20covered

Topics Covered

security advisory buffer overflow security improvement SUSE memory safety important patch MozillaFirefox

References

#1015499 #1015547 #1021636 #1026102 #1030071

#1035082 #983639

Cross- CVE-2016-1950 CVE-2016-2834 CVE-2016-8635

CVE-2016-9574 CVE-2017-5429 CVE-2017-5432

CVE-2017-5433 CVE-2017-5434 CVE-2017-5435

CVE-2017-5436 CVE-2017-5437 CVE-2017-5438

CVE-2017-5439 CVE-2017-5440 CVE-2017-5441

CVE-2017-5442 CVE-2017-5443 CVE-2017-5444

CVE-2017-5445 CVE-2017-5446 CVE-2017-5447

CVE-2017-5448 CVE-2017-5459 CVE-2017-5460

CVE-2017-5461 CVE-2017-5462 CVE-2017-5464

CVE-2017-5465 CVE-2017-5469

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP2

SUSE Linux Enterprise Software Development Kit 12-SP1

SUSE Linux Enterprise Server for SAP 12

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2

SUSE L...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:1248-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow security improvement SUSE memory safety important patch MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here