SUSE: 2017:2872-2 Important Update: Mozilla Firefox Security Issues

suse

November 13, 2017

An update that fixes 9 vulnerabilities is now available

Summary

This update for MozillaFirefox and mozilla-nss fixes the following issues: Mozilla Firefox was updated to ESR 52.4 (bsc#1060445) * MFSA 2017-22/CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces * MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes * MFSA 2017-22/CVE-2017-7819: Use-after-free while resizing images in design mode * MFSA 2017-22/CVE-2017-7818: Use-after-free during ARIA array manipulation * MFSA 2017-22/CVE-2017-7793: Use-after-free with Fetch API * MFSA 2017-22/CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE * MFSA 2017-22/CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 * MFSA 2017-22/CVE-2017-7823: CSP sandbox directive did not create a unique origin

Topics Covered

security advisory important security patch SUSE Linux MozillaFirefox mozilla-nss

References

#1060445 #1061005

Cross- CVE-2017-7793 CVE-2017-7805 CVE-2017-7810

CVE-2017-7814 CVE-2017-7818 CVE-2017-7819

CVE-2017-7823 CVE-2017-7824 CVE-2017-7825

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-SP3-LTSS

https://www.suse.com/security/cve/CVE-2017-7793.html

https://www.suse.com/security/cve/CVE-2017-7805.html

https://www.suse.com/security/cve/CVE-2017-7810.html

https://www.suse.com/security/cve/CVE-2017-7814.html

https://www.suse.com/security/cve/CVE-2017-7818.html

https://www.suse.com/security/cve/CVE-2017-7819.html

https://www.suse.com/security/cve/CVE-2017-7823.html

https://www.suse.com/security/cve/CVE-2017-7824.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2017:2872-2

Rating: important

Topics Covered

security advisory important security patch SUSE Linux MozillaFirefox mozilla-nss

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:2872-2 Important Update: Mozilla Firefox Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2017:2872-2 Important Update: Mozilla Firefox Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!