SUSE 2018:4236-2 Important: MozillaFirefox & NSS Security Flaws

suse

April 15, 2019

An update that fixes 9 vulnerabilities is now available

Summary

This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in MozillaFirefox: - Update to Firefox ESR 60.4 (bsc#1119105) - CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 - CVE-2018-18492: Fixed a use-after-free with select element - CVE-2018-18493: Fixed a buffer overflow in accelerated 2D canvas with Skia - CVE-2018-18494: Fixed a Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs - CVE-2018-18498: Fixed a integer overflow when calculating buffer sizes for images - CVE-2018-12405: Fixed a few memory safety bugs Issues fixed in mozilla-nss: - Update to NSS 3.40.1 (bsc#1119105)

Topics Covered

security advisory buffer overflow SUSE important patch nspr nss MozillaFirefox

References

#1097410 #1106873 #1119069 #1119105

Cross- CVE-2018-0495 CVE-2018-12384 CVE-2018-12404

CVE-2018-12405 CVE-2018-17466 CVE-2018-18492

CVE-2018-18493 CVE-2018-18494 CVE-2018-18498

Affected Products:

SUSE Linux Enterprise Server for SAP 12-SP1

https://www.suse.com/security/cve/CVE-2018-0495.html

https://www.suse.com/security/cve/CVE-2018-12384.html

https://www.suse.com/security/cve/CVE-2018-12404.html

https://www.suse.com/security/cve/CVE-2018-12405.html

https://www.suse.com/security/cve/CVE-2018-17466.html

https://www.suse.com/security/cve/CVE-2018-18492.html

https://www.suse.com/security/cve/CVE-2018-18493.html

https://www.suse.com/security/cve/CVE-2018-18494.html

https://www.suse.com/security/cve/CVE-2018-18498.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:4236-2

Rating: important

Topics Covered

security advisory buffer overflow SUSE important patch nspr nss MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 2018:4236-2 Important: MozillaFirefox & NSS Security Flaws

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 2018:4236-2 Important: MozillaFirefox & NSS Security Flaws

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!