Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 428
Alerts This Week
Warning Icon 1 428

SUSE: 2018:1334-2 Important: MozillaFirefox Buffer Overflow Fix

suse
Calendar Grey October 18, 2018
Dist Suse Esm H88
New update issued for Mozilla Firefox resolves 10 vulnerabilities related to memory management and buffer overflow problems.
An update that fixes 10 vulnerabilities is now available

Summary

This update for MozillaFirefox to the ESR 52.8 release fixes the following issues: Mozil to Firefox ESR 52.8 (bsc#1092548) Security issues fixed: - MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia - MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer - MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction - MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 - MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths - MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia - MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files - MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths

References

#1092548

Cross- CVE-2018-5150 CVE-2018-5154 CVE-2018-5155

CVE-2018-5157 CVE-2018-5158 CVE-2018-5159

CVE-2018-5168 CVE-2018-5174 CVE-2018-5178

CVE-2018-5183

Affected Products:

SUSE Linux Enterprise Server 12-SP2-BCL

https://www.suse.com/security/cve/CVE-2018-5150.html

https://www.suse.com/security/cve/CVE-2018-5154.html

https://www.suse.com/security/cve/CVE-2018-5155.html

https://www.suse.com/security/cve/CVE-2018-5157.html

https://www.suse.com/security/cve/CVE-2018-5158.html

https://www.suse.com/security/cve/CVE-2018-5159.html

https://www.suse.com/security/cve/CVE-2018-5168.html

https://www.suse.com/security/cve/CVE-2018-5174.html

https://www.suse.com/security/cve/CVE-2018-5178.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2018:1334-2
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.