Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

SUSE: 2019:1405-1 Important Update for Mozilla Firefox Buffer Overflow

suse
Calendar Grey June 3, 2019
Dist Suse Esm H88
Critical patch for MozillaFirefox resolves various vulnerabilities with a significant advisory warning for SUSE clients.
An update that fixes 13 vulnerabilities is now available

Summary

This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox - CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks - CVE-2019-7317: Use-after-free in png_image_free of libpng library - CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 - CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS - CVE-2019-9816: Type confusion with object groups and UnboxedObjects

References

#1135824

Cross- CVE-2019-11691 CVE-2019-11692 CVE-2019-11693

CVE-2019-11694 CVE-2019-11698 CVE-2019-7317

CVE-2019-9800 CVE-2019-9815 CVE-2019-9816

CVE-2019-9817 CVE-2019-9818 CVE-2019-9819

CVE-2019-9820

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Desktop Applications 15-SP1

SUSE Linux Enterprise Module for Desktop Applications 15

https://www.suse.com/security/cve/CVE-2019-11691.html

https://www.suse.com/security/cve/CVE-2019-11692.html

https://www.suse.com/security/cve/CVE-2019-11693.html

https://www.suse.com/security/cve/CVE-2019-11694.html

https://www.suse.com/security/cve/CVE-2019-11698.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:1405-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.