Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2019:14124-1 Important: MozillaFirefox Security Issues Fixed

suse
Calendar Grey July 17, 2019
Dist Suse Esm H88
SUSE Security Advisory: Critical patch for GoogleChrome rectifying several vulnerabilities and enhancements.
An update that fixes 12 vulnerabilities is now available

Summary

This update for MozillaFirefox to version ESR 60.8 fixes the following issues: Security issues fixed: - CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868). - CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868). - CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868). - CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868). - CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868). - CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868). - CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868).

Topics%20covered

Topics Covered

security advisory important SUSE updates sandbox escape script injection MozillaFirefox

References

#1137792 #1138614 #1138872 #1140868

Cross- CVE-2019-11707 CVE-2019-11708 CVE-2019-11709

CVE-2019-11711 CVE-2019-11712 CVE-2019-11713

CVE-2019-11715 CVE-2019-11717 CVE-2019-11719

CVE-2019-11729 CVE-2019-11730 CVE-2019-9811

Affected Products:

SUSE Linux Enterprise Server 11-SP4-LTSS

https://www.suse.com/security/cve/CVE-2019-11707.html

https://www.suse.com/security/cve/CVE-2019-11708.html

https://www.suse.com/security/cve/CVE-2019-11709.html

https://www.suse.com/security/cve/CVE-2019-11711.html

https://www.suse.com/security/cve/CVE-2019-11712.html

https://www.suse.com/security/cve/CVE-2019-11713.html

https://www.suse.com/security/cve/CVE-2019-11715.html

https://www.suse.com/security/cve/CVE-2019-11717.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:14124-1
Rating: important

Topics%20covered

Topics Covered

security advisory important SUSE updates sandbox escape script injection MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here