Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2019:14173-1 Important: MozillaFirefox, firefox-glib2 Updates

suse
Calendar Grey September 17, 2019
Dist Suse Esm H88
SUSE Security Announcement addresses several vulnerabilities found in MozillaFirefox, firefox-glib2, and firefox-gtk3. Act promptly.
An update that fixes 8 vulnerabilities is now available

Summary

This update for MozillaFirefox, firefox-glib2, firefox-gtk3 fixes the following issues: Mozilla Firefox was updated to the 60.9.0esr release: Security Advisory MFSA 2019-27: * Use-after-free while manipulating video CVE-2019-11746 (bmo#1564449, bsc#1149297) * XSS by breaking out of title and textarea elements using innerHTML CVE-2019-11744 (bmo#1562033, bsc#1149297) * Same-origin policy violation with SVG filters and canvas to steal cross-origin images CVE-2019-11742 (bmo#1559715, bsc#1149303) * Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location CVE-2019-11753 (bmo#1574980, bsc#1149295) * Use-after-free while extracting a key value in IndexedDB CVE-2019-11752 (bmo#1501152, bsc#1149296)

Topics%20covered

Topics Covered

security advisory update important SUSE MozillaFirefox firefox-glib2 firefox-gtk3

References

#1145550 #1149294 #1149295 #1149296 #1149297

#1149298 #1149299 #1149303

Cross- CVE-2019-11740 CVE-2019-11742 CVE-2019-11743

CVE-2019-11744 CVE-2019-11746 CVE-2019-11752

CVE-2019-11753 CVE-2019-9812

Affected Products:

SUSE Linux Enterprise Server 11-SP4-LTSS

https://www.suse.com/security/cve/CVE-2019-11740.html

https://www.suse.com/security/cve/CVE-2019-11742.html

https://www.suse.com/security/cve/CVE-2019-11743.html

https://www.suse.com/security/cve/CVE-2019-11744.html

https://www.suse.com/security/cve/CVE-2019-11746.html

https://www.suse.com/security/cve/CVE-2019-11752.html

https://www.suse.com/security/cve/CVE-2019-11753.html

https://www.suse.com/security/cve/CVE-2019-9812.html

https://bugzilla.suse.com/1145550

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:14173-1
Rating: important

Topics%20covered

Topics Covered

security advisory update important SUSE MozillaFirefox firefox-glib2 firefox-gtk3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here