Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

UBUNTU: 2021:75312-3 Critical: Chrome, chromium-browser, libchromiumcontent

suse
Calendar Grey December 20, 2019
Dist Suse Esm H88
The SUSE team has rolled out a crucial security patch for MozillaFirefox, mozilla-nspr, and mozilla-nss to tackle several vulnerabilities.
An update that fixes 8 vulnerabilities is now available

Summary

This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues: Update Firefox Extended Support Release to 68.3.0 ESR (MFSA 2019-37 / bsc#1158328) Security issues fixed: - CVE-2019-17008: Use-after-free in worker destruction (bmo#1546331). - CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code (bmo#1580156). - CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher (bmo#1586176). - CVE-2019-17009: Updater temporary files accessible to unprivileged processes (bmo#1510494). - CVE-2019-17010: Use-after-free when performing device orientation checks (bmo#1581084). - CVE-2019-17005: Buffer overflow in plain text serializer (bmo#1584170). - CVE-2019-17011: Use-after-free when retrieving a document in

Topics%20covered

Topics Covered

security advisory security issue important SUSE Linux MozillaFirefox mozilla-nss mozilla-nspr

References

#1158328 #1158527

Cross- CVE-2019-11745 CVE-2019-13722 CVE-2019-17005

CVE-2019-17008 CVE-2019-17009 CVE-2019-17010

CVE-2019-17011 CVE-2019-17012

Affected Products:

SUSE Linux Enterprise Server 11-SP4-LTSS

https://www.suse.com/security/cve/CVE-2019-11745.html

https://www.suse.com/security/cve/CVE-2019-13722.html

https://www.suse.com/security/cve/CVE-2019-17005.html

https://www.suse.com/security/cve/CVE-2019-17008.html

https://www.suse.com/security/cve/CVE-2019-17009.html

https://www.suse.com/security/cve/CVE-2019-17010.html

https://www.suse.com/security/cve/CVE-2019-17011.html

https://www.suse.com/security/cve/CVE-2019-17012.html

https://bugzilla.suse.com/1158328

https://bugzilla.suse.com/1158527

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:14260-1
Rating: important

Topics%20covered

Topics Covered

security advisory security issue important SUSE Linux MozillaFirefox mozilla-nss mozilla-nspr

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here