Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2019:2872-1 Important: MozillaFirefox Buffer Overflow and More

suse
Calendar Grey October 31, 2019
Dist Suse Esm H88
The latest Mozilla Firefox security patch for SUSE addresses 51 significant vulnerabilities, encompassing a range of overflow issues and concerns related to memory safety.
An update that fixes 51 vulnerabilities is now available

Summary

This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR (bsc#1154738). Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). - CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738). - CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738). - CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).

Topics%20covered

Topics Covered

security advisory security issue buffer overflow software update important SUSE MozillaFirefox

References

#1010399 #1010405 #1010406 #1010408 #1010409

#1010421 #1010423 #1010424 #1010425 #1010426

#1025108 #1043008 #1047281 #1074235 #1092611

#1120374 #1137990 #1149429 #1154738 #959933

#983922

Cross- CVE-2016-2830 CVE-2016-5289 CVE-2016-5292

CVE-2016-9063 CVE-2016-9067 CVE-2016-9068

CVE-2016-9069 CVE-2016-9071 CVE-2016-9073

CVE-2016-9075 CVE-2016-9076 CVE-2016-9077

CVE-2017-7789 CVE-2018-5150 CVE-2018-5151

CVE-2018-5152 CVE-2018-5153 CVE-2018-5154

CVE-2018-5155 CVE-2018-5157 CVE-2018-5158

CVE-2018-5159 CVE-2018-5160 CVE-2018-5163

CVE-2018-5164 CVE-2018-5165 CVE-2018-5166

CVE-2018-5167 CVE-2018-5168 CVE-2018-5169

CVE-2018-5172 CVE-2018-5173 CVE-2018-5174

CVE-2018-5175 CVE-2018-5176 CVE-2018-5177

...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:2872-1
Rating: important

Topics%20covered

Topics Covered

security advisory security issue buffer overflow software update important SUSE MozillaFirefox

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here