SUSE 12 SP5: SUSE-SU-2024:3518-1 important: MozillaFirefox Update
suse
October 3, 2024
* bsc#1230979 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5
Summary
## This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 128.3.0 ESR (MFSA-2024-47, bsc#1230979): * CVE-2024-8900: Clipboard write permission bypass * CVE-2024-9392: Compromised content process can bypass site isolation * CVE-2024-9393: Cross-origin access to PDF contents through multipart responses * CVE-2024-9394: Cross-origin access to JSON contents through multipart responses * CVE-2024-9396: Potential memory corruption may occur when cloning certain objects * CVE-2024-9397: Potential directory upload bypass via clickjacking * CVE-2024-9398: External protocol handlers could be enumerated via popups * CVE-2024-9399: Specially crafted WebTransport requests could lead to denial of service
References
* bsc#1230979
Affected Products:
* SUSE Linux Enterprise High Performance Computing 12 SP5
* SUSE Linux Enterprise Server 12 SP5
* SUSE Linux Enterprise Server for SAP Applications 12 SP5
* SUSE Linux Enterprise Software Development Kit 12 SP5
An update that has one security fix can now be installed.
##
* https://bugzilla.suse.com/show_bug.cgi?id=1230979
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2024:3518-1
Release Date: 2024-10-03T13:04:34Z
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!