Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Ubuntu 18.04 LTS USN-3761-3: Firefox Update Fixes Denial of Service

ubuntu
Calendar Grey September 17, 2018
Dist Ubuntu Esm H88
Ubuntu Security Announcement USN-3761-4 addresses recent Firefox issues impacting LTS versions of Ubuntu following earlier patches.
USN-3761-1 caused several regressions in Firefox.

Summary

USN-3761-1 caused several regressions in Firefox.

Software Description:

- firefox: Mozilla Open Source web browser

Details:

USN-3761-1 fixed vulnerabilities in Firefox. The update caused several

regressions affecting spellchecker dictionaries and search engines, which

were partially fixed by USN-3761-2. This update contains the remaining fix.

We apologize for the inconvenience.

Original advisory details:

 Multiple security issues were discovered in Firefox. If a user were

 tricked in to opening a specially crafted website, an attacker could

 potentially exploit these to cause a denial of service, or execute

 arbitrary code. (CVE-2018-12375, CVE-2018-12376, CVE-2018-12377,

 CVE-2018-12378)

 

 It was discovered that if a user saved passwords before Firefox 58 and

 then later set a master password, an unencrypted copy of these passwords

 would still be accessible. A local user could exploit this to obtain

 sensitive information. (CVE-2018-12383)

...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  firefox                         62.0+build2-0ubuntu0.18.04.5

Ubuntu 16.04 LTS:
  firefox                         62.0+build2-0ubuntu0.16.04.5

Ubuntu 14.04 LTS:
  firefox                         62.0+build2-0ubuntu0.14.04.5

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-3761-3

  https://ubuntu.com/security/notices/USN-3761-1

  https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1791789, https://ubuntu.com/security/notices/USN-3761-2

Severity
important
Lowest
Low
Medium
High
Critical

September 17, 2018

Package Information

  https://launchpad.net/ubuntu/+source/firefox/62.0+build2-0ubuntu0.18.04.5
  https://launchpad.net/ubuntu/+source/firefox/62.0+build2-0ubuntu0.16.04.5
  https://launchpad.net/ubuntu/+source/firefox/62.0+build2-0ubuntu0.14.04.5

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.