| Revision Date: | 2017-03-17 | Version: | 1 |
| Title: | Security update for MozillaFirefox (Important) |
| Description: |
This update for MozillaFirefox to ESR 45.8 fixes the following issues:
Security issues fixed (bsc#1028391): - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP - CVE-2017-5401: Memory Corruption when handling ErrorResult - CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters - CVE-2017-5404: Use-after-free working with ranges in selections - CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports - CVE-2017-5408: Cross-origin reading of video captions in violation of CORS - CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service - CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1028391
CVE-2017-5398
CVE-2017-5400
CVE-2017-5401
CVE-2017-5402
CVE-2017-5404
CVE-2017-5405
CVE-2017-5407
CVE-2017-5408
CVE-2017-5409
CVE-2017-5410
SUSE-SU-2017:0714-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information
MozillaFirefox-45.8.0esr-102.1 is installed
OR MozillaFirefox-translations-45.8.0esr-102.1 is installed
|