Oval Definition:oval:org.opensuse.security:def:78818
Revision Date:2017-10-10Version:1
Title:Security update for MozillaFirefox, mozilla-nss (Important)
Description:

This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the following issues:

This security issue was fixed for mozilla-nss:

- CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating handshake hashes (bsc#1061005)

These security issues were fixed for Firefox

- CVE-2017-7825: Fixed some Tibetan and Arabic unicode characters rendering (bsc#1060445). - CVE-2017-7805: Prevent Use-after-free in TLS 1.2 generating handshake hashes (bsc#1060445). - CVE-2017-7819: Prevent Use-after-free while resizing images in design mode (bsc#1060445). - CVE-2017-7818: Prevent Use-after-free during ARIA array manipulation (bsc#1060445). - CVE-2017-7793: Prevent Use-after-free with Fetch API (bsc#1060445). - CVE-2017-7824: Prevent Buffer overflow when drawing and validating elements with ANGLE (bsc#1060445). - CVE-2017-7810: Fixed several memory safety bugs (bsc#1060445). - CVE-2017-7823: CSP sandbox directive did not create a unique origin (bsc#1060445). - CVE-2017-7814: Blob and data URLs bypassed phishing and malware protection warnings (bsc#1060445).
Family:unixClass:patch
Status:Reference(s):1060445
1061005
CVE-2017-7793
CVE-2017-7805
CVE-2017-7810
CVE-2017-7814
CVE-2017-7818
CVE-2017-7819
CVE-2017-7823
CVE-2017-7824
CVE-2017-7825
SUSE-SU-2017:2688-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-52.4.0esr-109.6.2 is installed
  • OR MozillaFirefox-translations-52.4.0esr-109.6.2 is installed
  • OR libfreebl3-3.29.5-58.3.1 is installed
  • OR libfreebl3-32bit-3.29.5-58.3.1 is installed
  • OR libsoftokn3-3.29.5-58.3.1 is installed
  • OR libsoftokn3-32bit-3.29.5-58.3.1 is installed
  • OR mozilla-nss-3.29.5-58.3.1 is installed
  • OR mozilla-nss-32bit-3.29.5-58.3.1 is installed
  • OR mozilla-nss-certs-3.29.5-58.3.1 is installed
  • OR mozilla-nss-certs-32bit-3.29.5-58.3.1 is installed
  • OR mozilla-nss-sysinit-3.29.5-58.3.1 is installed
  • OR mozilla-nss-sysinit-32bit-3.29.5-58.3.1 is installed
  • OR mozilla-nss-tools-3.29.5-58.3.1 is installed
    • BACK