Описание
Recommended update for MozillaFirefox
This update for MozillaFirefox to version 60.7.1 fixes the following issues:
Security issue fixed:
- CVE-2019-11707: Fixed a type confusion vulnerability in Arrary.pop (bsc#1138614)
Other issue addressed:
- Fixed broken language plugins (bsc#1137792)
Список пакетов
SUSE Enterprise Storage 4
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-devel-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Desktop 12 SP3
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Desktop 12 SP4
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server 12 SP1-LTSS
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-devel-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server 12 SP2-BCL
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-devel-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server 12 SP2-LTSS
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-devel-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server 12 SP3
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server 12 SP4
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server 12-LTSS
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-devel-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-devel-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-devel-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Software Development Kit 12 SP3
MozillaFirefox-devel-60.7.1-109.77.1
SUSE Linux Enterprise Software Development Kit 12 SP4
MozillaFirefox-devel-60.7.1-109.77.1
SUSE OpenStack Cloud 7
MozillaFirefox-60.7.1-109.77.1
MozillaFirefox-devel-60.7.1-109.77.1
MozillaFirefox-translations-common-60.7.1-109.77.1
Ссылки
- Link for SUSE-RU-2019:1625-1
- E-Mail link for SUSE-RU-2019:1625-1
- SUSE Security Ratings
- SUSE Bug 1137792
- SUSE Bug 1138614
- SUSE CVE CVE-2019-11707 page
Описание
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird < 60.7.2.
Затронутые продукты
SUSE Enterprise Storage 4:MozillaFirefox-60.7.1-109.77.1
SUSE Enterprise Storage 4:MozillaFirefox-devel-60.7.1-109.77.1
SUSE Enterprise Storage 4:MozillaFirefox-translations-common-60.7.1-109.77.1
SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-60.7.1-109.77.1
Ссылки
- CVE-2019-11707
- SUSE Bug 1138614