Описание
Security update for MozillaFirefox
This security update (bsc#940918) fixes the following issues:
- MFSA 2015-78: (CVE-2015-4495, bmo#1178058): Same origin violation
- Remove PlayPreview registration from PDF Viewer (bmo#1179262)
Список пакетов
SUSE Linux Enterprise Desktop 12
MozillaFirefox-31.8.0esr-40.1
MozillaFirefox-translations-31.8.0esr-40.1
SUSE Linux Enterprise Server 12
MozillaFirefox-31.8.0esr-40.1
MozillaFirefox-translations-31.8.0esr-40.1
SUSE Linux Enterprise Server for SAP Applications 12
MozillaFirefox-31.8.0esr-40.1
MozillaFirefox-translations-31.8.0esr-40.1
SUSE Linux Enterprise Software Development Kit 12
MozillaFirefox-devel-31.8.0esr-40.1
Ссылки
- Link for SUSE-SU-2015:1379-1
- E-Mail link for SUSE-SU-2015:1379-1
- SUSE Security Ratings
- SUSE Bug 940918
- SUSE CVE CVE-2015-4495 page
Описание
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:MozillaFirefox-31.8.0esr-40.1
SUSE Linux Enterprise Desktop 12:MozillaFirefox-translations-31.8.0esr-40.1
SUSE Linux Enterprise Server 12:MozillaFirefox-31.8.0esr-40.1
SUSE Linux Enterprise Server 12:MozillaFirefox-translations-31.8.0esr-40.1
Ссылки
- CVE-2015-4495
- SUSE Bug 863095
- SUSE Bug 940806
- SUSE Bug 940918