Описание
Security update for MozillaFirefox
This security update (bsc#940918) fixes the following issues:
- MFSA 2015-78 (CVE-2015-4495, bmo#1178058): Same origin violation
- Remove PlayPreview registration from PDF Viewer (bmo#1179262)
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
MozillaFirefox-31.8.0esr-0.13.2
MozillaFirefox-translations-31.8.0esr-0.13.2
SUSE Linux Enterprise Desktop 11 SP4
MozillaFirefox-31.8.0esr-0.13.2
MozillaFirefox-translations-31.8.0esr-0.13.2
SUSE Linux Enterprise Server 11 SP3
MozillaFirefox-31.8.0esr-0.13.2
MozillaFirefox-translations-31.8.0esr-0.13.2
SUSE Linux Enterprise Server 11 SP3-TERADATA
MozillaFirefox-31.8.0esr-0.13.2
MozillaFirefox-translations-31.8.0esr-0.13.2
SUSE Linux Enterprise Server 11 SP4
MozillaFirefox-31.8.0esr-0.13.2
MozillaFirefox-translations-31.8.0esr-0.13.2
SUSE Linux Enterprise Server for SAP Applications 11 SP3
MozillaFirefox-31.8.0esr-0.13.2
MozillaFirefox-translations-31.8.0esr-0.13.2
SUSE Linux Enterprise Server for SAP Applications 11 SP4
MozillaFirefox-31.8.0esr-0.13.2
MozillaFirefox-translations-31.8.0esr-0.13.2
SUSE Linux Enterprise Software Development Kit 11 SP3
MozillaFirefox-devel-31.8.0esr-0.13.2
SUSE Linux Enterprise Software Development Kit 11 SP4
MozillaFirefox-devel-31.8.0esr-0.13.2
Ссылки
- Link for SUSE-SU-2015:1380-1
- E-Mail link for SUSE-SU-2015:1380-1
- SUSE Security Ratings
- SUSE Bug 940918
- SUSE CVE CVE-2015-4495 page
Описание
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-31.8.0esr-0.13.2
SUSE Linux Enterprise Desktop 11 SP3:MozillaFirefox-translations-31.8.0esr-0.13.2
SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-31.8.0esr-0.13.2
SUSE Linux Enterprise Desktop 11 SP4:MozillaFirefox-translations-31.8.0esr-0.13.2
Ссылки
- CVE-2015-4495
- SUSE Bug 863095
- SUSE Bug 940806
- SUSE Bug 940918