Описание
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
- update to Firefox 38.6.1 ESR (bsc#967087)
- MFSA 2016-14/CVE-2016-1523 (bmo#1246093) Vulnerabilities in Graphite 2
Список пакетов
SUSE Linux Enterprise Desktop 12
MozillaFirefox-38.6.1esr-60.1
MozillaFirefox-translations-38.6.1esr-60.1
SUSE Linux Enterprise Desktop 12 SP1
MozillaFirefox-38.6.1esr-60.1
MozillaFirefox-translations-38.6.1esr-60.1
SUSE Linux Enterprise Server 12
MozillaFirefox-38.6.1esr-60.1
MozillaFirefox-translations-38.6.1esr-60.1
SUSE Linux Enterprise Server 12 SP1
MozillaFirefox-38.6.1esr-60.1
MozillaFirefox-translations-38.6.1esr-60.1
SUSE Linux Enterprise Server for SAP Applications 12
MozillaFirefox-38.6.1esr-60.1
MozillaFirefox-translations-38.6.1esr-60.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
MozillaFirefox-38.6.1esr-60.1
MozillaFirefox-translations-38.6.1esr-60.1
SUSE Linux Enterprise Software Development Kit 12
MozillaFirefox-devel-38.6.1esr-60.1
SUSE Linux Enterprise Software Development Kit 12 SP1
MozillaFirefox-devel-38.6.1esr-60.1
Ссылки
- Link for SUSE-SU-2016:0554-1
- E-Mail link for SUSE-SU-2016:0554-1
- SUSE Security Ratings
- SUSE Bug 967087
- SUSE CVE CVE-2016-1523 page
Описание
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-38.6.1esr-60.1
SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-38.6.1esr-60.1
SUSE Linux Enterprise Desktop 12:MozillaFirefox-38.6.1esr-60.1
SUSE Linux Enterprise Desktop 12:MozillaFirefox-translations-38.6.1esr-60.1
Ссылки
- CVE-2016-1523
- SUSE Bug 965803
- SUSE Bug 965806
- SUSE Bug 965807
- SUSE Bug 965810
- SUSE Bug 967087