Описание
Security update for MozillaFirefox
MozillaFirefox was updated to 45.4.0 ESR to fix the following issues (bsc#999701):
The following security issue were fixed:
- MFSA 2016-86/CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString
- MFSA 2016-86/CVE-2016-5272: Bad cast in nsImageGeometryMixin
- MFSA 2016-86/CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList
- MFSA 2016-86/CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState
- MFSA 2016-86/CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick
- MFSA 2016-86/CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
- MFSA 2016-86/CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
- MFSA 2016-86/CVE-2016-5281: use-after-free in DOMSVGLength
- MFSA 2016-86/CVE-2016-5284: Add-on update site certificate pin expiration
- MFSA 2016-86/CVE-2016-5250: Resource Timing API is storing resources sent by the previous page
- MFSA 2016-86/CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel
- MFSA 2016-86/CVE-2016-5257: Various memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Manager 2.1
SUSE Manager Proxy 2.1
SUSE OpenStack Cloud 5
Ссылки
- Link for SUSE-SU-2016:2513-1
- E-Mail link for SUSE-SU-2016:2513-1
- SUSE Security Ratings
- SUSE Bug 999701
- SUSE CVE CVE-2016-5250 page
- SUSE CVE CVE-2016-5257 page
- SUSE CVE CVE-2016-5261 page
- SUSE CVE CVE-2016-5270 page
- SUSE CVE CVE-2016-5272 page
- SUSE CVE CVE-2016-5274 page
- SUSE CVE CVE-2016-5276 page
- SUSE CVE CVE-2016-5277 page
- SUSE CVE CVE-2016-5278 page
- SUSE CVE CVE-2016-5280 page
- SUSE CVE CVE-2016-5281 page
- SUSE CVE CVE-2016-5284 page
Описание
Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls.
Затронутые продукты
Ссылки
- CVE-2016-5250
- SUSE Bug 991809
- SUSE Bug 999701
Описание
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Затронутые продукты
Ссылки
- CVE-2016-5257
- SUSE Bug 999701
Описание
Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering.
Затронутые продукты
Ссылки
- CVE-2016-5261
- SUSE Bug 991809
- SUSE Bug 999701
Описание
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion.
Затронутые продукты
Ссылки
- CVE-2016-5270
- SUSE Bug 999701
Описание
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site.
Затронутые продукты
Ссылки
- CVE-2016-5272
- SUSE Bug 999701
Описание
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation.
Затронутые продукты
Ссылки
- CVE-2016-5274
- SUSE Bug 999701
Описание
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute.
Затронутые продукты
Ссылки
- CVE-2016-5276
- SUSE Bug 999701
Описание
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation.
Затронутые продукты
Ссылки
- CVE-2016-5277
- SUSE Bug 999701
Описание
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image.
Затронутые продукты
Ссылки
- CVE-2016-5278
- SUSE Bug 999701
Описание
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text.
Затронутые продукты
Ссылки
- CVE-2016-5280
- SUSE Bug 999701
Описание
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document.
Затронутые продукты
Ссылки
- CVE-2016-5281
- SUSE Bug 999701
Описание
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority.
Затронутые продукты
Ссылки
- CVE-2016-5284
- SUSE Bug 999701