exploitDog

SUSE-SU-2016:3048-1

Опубликовано: 07 дек. 2016

Источник: suse-cvrf

Описание

Security update for MozillaFirefox

This update for MozillaFirefox fixes security issues.

The following vulnerabilities were fixed in Firefox ESR 45.5.1 (bbsc#1012964):

CVE-2016-9079: Use-after-free in SVG Animation could be used for code execution (MFSA 2016-92 bsc#1012964)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Desktop 12 SP2

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Server 12 SP1

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Server 12 SP2

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Server 12-LTSS

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Server for SAP Applications 12

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Server for SAP Applications 12 SP1

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

MozillaFirefox-45.5.1esr-93.1

MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Software Development Kit 12 SP1

MozillaFirefox-devel-45.5.1esr-93.1

SUSE Linux Enterprise Software Development Kit 12 SP2

MozillaFirefox-devel-45.5.1esr-93.1

Ссылки

https://www.suse.com/support/update/announcement/2016/suse-su-20163048-1/
Link for SUSE-SU-2016:3048-1
https://lists.suse.com/pipermail/sle-security-updates/2016-December/002451.html
E-Mail link for SUSE-SU-2016:3048-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1012964
SUSE Bug 1012964
https://www.suse.com/security/cve/CVE-2016-9079/
SUSE CVE CVE-2016-9079 page

Описание

A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-45.5.1esr-93.1

SUSE Linux Enterprise Desktop 12 SP1:MozillaFirefox-translations-45.5.1esr-93.1

SUSE Linux Enterprise Desktop 12 SP2:MozillaFirefox-45.5.1esr-93.1

SUSE Linux Enterprise Desktop 12 SP2:MozillaFirefox-translations-45.5.1esr-93.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-9079.html
CVE-2016-9079
https://bugzilla.suse.com/1012964
SUSE Bug 1012964