Описание
Security update for MozillaFirefox, mozilla-nss
This update for MozillaFirefox, mozilla-nss fixes security issues and bugs.
The following vulnerabilities were fixed in Firefox ESR 45.5.1 (bsc#1009026):
- CVE-2016-9079: Use-after-free in SVG Animation (bsc#1012964 MFSA 2016-92)
- CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401)
- CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404)
- CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395)
- CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402)
- CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427)
- CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410)
The following vulnerabilities were fixed in mozilla-nss 3.21.3:
- CVE-2016-9074: Insufficient timing side-channel resistance in divSpoiler (bsc#1010422)
- CVE-2016-5285: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash (bsc#1010517)
The following bugs were fixed:
- Firefox would fail to go into fullscreen mode with some window managers (bsc#992549)
- font warning messages would flood console, now using fontconfig configuration from firefox-fontconfig instead of the system one (bsc#1000751)
Список пакетов
SUSE Linux Enterprise Server 11 SP2-LTSS
Ссылки
- Link for SUSE-SU-2016:3105-1
- E-Mail link for SUSE-SU-2016:3105-1
- SUSE Security Ratings
- SUSE Bug 1000751
- SUSE Bug 1009026
- SUSE Bug 1010395
- SUSE Bug 1010401
- SUSE Bug 1010402
- SUSE Bug 1010404
- SUSE Bug 1010410
- SUSE Bug 1010422
- SUSE Bug 1010427
- SUSE Bug 1010517
- SUSE Bug 1012964
- SUSE Bug 992549
- SUSE CVE CVE-2016-5285 page
- SUSE CVE CVE-2016-5290 page
- SUSE CVE CVE-2016-5291 page
- SUSE CVE CVE-2016-5296 page
- SUSE CVE CVE-2016-5297 page
Описание
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
Затронутые продукты
Ссылки
- CVE-2016-5285
- SUSE Bug 1010517
Описание
Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
Затронутые продукты
Ссылки
- CVE-2016-5290
- SUSE Bug 1009026
- SUSE Bug 1010427
Описание
A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
Затронутые продукты
Ссылки
- CVE-2016-5291
- SUSE Bug 1009026
- SUSE Bug 1010410
Описание
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
Затронутые продукты
Ссылки
- CVE-2016-5296
- SUSE Bug 1009026
- SUSE Bug 1010395
Описание
An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
Затронутые продукты
Ссылки
- CVE-2016-5297
- SUSE Bug 1009026
- SUSE Bug 1010401
Описание
Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50.
Затронутые продукты
Ссылки
- CVE-2016-9064
- SUSE Bug 1009026
- SUSE Bug 1010402
Описание
A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
Затронутые продукты
Ссылки
- CVE-2016-9066
- SUSE Bug 1009026
- SUSE Bug 1010404
Описание
An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.
Затронутые продукты
Ссылки
- CVE-2016-9074
- SUSE Bug 1009026
- SUSE Bug 1010422
Описание
A use-after-free vulnerability in SVG Animation has been discovered. An exploit built on this vulnerability has been discovered in the wild targeting Firefox and Tor Browser users on Windows. This vulnerability affects Firefox < 50.0.2, Firefox ESR < 45.5.1, and Thunderbird < 45.5.1.
Затронутые продукты
Ссылки
- CVE-2016-9079
- SUSE Bug 1012964