Описание
Security update for MozillaFirefox, mozilla-nss
This update for MozillaFirefox and mozilla-nss fixes the following issues:
Mozilla Firefox was updated to ESR 52.4 (bsc#1060445)
- MFSA 2017-22/CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces
- MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes
- MFSA 2017-22/CVE-2017-7819: Use-after-free while resizing images in design mode
- MFSA 2017-22/CVE-2017-7818: Use-after-free during ARIA array manipulation
- MFSA 2017-22/CVE-2017-7793: Use-after-free with Fetch API
- MFSA 2017-22/CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE
- MFSA 2017-22/CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
- MFSA 2017-22/CVE-2017-7823: CSP sandbox directive did not create a unique origin
- MFSA 2017-22/CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings
Mozilla Network Security Services (Mozilla NSS) received a security fix:
- MFSA 2017-22/CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes (bsc#1061005, bsc#1060445)
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP3-TERADATA
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2017:2872-1
- E-Mail link for SUSE-SU-2017:2872-1
- SUSE Security Ratings
- SUSE Bug 1060445
- SUSE Bug 1061005
- SUSE CVE CVE-2017-7793 page
- SUSE CVE CVE-2017-7805 page
- SUSE CVE CVE-2017-7810 page
- SUSE CVE CVE-2017-7814 page
- SUSE CVE CVE-2017-7818 page
- SUSE CVE CVE-2017-7819 page
- SUSE CVE CVE-2017-7823 page
- SUSE CVE CVE-2017-7824 page
- SUSE CVE CVE-2017-7825 page
Описание
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7793
- SUSE Bug 1060445
Описание
During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7805
- SUSE Bug 1060445
- SUSE Bug 1061005
Описание
Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7810
- SUSE Bug 1060445
Описание
File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7814
- SUSE Bug 1060445
Описание
A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7818
- SUSE Bug 1060445
Описание
A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7819
- SUSE Bug 1060445
Описание
The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7823
- SUSE Bug 1060445
Описание
A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7824
- SUSE Bug 1060445
Описание
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
Затронутые продукты
Ссылки
- CVE-2017-7825
- SUSE Bug 1060445