Описание
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 115.0.2 ESR (MFSA 2023-26, bsc#1213230)
Security fixes:
- CVE-2023-3600: Fixed use-after-free in workers (bmo#1839703)
Other fixes:
- Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL (bmo#1841751)
- Fixed a bug with displaying a caret in the text editor on some websites (bmo#1840804)
- Fixed a bug with broken audio rendering on some websites (bmo#1841982)
- Fixed a bug with patternTransform translate using the wrong units (bmo#1840746)
- Fixed a crash affecting Windows 7 users related to the DLL blocklist.
Firefox Extended Support Release 115.0.1 ESR
- Fixed a startup crash for Windows users with Kingsoft Antivirus software installed (bmo#1837242)
Список пакетов
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
MozillaFirefox-115.0.2-112.170.2
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
MozillaFirefox-115.0.2-112.170.2
SUSE Linux Enterprise Server 12 SP2-BCL
MozillaFirefox-115.0.2-112.170.2
MozillaFirefox-devel-115.0.2-112.170.2
MozillaFirefox-translations-common-115.0.2-112.170.2
SUSE Linux Enterprise Server 12 SP4-ESPOS
MozillaFirefox-115.0.2-112.170.2
MozillaFirefox-devel-115.0.2-112.170.2
MozillaFirefox-translations-common-115.0.2-112.170.2
SUSE Linux Enterprise Server 12 SP4-LTSS
MozillaFirefox-115.0.2-112.170.2
MozillaFirefox-devel-115.0.2-112.170.2
MozillaFirefox-translations-common-115.0.2-112.170.2
SUSE Linux Enterprise Server 12 SP5
MozillaFirefox-115.0.2-112.170.2
MozillaFirefox-devel-115.0.2-112.170.2
MozillaFirefox-translations-common-115.0.2-112.170.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
MozillaFirefox-115.0.2-112.170.2
MozillaFirefox-devel-115.0.2-112.170.2
MozillaFirefox-translations-common-115.0.2-112.170.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
MozillaFirefox-115.0.2-112.170.2
MozillaFirefox-devel-115.0.2-112.170.2
MozillaFirefox-translations-common-115.0.2-112.170.2
SUSE Linux Enterprise Software Development Kit 12 SP5
MozillaFirefox-devel-115.0.2-112.170.2
SUSE OpenStack Cloud 9
MozillaFirefox-115.0.2-112.170.2
MozillaFirefox-devel-115.0.2-112.170.2
MozillaFirefox-translations-common-115.0.2-112.170.2
SUSE OpenStack Cloud Crowbar 9
MozillaFirefox-115.0.2-112.170.2
MozillaFirefox-devel-115.0.2-112.170.2
MozillaFirefox-translations-common-115.0.2-112.170.2
Ссылки
- Link for SUSE-SU-2023:2959-1
- E-Mail link for SUSE-SU-2023:2959-1
- SUSE Security Ratings
- SUSE Bug 1213230
- SUSE CVE CVE-2023-3600 page
Описание
During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1.
Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-115.0.2-112.170.2
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-115.0.2-112.170.2
SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-115.0.2-112.170.2
SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-115.0.2-112.170.2
Ссылки
- CVE-2023-3600
- SUSE Bug 1213230