Описание
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 115.2.1 ESR (bsc#1215245).
- CVE-2023-4863: Fixed heap buffer overflow in libwebp (MFSA 2023-40) (bsc#1215231).
The following non-security bug was fixed:
- Fix i586 build by reducing debug info to -g1 (bsc#1210168).
Список пакетов
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
MozillaFirefox-115.2.1-112.179.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
MozillaFirefox-115.2.1-112.179.1
SUSE Linux Enterprise Server 12 SP5
MozillaFirefox-115.2.1-112.179.1
MozillaFirefox-devel-115.2.1-112.179.1
MozillaFirefox-translations-common-115.2.1-112.179.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
MozillaFirefox-115.2.1-112.179.1
MozillaFirefox-devel-115.2.1-112.179.1
MozillaFirefox-translations-common-115.2.1-112.179.1
SUSE Linux Enterprise Software Development Kit 12 SP5
MozillaFirefox-devel-115.2.1-112.179.1
Ссылки
- Link for SUSE-SU-2023:3626-1
- E-Mail link for SUSE-SU-2023:3626-1
- SUSE Security Ratings
- SUSE Bug 1210168
- SUSE Bug 1215231
- SUSE Bug 1215245
- SUSE CVE CVE-2023-4863 page
Описание
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Затронутые продукты
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:MozillaFirefox-115.2.1-112.179.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-115.2.1-112.179.1
SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.2.1-112.179.1
SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.2.1-112.179.1
Ссылки
- CVE-2023-4863
- SUSE Bug 1215231
- SUSE Bug 1217115
- SUSE Bug 1217117