exploitDog

SUSE-SU-2023:3941-1

Опубликовано: 03 окт. 2023

Источник: suse-cvrf

Описание

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues:

Mozilla Firefox ESR 115.3.1 ESR was released to fix a security issue:

MFSA 2023-44 (bsc#1215814)

CVE-2023-5217: Fixed a heap buffer overflow in libvpx

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

MozillaFirefox-115.3.1-150000.150.110.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

MozillaFirefox-115.3.1-150000.150.110.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

MozillaFirefox-115.3.1-150000.150.110.1

MozillaFirefox-devel-115.3.1-150000.150.110.1

MozillaFirefox-translations-common-115.3.1-150000.150.110.1

MozillaFirefox-translations-other-115.3.1-150000.150.110.1

SUSE Linux Enterprise Server 15 SP1-LTSS

MozillaFirefox-115.3.1-150000.150.110.1

MozillaFirefox-devel-115.3.1-150000.150.110.1

MozillaFirefox-translations-common-115.3.1-150000.150.110.1

MozillaFirefox-translations-other-115.3.1-150000.150.110.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

MozillaFirefox-115.3.1-150000.150.110.1

MozillaFirefox-devel-115.3.1-150000.150.110.1

MozillaFirefox-translations-common-115.3.1-150000.150.110.1

MozillaFirefox-translations-other-115.3.1-150000.150.110.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233941-1/
Link for SUSE-SU-2023:3941-1
https://lists.suse.com/pipermail/sle-security-updates/2023-October/016484.html
E-Mail link for SUSE-SU-2023:3941-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1215814
SUSE Bug 1215814
https://www.suse.com/security/cve/CVE-2023-5217/
SUSE CVE CVE-2023-5217 page

Описание

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Затронутые продукты

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:MozillaFirefox-115.3.1-150000.150.110.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-115.3.1-150000.150.110.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-115.3.1-150000.150.110.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-115.3.1-150000.150.110.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-5217.html
CVE-2023-5217
https://bugzilla.suse.com/1215776
SUSE Bug 1215776
https://bugzilla.suse.com/1215778
SUSE Bug 1215778
https://bugzilla.suse.com/1215814
SUSE Bug 1215814
https://bugzilla.suse.com/1217559
SUSE Bug 1217559

Уязвимость SUSE-SU-2023:3941-1