openSUSE-SU-2017:0765-1

Опубликовано: 20 мар. 2017

Источник: suse-cvrf

Описание

Security update for Mozilla Firefox

Mozilla Firefox was updated to 52.0.1 to fix one security issue:

CVE-2017-5428: integer overflow in createImageBitmap() (boo#1029822, MFSA 2017-08)

Список пакетов

openSUSE Leap 42.1

MozillaFirefox-52.0.1-57.3.1

MozillaFirefox-branding-upstream-52.0.1-57.3.1

MozillaFirefox-buildsymbols-52.0.1-57.3.1

MozillaFirefox-devel-52.0.1-57.3.1

MozillaFirefox-translations-common-52.0.1-57.3.1

MozillaFirefox-translations-other-52.0.1-57.3.1

openSUSE Leap 42.2

MozillaFirefox-52.0.1-57.3.1

MozillaFirefox-branding-upstream-52.0.1-57.3.1

MozillaFirefox-buildsymbols-52.0.1-57.3.1

MozillaFirefox-devel-52.0.1-57.3.1

MozillaFirefox-translations-common-52.0.1-57.3.1

MozillaFirefox-translations-other-52.0.1-57.3.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2017-03/msg00021.html
E-Mail link for openSUSE-SU-2017:0765-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

An integer overflow in "createImageBitmap()" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. This vulnerability affects Firefox ESR < 52.0.1 and Firefox < 52.0.1.

Затронутые продукты

openSUSE Leap 42.1:MozillaFirefox-52.0.1-57.3.1

openSUSE Leap 42.1:MozillaFirefox-branding-upstream-52.0.1-57.3.1

openSUSE Leap 42.1:MozillaFirefox-buildsymbols-52.0.1-57.3.1

openSUSE Leap 42.1:MozillaFirefox-devel-52.0.1-57.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-5428.html
CVE-2017-5428
https://bugzilla.suse.com/1029822
SUSE Bug 1029822

openSUSE-SU-2017:0765-1

Описание

Список пакетов

openSUSE Leap 42.1

openSUSE Leap 42.2

Ссылки

Уязвимость: CVE-2017-5428

Описание

Затронутые продукты

Ссылки