Описание
Security update for MozillaFirefox
This update for Mozilla Firefox to version 52.7.2esr fixes security issues and bugs.
Security issues fixed:
- CVE-2018-5146: Specially crafted vorbis files could have been used to execute arbitrary code via an Out of bounds memory write (bsc#1085671, MFSA 2018-08)
- CVE-2018-5147: Specially crafted vorbis files could have been used to execute arbitrary code via an Out of bounds memory write - used on ARM platforms (bsc#1085671, MFSA 2018-08)
The following bug fixes are included:
- Stability improvements in the Italian locale
Список пакетов
openSUSE Leap 42.3
MozillaFirefox-52.7.2-81.1
MozillaFirefox-branding-upstream-52.7.2-81.1
MozillaFirefox-buildsymbols-52.7.2-81.1
MozillaFirefox-devel-52.7.2-81.1
MozillaFirefox-translations-common-52.7.2-81.1
MozillaFirefox-translations-other-52.7.2-81.1
Ссылки
- E-Mail link for openSUSE-SU-2018:0737-1
- SUSE Security Ratings
Описание
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
Затронутые продукты
openSUSE Leap 42.3:MozillaFirefox-52.7.2-81.1
openSUSE Leap 42.3:MozillaFirefox-branding-upstream-52.7.2-81.1
openSUSE Leap 42.3:MozillaFirefox-buildsymbols-52.7.2-81.1
openSUSE Leap 42.3:MozillaFirefox-devel-52.7.2-81.1
Ссылки
- CVE-2018-5146
- SUSE Bug 1085671
- SUSE Bug 1085687
- SUSE Bug 1180395