Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:0737-1

Опубликовано: 18 мар. 2018
Источник: suse-cvrf

Описание

Security update for MozillaFirefox

This update for Mozilla Firefox to version 52.7.2esr fixes security issues and bugs.

Security issues fixed:

  • CVE-2018-5146: Specially crafted vorbis files could have been used to execute arbitrary code via an Out of bounds memory write (bsc#1085671, MFSA 2018-08)
  • CVE-2018-5147: Specially crafted vorbis files could have been used to execute arbitrary code via an Out of bounds memory write - used on ARM platforms (bsc#1085671, MFSA 2018-08)

The following bug fixes are included:

  • Stability improvements in the Italian locale

Список пакетов

openSUSE Leap 42.3
MozillaFirefox-52.7.2-81.1
MozillaFirefox-branding-upstream-52.7.2-81.1
MozillaFirefox-buildsymbols-52.7.2-81.1
MozillaFirefox-devel-52.7.2-81.1
MozillaFirefox-translations-common-52.7.2-81.1
MozillaFirefox-translations-other-52.7.2-81.1

Описание

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.


Затронутые продукты
openSUSE Leap 42.3:MozillaFirefox-52.7.2-81.1
openSUSE Leap 42.3:MozillaFirefox-branding-upstream-52.7.2-81.1
openSUSE Leap 42.3:MozillaFirefox-buildsymbols-52.7.2-81.1
openSUSE Leap 42.3:MozillaFirefox-devel-52.7.2-81.1

Ссылки