openSUSE-SU-2018:0843-1

Опубликовано: 29 мар. 2018

Источник: suse-cvrf

Описание

Security update for Mozilla Firefox

This update for Mozilla Firefox to version 52.7.3 fixes the following issue:

CVE-2018-5148: A use-after-free in compositor allowed for crashes to be triggered Or potentially have further code execution impact (bsc#1087059)

Список пакетов

openSUSE Leap 42.3

MozillaFirefox-52.7.3-86.1

MozillaFirefox-branding-upstream-52.7.3-86.1

MozillaFirefox-buildsymbols-52.7.3-86.1

MozillaFirefox-devel-52.7.3-86.1

MozillaFirefox-translations-common-52.7.3-86.1

MozillaFirefox-translations-other-52.7.3-86.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-03/msg00109.html
E-Mail link for openSUSE-SU-2018:0843-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.7.3 and Firefox < 59.0.2.

Затронутые продукты

openSUSE Leap 42.3:MozillaFirefox-52.7.3-86.1

openSUSE Leap 42.3:MozillaFirefox-branding-upstream-52.7.3-86.1

openSUSE Leap 42.3:MozillaFirefox-buildsymbols-52.7.3-86.1

openSUSE Leap 42.3:MozillaFirefox-devel-52.7.3-86.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-5148.html
CVE-2018-5148
https://bugzilla.suse.com/1087059
SUSE Bug 1087059

openSUSE-SU-2018:0843-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-5148

Описание

Затронутые продукты

Ссылки