Описание
Security update for MozillaFirefox
This update for MozillaFirefox, mozilla-nss fixes the following issues:
Security issues fixed:
- CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream (bsc#1122983).
- CVE-2018-18501: Fixed multiple memory safety bugs (bsc#1122983).
- CVE-2018-18505: Fixed a privilege escalation through IPC channel messages (bsc#1122983).
- CVE-2018-12404: Cache side-channel variant of the Bleichenbacher attack (bsc#1119069).
Non-security issue fixed:
- Update to MozillaFirefox ESR 60.5.0
- Update to mozilla-nss 3.41.1
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
Ссылки
- E-Mail link for openSUSE-SU-2019:1758-1
- SUSE Security Ratings
- SUSE Bug 1119069
- SUSE Bug 1120374
- SUSE Bug 1122983
- SUSE CVE CVE-2018-12404 page
- SUSE CVE CVE-2018-18500 page
- SUSE CVE CVE-2018-18501 page
- SUSE CVE CVE-2018-18505 page
Описание
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS 3.41.
Затронутые продукты
Ссылки
- CVE-2018-12404
- SUSE Bug 1119069
- SUSE Bug 1119105
- SUSE Bug 1121207
Описание
A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
Затронутые продукты
Ссылки
- CVE-2018-18500
- SUSE Bug 1122983
- SUSE Bug 986639
Описание
Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
Затронутые продукты
Ссылки
- CVE-2018-18501
- SUSE Bug 1122983
- SUSE Bug 986639
Описание
An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.
Затронутые продукты
Ссылки
- CVE-2018-18505
- SUSE Bug 1122983
- SUSE Bug 986639