SUSE-SU-2019:2872-1
Vulnerability Summary
Timeline
Description
Security update for MozillaFirefox This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR (bsc#1154738). Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429). - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738). - CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738). - CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738). - CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738). - CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738). - CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738). - CVE-2019-11763: Fixed an XSS bypass (bsc#1154738). - CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738). Non-security issues fixed: - Firefox 60.7 ESR changed the user interface language (bsc#1137990). - Wrong Firefox GUI Language (bsc#1120374). - Fixed an inadvertent crash report transmission without user opt-in (bsc#1074235). - Firefox hangs randomly when browsing and scrolling (bsc#1043008). - Firefox stops loading page until mouse is moved (bsc#1025108).
Affected Systems
- suse•MozillaFirefox&distro=HPE Helion OpenStack 8
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Enterprise Storage 5
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Desktop 12 SP4
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP1-LTSS
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP2-BCL
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP2-LTSS
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP3-BCL
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP3-LTSS
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP4
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server 12 SP5
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP4
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Software Development Kit 12 SP4
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE Linux Enterprise Software Development Kit 12 SP5
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE OpenStack Cloud 7
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE OpenStack Cloud 8
< 68.2.0-109.95.2
- suse•MozillaFirefox&distro=SUSE OpenStack Cloud Crowbar 8
< 68.2.0-109.95.2
References (73)
- https://www.suse.com/support/update/announcement/2019/suse-su-20192872-1/
- https://bugzilla.suse.com/1010399
- https://bugzilla.suse.com/1010405
- https://bugzilla.suse.com/1010406
- https://bugzilla.suse.com/1010408
- https://bugzilla.suse.com/1010409
- https://bugzilla.suse.com/1010421
- https://bugzilla.suse.com/1010423
- https://bugzilla.suse.com/1010424
- https://bugzilla.suse.com/1010425
- https://bugzilla.suse.com/1010426
- https://bugzilla.suse.com/1025108
- https://bugzilla.suse.com/1043008
- https://bugzilla.suse.com/1047281
- https://bugzilla.suse.com/1074235
- https://bugzilla.suse.com/1092611
- https://bugzilla.suse.com/1120374
- https://bugzilla.suse.com/1137990
- https://bugzilla.suse.com/1149429
- https://bugzilla.suse.com/1154738
- https://bugzilla.suse.com/959933
- https://bugzilla.suse.com/983922
- https://www.suse.com/security/cve/CVE-2016-2830
- https://www.suse.com/security/cve/CVE-2016-5289
- https://www.suse.com/security/cve/CVE-2016-5292
- https://www.suse.com/security/cve/CVE-2016-9063
- https://www.suse.com/security/cve/CVE-2016-9067
- https://www.suse.com/security/cve/CVE-2016-9068
- https://www.suse.com/security/cve/CVE-2016-9069
- https://www.suse.com/security/cve/CVE-2016-9071
- https://www.suse.com/security/cve/CVE-2016-9073
- https://www.suse.com/security/cve/CVE-2016-9075
- https://www.suse.com/security/cve/CVE-2016-9076
- https://www.suse.com/security/cve/CVE-2016-9077
- https://www.suse.com/security/cve/CVE-2017-7789
- https://www.suse.com/security/cve/CVE-2018-5150
- https://www.suse.com/security/cve/CVE-2018-5151
- https://www.suse.com/security/cve/CVE-2018-5152
- https://www.suse.com/security/cve/CVE-2018-5153
- https://www.suse.com/security/cve/CVE-2018-5154
- https://www.suse.com/security/cve/CVE-2018-5155
- https://www.suse.com/security/cve/CVE-2018-5157
- https://www.suse.com/security/cve/CVE-2018-5158
- https://www.suse.com/security/cve/CVE-2018-5159
- https://www.suse.com/security/cve/CVE-2018-5160
- https://www.suse.com/security/cve/CVE-2018-5163
- https://www.suse.com/security/cve/CVE-2018-5164
- https://www.suse.com/security/cve/CVE-2018-5165
- https://www.suse.com/security/cve/CVE-2018-5166
- https://www.suse.com/security/cve/CVE-2018-5167
- https://www.suse.com/security/cve/CVE-2018-5168
- https://www.suse.com/security/cve/CVE-2018-5169
- https://www.suse.com/security/cve/CVE-2018-5172
- https://www.suse.com/security/cve/CVE-2018-5173
- https://www.suse.com/security/cve/CVE-2018-5174
- https://www.suse.com/security/cve/CVE-2018-5175
- https://www.suse.com/security/cve/CVE-2018-5176
- https://www.suse.com/security/cve/CVE-2018-5177
- https://www.suse.com/security/cve/CVE-2018-5178
- https://www.suse.com/security/cve/CVE-2018-5179
- https://www.suse.com/security/cve/CVE-2018-5180
- https://www.suse.com/security/cve/CVE-2018-5181
- https://www.suse.com/security/cve/CVE-2018-5182
- https://www.suse.com/security/cve/CVE-2018-5183
- https://www.suse.com/security/cve/CVE-2019-11757
- https://www.suse.com/security/cve/CVE-2019-11758
- https://www.suse.com/security/cve/CVE-2019-11759
- https://www.suse.com/security/cve/CVE-2019-11760
- https://www.suse.com/security/cve/CVE-2019-11761
- https://www.suse.com/security/cve/CVE-2019-11762
- https://www.suse.com/security/cve/CVE-2019-11763
- https://www.suse.com/security/cve/CVE-2019-11764
- https://www.suse.com/security/cve/CVE-2019-15903