[SUSE-SU-2015:0960-1] Security update for MozillaFirefox

Severity Important

Affected Packages 8

CVEs 6

Security update for MozillaFirefox

This update to Firefox 31.7.0 ESR (bsc#930622) fixes the following issues:

MFSA 2015-46/CVE-2015-2708/CVE-2015-2709 (bmo#1120655, bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977, bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526, bmo#1153688, bmo#1155474) Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
MFSA 2015-47/CVE-2015-0797 (bmo#1080995) Buffer overflow parsing H.264 video with Linux Gstreamer
MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow with SVG content and CSS
MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free during text processing with vertical text enabled
MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow when parsing compressed XML

Package	Affected Version
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12	< 31.7.0esr-34.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sled-12	< 31.7.0esr-34.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12	< 31.7.0esr-34.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12	< 31.7.0esr-34.1
pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12	< 31.7.0esr-34.1
pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sled-12	< 31.7.0esr-34.1
pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12	< 31.7.0esr-34.1
pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12	< 31.7.0esr-34.1

ID

SUSE-SU-2015:0960-1

Severity

important

URL

Published

2015-05-21T08:36:37
(9 years ago)

Modified

2015-05-21T08:36:37
(9 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0960-1.json
Suse	URL for SUSE-SU-2015:0960-1	https://www.suse.com/support/update/announcement/2015/suse-su-20150960-1/
Suse	E-Mail link for SUSE-SU-2015:0960-1	https://lists.suse.com/pipermail/sle-security-updates/2015-May/001413.html
Bugzilla	SUSE Bug 930622	https://bugzilla.suse.com/930622
CVE	SUSE CVE CVE-2015-0797 page	https://www.suse.com/security/cve/CVE-2015-0797/
CVE	SUSE CVE CVE-2015-2708 page	https://www.suse.com/security/cve/CVE-2015-2708/
CVE	SUSE CVE CVE-2015-2709 page	https://www.suse.com/security/cve/CVE-2015-2709/
CVE	SUSE CVE CVE-2015-2710 page	https://www.suse.com/security/cve/CVE-2015-2710/
CVE	SUSE CVE CVE-2015-2713 page	https://www.suse.com/security/cve/CVE-2015-2713/
CVE	SUSE CVE CVE-2015-2716 page	https://www.suse.com/security/cve/CVE-2015-2716/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12	suse	MozillaFirefox	< 31.7.0esr-34.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sled-12	suse	MozillaFirefox	< 31.7.0esr-34.1	sled-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12	suse	MozillaFirefox	< 31.7.0esr-34.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12	suse	MozillaFirefox	< 31.7.0esr-34.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12	suse	MozillaFirefox-translations	< 31.7.0esr-34.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sled-12	suse	MozillaFirefox-translations	< 31.7.0esr-34.1	sled-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12	suse	MozillaFirefox-translations	< 31.7.0esr-34.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12	suse	MozillaFirefox-translations	< 31.7.0esr-34.1	sles-12	ppc64le

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date