[SUSE-SU-2018:0374-1] Security update for MozillaFirefox

Severity Important

Affected Packages 38

CVEs 11

Security update for MozillaFirefox

This update for MozillaFirefox to version 52.6 several issues.

These security issues were fixed:

CVE-2018-5091: Use-after-free with DTMF timers (bsc#1077291).
CVE-2018-5095: Integer overflow in Skia library during edge builder allocation (bsc#1077291).
CVE-2018-5096: Use-after-free while editing form elements (bsc#1077291).
CVE-2018-5097: Use-after-free when source document is manipulated during XSLT (bsc#1077291).
CVE-2018-5098: Use-after-free while manipulating form input elements (bsc#1077291).
CVE-2018-5099: Use-after-free with widget listener (bsc#1077291).
CVE-2018-5104: Use-after-free during font face manipulation (bsc#1077291).
CVE-2018-5089: Fixed several memory safety bugs (bsc#1077291).
CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right (bsc#1077291).
CVE-2018-5102: Use-after-free in HTML media elements (bsc#1077291).
CVE-2018-5103: Use-after-free during mouse event handling (bsc#1077291).

Package	Affected Version
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sled-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sled-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sled-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sled-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=aarch64&distro=sles-12&sp=3	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-translations?arch=aarch64&distro=sles-12&sp=2	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=1	< 52.6.0esr-109.13.1
pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12	< 52.6.0esr-109.13.1

ID

SUSE-SU-2018:0374-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2018/suse-su-20180374-1/

Published

2018-02-06T10:47:56
(6 years ago)

Modified

2018-02-06T10:47:56
(6 years ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_0374-1.json
Suse	URL for SUSE-SU-2018:0374-1	https://www.suse.com/support/update/announcement/2018/suse-su-20180374-1/
Suse	E-Mail link for SUSE-SU-2018:0374-1	https://lists.suse.com/pipermail/sle-security-updates/2018-February/003710.html
Bugzilla	SUSE Bug 1077291	https://bugzilla.suse.com/1077291
CVE	SUSE CVE CVE-2018-5089 page	https://www.suse.com/security/cve/CVE-2018-5089/
CVE	SUSE CVE CVE-2018-5091 page	https://www.suse.com/security/cve/CVE-2018-5091/
CVE	SUSE CVE CVE-2018-5095 page	https://www.suse.com/security/cve/CVE-2018-5095/
CVE	SUSE CVE CVE-2018-5096 page	https://www.suse.com/security/cve/CVE-2018-5096/
CVE	SUSE CVE CVE-2018-5097 page	https://www.suse.com/security/cve/CVE-2018-5097/
CVE	SUSE CVE CVE-2018-5098 page	https://www.suse.com/security/cve/CVE-2018-5098/
CVE	SUSE CVE CVE-2018-5099 page	https://www.suse.com/security/cve/CVE-2018-5099/
CVE	SUSE CVE CVE-2018-5102 page	https://www.suse.com/security/cve/CVE-2018-5102/
CVE	SUSE CVE CVE-2018-5103 page	https://www.suse.com/security/cve/CVE-2018-5103/
CVE	SUSE CVE CVE-2018-5104 page	https://www.suse.com/security/cve/CVE-2018-5104/
CVE	SUSE CVE CVE-2018-5117 page	https://www.suse.com/security/cve/CVE-2018-5117/

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=3	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=1	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sled-12&sp=3	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sled-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sled-12&sp=2	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sled-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=3	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=2	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=1	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=3	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=2	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=1	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=3	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=2	suse	MozillaFirefox	< 52.6.0esr-109.13.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12&sp=3	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12&sp=2	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12&sp=1	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sles-12	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sled-12&sp=3	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sled-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=x86_64&distro=sled-12&sp=2	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sled-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12&sp=3	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12&sp=2	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12&sp=1	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=s390x&distro=sles-12	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12&sp=3	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12&sp=2	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12&sp=1	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=ppc64le&distro=sles-12	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=aarch64&distro=sles-12&sp=3	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-translations?arch=aarch64&distro=sles-12&sp=2	suse	MozillaFirefox-translations	< 52.6.0esr-109.13.1	sles-12	aarch64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=1	suse	MozillaFirefox-devel	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12	suse	MozillaFirefox-devel	< 52.6.0esr-109.13.1	sles-12	x86_64
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=1	suse	MozillaFirefox-devel	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12	suse	MozillaFirefox-devel	< 52.6.0esr-109.13.1	sles-12	s390x
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=1	suse	MozillaFirefox-devel	< 52.6.0esr-109.13.1	sles-12	ppc64le
Affected	pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12	suse	MozillaFirefox-devel	< 52.6.0esr-109.13.1	sles-12	ppc64le

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date