1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2019:2436-1

[SUSE-SU-2019:2436-1] Security update for MozillaFirefox

Severity Important
Affected Packages 44
CVEs 8
Info Packages References Vulnerabilities

Security update for MozillaFirefox

This update for MozillaFirefox to ESR 60.9 fixes the following issues:

Security issues fixed:

  • CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. (bsc#1149303)
  • CVE-2019-11746: Fixed a use-after-free while manipulating video. (bsc#1149297)
  • CVE-2019-11744: Fixed an XSS caused by breaking out of title and textarea elements using innerHTML. (bsc#1149304)
  • CVE-2019-11753: Fixed a privilege escalation with Mozilla Maintenance Service in custom Firefox installation location. (bsc#1149295)
  • CVE-2019-11752: Fixed a use-after-free while extracting a key value in IndexedDB. (bsc#1149296)
  • CVE-2019-11743: Fixed a timing side-channel attack on cross-origin information, utilizing unload event attributes. (bsc#1149298)
  • CVE-2019-11740: Fixed several memory safety bugs. (bsc#1149299)
Package Affected Version
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=5 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=3 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=1 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sled-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=5 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=3 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=1 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=5 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=3 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=1 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=5 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=3 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=5 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=3 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=1 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sled-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=5 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=3 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=1 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=5 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=3 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=1 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=5 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=4 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=3 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=1 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=1 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=2 < 60.9.0-109.86.1
pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=1 < 60.9.0-109.86.1
ID
SUSE-SU-2019:2436-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2019/suse-su-20192436-1/
Published
2019-09-23T12:38:35
(5 years ago)
Modified
2019-09-23T12:38:35
(5 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2436-1.json
Suse URL for SUSE-SU-2019:2436-1 https://www.suse.com/support/update/announcement/2019/suse-su-20192436-1/
Suse E-Mail link for SUSE-SU-2019:2436-1 https://lists.suse.com/pipermail/sle-security-updates/2019-September/005953.html
Bugzilla SUSE Bug 1149294 https://bugzilla.suse.com/1149294
Bugzilla SUSE Bug 1149295 https://bugzilla.suse.com/1149295
Bugzilla SUSE Bug 1149296 https://bugzilla.suse.com/1149296
Bugzilla SUSE Bug 1149297 https://bugzilla.suse.com/1149297
Bugzilla SUSE Bug 1149298 https://bugzilla.suse.com/1149298
Bugzilla SUSE Bug 1149299 https://bugzilla.suse.com/1149299
Bugzilla SUSE Bug 1149303 https://bugzilla.suse.com/1149303
Bugzilla SUSE Bug 1149304 https://bugzilla.suse.com/1149304
Bugzilla SUSE Bug 1149324 https://bugzilla.suse.com/1149324
CVE SUSE CVE CVE-2019-11740 page https://www.suse.com/security/cve/CVE-2019-11740/
CVE SUSE CVE CVE-2019-11742 page https://www.suse.com/security/cve/CVE-2019-11742/
CVE SUSE CVE CVE-2019-11743 page https://www.suse.com/security/cve/CVE-2019-11743/
CVE SUSE CVE CVE-2019-11744 page https://www.suse.com/security/cve/CVE-2019-11744/
CVE SUSE CVE CVE-2019-11746 page https://www.suse.com/security/cve/CVE-2019-11746/
CVE SUSE CVE CVE-2019-11752 page https://www.suse.com/security/cve/CVE-2019-11752/
CVE SUSE CVE CVE-2019-11753 page https://www.suse.com/security/cve/CVE-2019-11753/
CVE SUSE CVE CVE-2019-9812 page https://www.suse.com/security/cve/CVE-2019-9812/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=5 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=4 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=3 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=1 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sled-12&sp=4 suse MozillaFirefox < 60.9.0-109.86.1 sled-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=5 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=4 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=3 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=2 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=1 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=5 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=4 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=3 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=2 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=1 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=5 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 aarch64
Affected pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=4 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 aarch64
Affected pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=3 suse MozillaFirefox < 60.9.0-109.86.1 sles-12 aarch64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=5 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=4 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=3 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=2 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=1 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sled-12&sp=4 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sled-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=5 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=4 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=3 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=2 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=1 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=5 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=4 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=3 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=2 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=1 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=5 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 aarch64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=4 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 aarch64
Affected pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=3 suse MozillaFirefox-translations-common < 60.9.0-109.86.1 sles-12 aarch64
Affected pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=2 suse MozillaFirefox-devel < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=1 suse MozillaFirefox-devel < 60.9.0-109.86.1 sles-12 x86_64
Affected pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=2 suse MozillaFirefox-devel < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=1 suse MozillaFirefox-devel < 60.9.0-109.86.1 sles-12 s390x
Affected pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=2 suse MozillaFirefox-devel < 60.9.0-109.86.1 sles-12 ppc64le
Affected pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=1 suse MozillaFirefox-devel < 60.9.0-109.86.1 sles-12 ppc64le
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date