[SUSE-SU-2023:0466-1] Security update for MozillaFirefox
Severity
Important
Affected Packages
27
CVEs
14
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Updated to version 102.8.0 ESR (bsc#1208144):
- CVE-2023-25728: Fixed content security policy leak in violation reports using iframes.
- CVE-2023-25730: Fixed screen hijack via browser fullscreen mode.
- CVE-2023-25743: Fixed Fullscreen notification not being shown in Firefox Focus.
- CVE-2023-0767: Fixed arbitrary memory write via PKCS 12 in NSS.
- CVE-2023-25735: Fixed potential use-after-free from compartment mismatch in SpiderMonkey.
- CVE-2023-25737: Fixed invalid downcast in SVGUtils::SetupStrokeGeometry.
- CVE-2023-25738: Fixed printing on Windows which could potentially crash Firefox with some device drivers.
- CVE-2023-25739: Fixed use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext.
- CVE-2023-25729: Fixed extensions opening external schemes without user knowledge.
- CVE-2023-25732: Fixed out of bounds memory write from EncodeInputStream.
- CVE-2023-25734: Fixed opening local .url files that causes unexpected network loads.
- CVE-2023-25742: Fixed tab crash by Web Crypto ImportKey.
- CVE-2023-25744: Fixed Memory safety bugs.
- CVE-2023-25746: Fixed Memory safety bugs.
- ID
- SUSE-SU-2023:0466-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20230466-1/
- Published
-
2023-02-21T08:08:50
(19 months ago) - Modified
-
2023-02-21T08:08:50
(19 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1736
- ALAS2-2023-1983
- ALAS2-2023-1992
- ALPINE:CVE-2023-0767
- ALPINE:CVE-2023-25728
- ALPINE:CVE-2023-25729
- ALPINE:CVE-2023-25730
- ALPINE:CVE-2023-25732
- ALPINE:CVE-2023-25734
- ALPINE:CVE-2023-25735
- ALPINE:CVE-2023-25737
- ALPINE:CVE-2023-25738
- ALPINE:CVE-2023-25739
- ALPINE:CVE-2023-25742
- ALPINE:CVE-2023-25744
- ALPINE:CVE-2023-25746
- ALSA-2023:0808
- ALSA-2023:0810
- ALSA-2023:0821
- ALSA-2023:0824
- ALSA-2023:1252
- ALSA-2023:1368
- DSA-5350-1
- DSA-5353-1
- DSA-5355-1
- ELSA-2023-0808
- ELSA-2023-0810
- ELSA-2023-0812
- ELSA-2023-0817
- ELSA-2023-0821
- ELSA-2023-0824
- ELSA-2023-12238
- ELSA-2023-1252
- ELSA-2023-1332
- ELSA-2023-1368
- GLSA-202305-35
- GLSA-202305-36
- MFSA-2023-05
- MFSA-2023-06
- MFSA-2023-07
- RHSA-2023:0808
- RHSA-2023:0810
- RHSA-2023:0812
- RHSA-2023:0817
- RHSA-2023:0821
- RHSA-2023:0824
- RHSA-2023:1252
- RHSA-2023:1332
- RHSA-2023:1368
- RLSA-2023:0808
- RLSA-2023:0810
- RLSA-2023:0821
- RLSA-2023:0824
- RLSA-2023:1252
- RLSA-2023:1368
- SSA:2023-045-01
- SSA:2023-047-01
- SUSE-SU-2023:0434-1
- SUSE-SU-2023:0443-1
- SUSE-SU-2023:0461-1
- SUSE-SU-2023:0468-1
- SUSE-SU-2023:0469-1
- SUSE-SU-2023:0599-1
- USN-5880-1
- USN-5892-1
- USN-5892-2
- USN-5943-1
- USN-6120-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=5 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=4 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=5 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=4 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=5 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=4 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=5 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=4 | suse | MozillaFirefox | < 102.8.0-112.150.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=5 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=4 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=2 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=5 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=4 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=5 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=4 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=5 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=4 | suse | MozillaFirefox-translations-common | < 102.8.0-112.150.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=5 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=4 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=2 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | x86_64 | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=5 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=4 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | s390x | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=5 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=4 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | ppc64le | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=5 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | aarch64 | |
Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=4 | suse | MozillaFirefox-devel | < 102.8.0-112.150.1 | sles-12 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |