[SUSE-SU-2023:0466-1] Security update for MozillaFirefox
Severity
Important
Affected Packages
27
CVEs
14
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Updated to version 102.8.0 ESR (bsc#1208144):
- CVE-2023-25728: Fixed content security policy leak in violation reports using iframes.
- CVE-2023-25730: Fixed screen hijack via browser fullscreen mode.
- CVE-2023-25743: Fixed Fullscreen notification not being shown in Firefox Focus.
- CVE-2023-0767: Fixed arbitrary memory write via PKCS 12 in NSS.
- CVE-2023-25735: Fixed potential use-after-free from compartment mismatch in SpiderMonkey.
- CVE-2023-25737: Fixed invalid downcast in SVGUtils::SetupStrokeGeometry.
- CVE-2023-25738: Fixed printing on Windows which could potentially crash Firefox with some device drivers.
- CVE-2023-25739: Fixed use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext.
- CVE-2023-25729: Fixed extensions opening external schemes without user knowledge.
- CVE-2023-25732: Fixed out of bounds memory write from EncodeInputStream.
- CVE-2023-25734: Fixed opening local .url files that causes unexpected network loads.
- CVE-2023-25742: Fixed tab crash by Web Crypto ImportKey.
- CVE-2023-25744: Fixed Memory safety bugs.
- CVE-2023-25746: Fixed Memory safety bugs.
- ID
- SUSE-SU-2023:0466-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20230466-1/
- Published
-
2023-02-21T08:08:50
(19 months ago) - Modified
-
2023-02-21T08:08:50
(19 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2023-1736
-
ALAS2-2023-1983
-
ALAS2-2023-1992
-
ALPINE:CVE-2023-0767
-
ALPINE:CVE-2023-25728
-
ALPINE:CVE-2023-25729
-
ALPINE:CVE-2023-25730
-
ALPINE:CVE-2023-25732
-
ALPINE:CVE-2023-25734
-
ALPINE:CVE-2023-25735
-
ALPINE:CVE-2023-25737
-
ALPINE:CVE-2023-25738
-
ALPINE:CVE-2023-25739
-
ALPINE:CVE-2023-25742
-
ALPINE:CVE-2023-25744
-
ALPINE:CVE-2023-25746
-
ALSA-2023:0808
-
ALSA-2023:0810
-
ALSA-2023:0821
-
ALSA-2023:0824
-
ALSA-2023:1252
-
ALSA-2023:1368
-
DSA-5350-1
-
DSA-5353-1
-
DSA-5355-1
-
ELSA-2023-0808
-
ELSA-2023-0810
-
ELSA-2023-0812
-
ELSA-2023-0817
-
ELSA-2023-0821
-
ELSA-2023-0824
-
ELSA-2023-12238
-
ELSA-2023-1252
-
ELSA-2023-1332
-
ELSA-2023-1368
-
GLSA-202305-35
-
GLSA-202305-36
-
MFSA-2023-05
-
MFSA-2023-06
-
MFSA-2023-07
-
RHSA-2023:0808
-
RHSA-2023:0810
-
RHSA-2023:0812
-
RHSA-2023:0817
-
RHSA-2023:0821
-
RHSA-2023:0824
-
RHSA-2023:1252
-
RHSA-2023:1332
-
RHSA-2023:1368
-
RLSA-2023:0808
-
RLSA-2023:0810
-
RLSA-2023:0821
-
RLSA-2023:0824
-
RLSA-2023:1252
-
RLSA-2023:1368
-
SSA:2023-045-01
-
SSA:2023-047-01
-
SUSE-SU-2023:0434-1
-
SUSE-SU-2023:0443-1
-
SUSE-SU-2023:0461-1
-
SUSE-SU-2023:0468-1
-
SUSE-SU-2023:0469-1
-
SUSE-SU-2023:0599-1
-
USN-5880-1
-
USN-5892-1
-
USN-5892-2
-
USN-5943-1
-
USN-6120-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=5 | suse |
 MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=4 | suse |
MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2 | suse |
MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=5 | suse |
MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=4 | suse |
MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=5 | suse |
MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=4 | suse |
MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=5 | suse |
MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=4 | suse |
MozillaFirefox
|
< 102.8.0-112.150.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=5 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=4 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=2 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=5 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=4 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=5 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=4 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=5 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=4 | suse |
MozillaFirefox-translations-common
|
< 102.8.0-112.150.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=5 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=4 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=2 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=5 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=4 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=5 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=4 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=5 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=4 | suse |
MozillaFirefox-devel
|
< 102.8.0-112.150.1 | sles-12 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |