SUSE-SU-2019:14246-1 -- SLES MozillaFirefox, firefox, libfirefox-gio-2_0-0, libfirefox-glib-2_0-0, libfirefox-gmodule-2_0-0, libfirefox-gobject-2_0-0, libfirefox-gthread-2_0-0, libfreebl3, libsoftokn3, mozilla-nspr, mozilla-nssID: oval:org.secpod.oval:def:89043994 | Date: (C)2021-03-05 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update contains the Mozilla Firefox ESR 68.2 release. Mozilla Firefox was updated to ESR 68.2 release: * Enterprise: New administrative policies were added. More information and templates are available at the Policy Templates page. * Various security fixes: MFSA 2019-33 * CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber * CVE-2019-11757: Use-after-free when creating index updates in IndexedDB * CVE-2019-11758: Potentially exploitable crash due to 360 Total Security * CVE-2019-11759: Stack buffer overflow in HKDF output * CVE-2019-11760: Stack buffer overflow in WebRTC networking * CVE-2019-11761: Unintended access to a privileged JSONView object * CVE-2019-11762: document.domain-based origin isolation has same-origin- property violation * CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique * CVE-2019-11764: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 Other Issues resolved: * [bsc#1104841] Newer versions of firefox have a dependency on GLIBCXX_3.4.20 * [bsc#1074235] MozillaFirefox: background tab crash reports sent inadvertently without user opt-in * [bsc#1043008] Firefox hangs randomly when browsing and scrolling * [bsc#1025108] Firefox stops loading page until mouse is moved * [bsc#905528] Firefox malfunctions due to broken omni.ja archives
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
MozillaFirefox |
firefox |
libfirefox-gio-2_0-0 |
libfirefox-glib-2_0-0 |
libfirefox-gmodule-2_0-0 |
libfirefox-gobject-2_0-0 |
libfirefox-gthread-2_0-0 |
libfreebl3 |
libsoftokn3 |
mozilla-nspr |
mozilla-nss |