openSUSE-SU-2019:2251

openSUSE-SU-2019:2260

https://bugzilla.mozilla.org/show_bug.cgi?id=1572838

https://www.mozilla.org/security/advisories/mfsa2019-25/

https://www.mozilla.org/security/advisories/mfsa2019-26/

This update for MozillaFirefox fixes the following issues :

Updated to new ESR version 68.1 (bsc#1149323).

In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750, CVE-2019-11738, CVE-2019-11747, CVE-2019-11735.

Several run-time issues were also resolved (bsc#1117473, bsc#1124525, bsc#1133810).

The version displayed in Help > About is now correct (bsc#1087200).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for MozillaFirefox to 68.1 fixes the following issues :

Security issues fixed :

  - CVE-2019-9811: Fixed a sandbox escape via installation     of malicious language pack. (bsc#1140868)

  - CVE-2019-9812: Fixed a sandbox escape through Firefox     Sync. (bsc#1149294)

  - CVE-2019-11710: Fixed several memory safety bugs.
    (bsc#1140868)

  - CVE-2019-11714: Fixed a potentially exploitable crash in     Necko. (bsc#1140868)

  - CVE-2019-11716: Fixed a sandbox bypass. (bsc#1140868)

  - CVE-2019-11718: Fixed inadequate sanitation in the     Activity Stream component. (bsc#1140868)

  - CVE-2019-11720: Fixed a character encoding XSS     vulnerability. (bsc#1140868)

  - CVE-2019-11721: Fixed a homograph domain spoofing issue     through unicode latin 'kra' character. (bsc#1140868)

  - CVE-2019-11723: Fixed a cookie leakage during add-on     fetching across private browsing boundaries.
    (bsc#1140868)

  - CVE-2019-11724: Fixed an outdated permission, granting     access to retired site input.mozilla.org. (bsc#1140868)

  - CVE-2019-11725: Fixed a Safebrowsing bypass involving     WebSockets. (bsc#1140868)

  - CVE-2019-11727: Fixed a vulnerability where it possible     to force NSS to sign CertificateVerify with PKCS#1 v1.5     signatures when those are the only ones advertised by     server in CertificateRequest in TLS 1.3. (bsc#1141322)

  - CVE-2019-11728: Fixed an improper handling of the     Alt-Svc header that allowed remote port scans.
    (bsc#1140868)

  - CVE-2019-11733: Fixed an insufficient protection of     stored passwords in 'Saved Logins'. (bnc#1145665)

  - CVE-2019-11735: Fixed several memory safety bugs.
    (bnc#1149293)

  - CVE-2019-11736: Fixed a file manipulation and privilege     escalation in Mozilla Maintenance Service. (bnc#1149292) 

  - CVE-2019-11738: Fixed a content security policy bypass     through hash-based sources in directives. (bnc#1149302)

  - CVE-2019-11740: Fixed several memory safety bugs.
    (bsc#1149299)

  - CVE-2019-11742: Fixed a same-origin policy violation     involving SVG filters and canvas to steal cross-origin     images. (bsc#1149303)

  - CVE-2019-11743: Fixed a timing side-channel attack on     cross-origin information, utilizing unload event     attributes. (bsc#1149298)

  - CVE-2019-11744: Fixed an XSS caused by breaking out of     title and textarea elements using innerHTML.
    (bsc#1149304)

  - CVE-2019-11746: Fixed a use-after-free while     manipulating video. (bsc#1149297)

  - CVE-2019-11752: Fixed a use-after-free while extracting     a key value in IndexedDB. (bsc#1149296)

  - CVE-2019-11753: Fixed a privilege escalation with     Mozilla Maintenance Service in custom Firefox     installation location. (bsc#1149295)

Non-security issues fixed :

&#9; - Latest update now also released for s390x. (bsc#1109465)

  - Fixed a segmentation fault on s390vsl082. (bsc#1117473)

  - Fixed a crash on SLES15 s390x. (bsc#1124525)

  - Fixed a segmentation fault. (bsc#1133810)

This update was imported from the SUSE:SLE-15:Update update project.

This update for MozillaFirefox to 68.1 fixes the following issues :

Security issues fixed :

CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. (bsc#1140868)

CVE-2019-9812: Fixed a sandbox escape through Firefox Sync.
(bsc#1149294)

CVE-2019-11710: Fixed several memory safety bugs. (bsc#1140868)

CVE-2019-11714: Fixed a potentially exploitable crash in Necko.
(bsc#1140868)

CVE-2019-11716: Fixed a sandbox bypass. (bsc#1140868)

CVE-2019-11718: Fixed inadequate sanitation in the Activity Stream component. (bsc#1140868)

CVE-2019-11720: Fixed a character encoding XSS vulnerability.
(bsc#1140868)

CVE-2019-11721: Fixed a homograph domain spoofing issue through unicode latin 'kra' character. (bsc#1140868)

CVE-2019-11723: Fixed a cookie leakage during add-on fetching across private browsing boundaries. (bsc#1140868)

CVE-2019-11724: Fixed an outdated permission, granting access to retired site input.mozilla.org. (bsc#1140868)

CVE-2019-11725: Fixed a Safebrowsing bypass involving WebSockets.
(bsc#1140868)

CVE-2019-11727: Fixed a vulnerability where it possible to force NSS to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3.
(bsc#1141322)

CVE-2019-11728: Fixed an improper handling of the Alt-Svc header that allowed remote port scans. (bsc#1140868)

CVE-2019-11733: Fixed an insufficient protection of stored passwords in 'Saved Logins'. (bnc#1145665)

CVE-2019-11735: Fixed several memory safety bugs. (bnc#1149293)

CVE-2019-11736: Fixed a file manipulation and privilege escalation in Mozilla Maintenance Service. (bnc#1149292)

CVE-2019-11738: Fixed a content security policy bypass through hash-based sources in directives. (bnc#1149302)

CVE-2019-11740: Fixed several memory safety bugs. (bsc#1149299)

CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. (bsc#1149303)

CVE-2019-11743: Fixed a timing side-channel attack on cross-origin information, utilizing unload event attributes. (bsc#1149298)

CVE-2019-11744: Fixed an XSS caused by breaking out of title and textarea elements using innerHTML. (bsc#1149304)

CVE-2019-11746: Fixed a use-after-free while manipulating video.
(bsc#1149297)

CVE-2019-11752: Fixed a use-after-free while extracting a key value in IndexedDB. (bsc#1149296)

CVE-2019-11753: Fixed a privilege escalation with Mozilla Maintenance Service in custom Firefox installation location. (bsc#1149295)

Non-security issues fixed: Latest update now also released for s390x.
(bsc#1109465)

Fixed a segmentation fault on s390vsl082. (bsc#1117473)

Fixed a crash on SLES15 s390x. (bsc#1124525)

Fixed a segmentation fault. (bsc#1133810)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The version of Firefox ESR installed on the remote Windows host is prior to 68.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-26 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 68.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-26 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote Windows host is prior to 69.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-25 advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 69.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-25 advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Mozilla Foundation reports :

CVE-2019-11751: Malicious code execution through command line parameters

CVE-2019-11746: Use-after-free while manipulating video

CVE-2019-11744: XSS by breaking out of title and textarea elements using innerHTML

CVE-2019-11742: Same-origin policy violation with SVG filters and canvas to steal cross-origin images

CVE-2019-11736: File manipulation and privilege escalation in Mozilla Maintenance Service

CVE-2019-11753: Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location

CVE-2019-11752: Use-after-free while extracting a key value in IndexedDB

CVE-2019-9812: Sandbox escape through Firefox Sync

CVE-2019-11741: Isolate addons.mozilla.org and accounts.firefox.com

CVE-2019-11743: Cross-origin access to unload event attributes

CVE-2019-11748: Persistence of WebRTC permissions in a third party context

CVE-2019-11749: Camera information available without prompting using getUserMedia

CVE-2019-5849: Out-of-bounds read in Skia

CVE-2019-11750: Type confusion in Spidermonkey

CVE-2019-11737: Content security policy directives ignore port and path if host is a wildcard

CVE-2019-11738: Content security policy bypass through hash-based sources in directives

CVE-2019-11747: 'Forget about this site' removes sites from pre-loaded HSTS list

CVE-2019-11734: Memory safety bugs fixed in Firefox 69

CVE-2019-11735: Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1

CVE-2019-11740: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9

ID	Name	Product	Family	Severity
129772	SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2019:2620-1)	Nessus	SuSE Local Security Checks	high
129665	openSUSE Security Update : MozillaFirefox (openSUSE-2019-2260)	Nessus	SuSE Local Security Checks	high
129664	openSUSE Security Update : MozillaFirefox (openSUSE-2019-2251)	Nessus	SuSE Local Security Checks	high
129583	SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2019:2545-1)	Nessus	SuSE Local Security Checks	high
128528	Mozilla Firefox ESR < 68.1	Nessus	Windows	high
128527	Mozilla Firefox ESR < 68.1	Nessus	MacOS X Local Security Checks	high
128525	Mozilla Firefox < 69.0	Nessus	Windows	high
128524	Mozilla Firefox < 69.0	Nessus	MacOS X Local Security Checks	high
128491	FreeBSD : mozilla -- multiple vulnerabilities (05463e0a-abd3-4fa4-bd5f-cd5ed132d4c6)	Nessus	FreeBSD Local Security Checks	high

CVE-2019-11751

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins