SUSE SLES11 Security Update : MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (SUSE-SU-2017:2235-1)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote SUSE host is missing one or more security updates.

Description :

This update for MozillaFirefox and mozilla-nss fixes the following
issues: Security issues fixed :

- Fixes in Firefox ESR 52.2 (bsc#1043960,MFSA 2017-16)

- CVE-2017-7758: Out-of-bounds read in Opus encoder

- CVE-2017-7749: Use-after-free during docshell reloading

- CVE-2017-7751: Use-after-free with content viewer
listeners

- CVE-2017-5472: Use-after-free using destroyed node when
regenerating trees

- CVE-2017-5470: Memory safety bugs fixed in Firefox 54
and Firefox ESR 52.2

- CVE-2017-7752: Use-after-free with IME input

- CVE-2017-7750: Use-after-free with track elements

- CVE-2017-7768: 32 byte arbitrary file read through
Mozilla Maintenance Service

- CVE-2017-7778: Vulnerabilities in the Graphite 2 library

- CVE-2017-7754: Out-of-bounds read in WebGL with
ImageInfo object

- CVE-2017-7755: Privilege escalation through Firefox
Installer with same directory DLL files

- CVE-2017-7756: Use-after-free and use-after-scope
logging XHR header errors

- CVE-2017-7757: Use-after-free in IndexedDB

- CVE-2017-7761: File deletion and privilege escalation
through Mozilla Maintenance Service helper.exe
application

- CVE-2017-7763: Mac fonts render some unicode characters
as spaces

- CVE-2017-7765: Mark of the Web bypass when saving
executable files

- CVE-2017-7764: Domain spoofing with combination of
Canadian Syllabics and other unicode blocks

- update to Firefox ESR 52.1 (bsc#1035082,MFSA 2017-12)

- CVE-2016-10196: Vulnerabilities in Libevent library

- CVE-2017-5443: Out-of-bounds write during BinHex
decoding

- CVE-2017-5429: Memory safety bugs fixed in Firefox 53,
Firefox ESR 45.9, and Firefox ESR 52.1

- CVE-2017-5464: Memory corruption with accessibility and
DOM manipulation

- CVE-2017-5465: Out-of-bounds read in ConvolvePixel

- CVE-2017-5466: Origin confusion when reloading isolated
data:text/html URL

- CVE-2017-5467: Memory corruption when drawing Skia
content

- CVE-2017-5460: Use-after-free in frame selection

- CVE-2017-5461: Out-of-bounds write in Base64 encoding in
NSS

- CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor

- CVE-2017-5449: Crash during bidirectional unicode
manipulation with animation

- CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA
frames are sent with incorrect data

- CVE-2017-5447: Out-of-bounds read during glyph
processing

- CVE-2017-5444: Buffer overflow while parsing
application/http-index-format content

- CVE-2017-5445: Uninitialized values used while parsing
application/http- index-format content

- CVE-2017-5442: Use-after-free during style changes

- CVE-2017-5469: Potential Buffer overflow in
flex-generated code

- CVE-2017-5440: Use-after-free in txExecutionState
destructor during XSLT processing

- CVE-2017-5441: Use-after-free with selection during
scroll events

- CVE-2017-5439: Use-after-free in nsTArray Length()
during XSLT processing

- CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT
processing

- CVE-2017-5436: Out-of-bounds write with malicious font
in Graphite 2

- CVE-2017-5435: Use-after-free during transaction
processing in the editor

- CVE-2017-5434: Use-after-free during focus handling

- CVE-2017-5433: Use-after-free in SMIL animation
functions

- CVE-2017-5432: Use-after-free in text input selection

- CVE-2017-5430: Memory safety bugs fixed in Firefox 53
and Firefox ESR 52.1

- CVE-2017-5459: Buffer overflow in WebGL

- CVE-2017-5462: DRBG flaw in NSS

- CVE-2017-5455: Sandbox escape through internal feed
reader APIs

- CVE-2017-5454: Sandbox escape allowing file system read
access through file picker

- CVE-2017-5456: Sandbox escape allowing local file system
access

- CVE-2017-5451: Addressbar spoofing with onblur event

- General

- CVE-2015-5276: Fix for C++11 std::random_device short
reads (bsc#945842) Bugfixes :

- workaround for Firefox hangs (bsc#1031485, bsc#1025108)

- Update to gcc-5-branch head.

- Includes fixes for (bsc#966220), (bsc#962765),
(bsc#964468), (bsc#939460), (bsc#930496), (bsc#930392)
and (bsc#955382).

- Add fix to revert accidential libffi ABI breakage on
AARCH64. (bsc#968771)

- Build s390[x] with --with-tune=z9-109 --with-arch=z900
on SLE11 again. (bsc#954002)

- Fix libffi include install. (bsc#935510)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/1025108
https://bugzilla.suse.com/1031485
https://bugzilla.suse.com/1035082
https://bugzilla.suse.com/1043960
https://bugzilla.suse.com/930392
https://bugzilla.suse.com/930496
https://bugzilla.suse.com/935510
https://bugzilla.suse.com/939460
https://bugzilla.suse.com/945842
https://bugzilla.suse.com/953831
https://bugzilla.suse.com/954002
https://bugzilla.suse.com/955382
https://bugzilla.suse.com/962765
https://bugzilla.suse.com/964468
https://bugzilla.suse.com/966220
https://bugzilla.suse.com/968771
https://www.suse.com/security/cve/CVE-2015-5276.html
https://www.suse.com/security/cve/CVE-2016-10196.html
https://www.suse.com/security/cve/CVE-2017-5429.html
https://www.suse.com/security/cve/CVE-2017-5430.html
https://www.suse.com/security/cve/CVE-2017-5432.html
https://www.suse.com/security/cve/CVE-2017-5433.html
https://www.suse.com/security/cve/CVE-2017-5434.html
https://www.suse.com/security/cve/CVE-2017-5435.html
https://www.suse.com/security/cve/CVE-2017-5436.html
https://www.suse.com/security/cve/CVE-2017-5438.html
https://www.suse.com/security/cve/CVE-2017-5439.html
https://www.suse.com/security/cve/CVE-2017-5440.html
https://www.suse.com/security/cve/CVE-2017-5441.html
https://www.suse.com/security/cve/CVE-2017-5442.html
https://www.suse.com/security/cve/CVE-2017-5443.html
https://www.suse.com/security/cve/CVE-2017-5444.html
https://www.suse.com/security/cve/CVE-2017-5445.html
https://www.suse.com/security/cve/CVE-2017-5446.html
https://www.suse.com/security/cve/CVE-2017-5447.html
https://www.suse.com/security/cve/CVE-2017-5448.html
https://www.suse.com/security/cve/CVE-2017-5449.html
https://www.suse.com/security/cve/CVE-2017-5451.html
https://www.suse.com/security/cve/CVE-2017-5454.html
https://www.suse.com/security/cve/CVE-2017-5455.html
https://www.suse.com/security/cve/CVE-2017-5456.html
https://www.suse.com/security/cve/CVE-2017-5459.html
https://www.suse.com/security/cve/CVE-2017-5460.html
https://www.suse.com/security/cve/CVE-2017-5461.html
https://www.suse.com/security/cve/CVE-2017-5462.html
https://www.suse.com/security/cve/CVE-2017-5464.html
https://www.suse.com/security/cve/CVE-2017-5465.html
https://www.suse.com/security/cve/CVE-2017-5466.html
https://www.suse.com/security/cve/CVE-2017-5467.html
https://www.suse.com/security/cve/CVE-2017-5469.html
https://www.suse.com/security/cve/CVE-2017-5470.html
https://www.suse.com/security/cve/CVE-2017-5472.html
https://www.suse.com/security/cve/CVE-2017-7749.html
https://www.suse.com/security/cve/CVE-2017-7750.html
https://www.suse.com/security/cve/CVE-2017-7751.html
https://www.suse.com/security/cve/CVE-2017-7752.html
https://www.suse.com/security/cve/CVE-2017-7754.html
https://www.suse.com/security/cve/CVE-2017-7755.html
https://www.suse.com/security/cve/CVE-2017-7756.html
https://www.suse.com/security/cve/CVE-2017-7757.html
https://www.suse.com/security/cve/CVE-2017-7758.html
https://www.suse.com/security/cve/CVE-2017-7761.html
https://www.suse.com/security/cve/CVE-2017-7763.html
https://www.suse.com/security/cve/CVE-2017-7764.html
https://www.suse.com/security/cve/CVE-2017-7765.html
https://www.suse.com/security/cve/CVE-2017-7768.html
https://www.suse.com/security/cve/CVE-2017-7778.html
http://www.nessus.org/u?1976b0d7

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t
patch sdksp4-MozillaFirefox-13237=1

SUSE Linux Enterprise Server 11-SP4:zypper in -t patch
slessp4-MozillaFirefox-13237=1

SUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch
slessp3-MozillaFirefox-13237=1

SUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch
sleposp3-MozillaFirefox-13237=1

SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch
dbgsp4-MozillaFirefox-13237=1

SUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch
dbgsp3-MozillaFirefox-13237=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true