SUSE SLES11 Security Update : MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (SUSE-SU-2017:2235-1)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote SUSE host is missing one or more security updates.

Description :

This update for MozillaFirefox and mozilla-nss fixes the following
issues: Security issues fixed :

- Fixes in Firefox ESR 52.2 (bsc#1043960,MFSA 2017-16)

- CVE-2017-7758: Out-of-bounds read in Opus encoder

- CVE-2017-7749: Use-after-free during docshell reloading

- CVE-2017-7751: Use-after-free with content viewer

- CVE-2017-5472: Use-after-free using destroyed node when
regenerating trees

- CVE-2017-5470: Memory safety bugs fixed in Firefox 54
and Firefox ESR 52.2

- CVE-2017-7752: Use-after-free with IME input

- CVE-2017-7750: Use-after-free with track elements

- CVE-2017-7768: 32 byte arbitrary file read through
Mozilla Maintenance Service

- CVE-2017-7778: Vulnerabilities in the Graphite 2 library

- CVE-2017-7754: Out-of-bounds read in WebGL with
ImageInfo object

- CVE-2017-7755: Privilege escalation through Firefox
Installer with same directory DLL files

- CVE-2017-7756: Use-after-free and use-after-scope
logging XHR header errors

- CVE-2017-7757: Use-after-free in IndexedDB

- CVE-2017-7761: File deletion and privilege escalation
through Mozilla Maintenance Service helper.exe

- CVE-2017-7763: Mac fonts render some unicode characters
as spaces

- CVE-2017-7765: Mark of the Web bypass when saving
executable files

- CVE-2017-7764: Domain spoofing with combination of
Canadian Syllabics and other unicode blocks

- update to Firefox ESR 52.1 (bsc#1035082,MFSA 2017-12)

- CVE-2016-10196: Vulnerabilities in Libevent library

- CVE-2017-5443: Out-of-bounds write during BinHex

- CVE-2017-5429: Memory safety bugs fixed in Firefox 53,
Firefox ESR 45.9, and Firefox ESR 52.1

- CVE-2017-5464: Memory corruption with accessibility and
DOM manipulation

- CVE-2017-5465: Out-of-bounds read in ConvolvePixel

- CVE-2017-5466: Origin confusion when reloading isolated
data:text/html URL

- CVE-2017-5467: Memory corruption when drawing Skia

- CVE-2017-5460: Use-after-free in frame selection

- CVE-2017-5461: Out-of-bounds write in Base64 encoding in

- CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor

- CVE-2017-5449: Crash during bidirectional unicode
manipulation with animation

- CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA
frames are sent with incorrect data

- CVE-2017-5447: Out-of-bounds read during glyph

- CVE-2017-5444: Buffer overflow while parsing
application/http-index-format content

- CVE-2017-5445: Uninitialized values used while parsing
application/http- index-format content

- CVE-2017-5442: Use-after-free during style changes

- CVE-2017-5469: Potential Buffer overflow in
flex-generated code

- CVE-2017-5440: Use-after-free in txExecutionState
destructor during XSLT processing

- CVE-2017-5441: Use-after-free with selection during
scroll events

- CVE-2017-5439: Use-after-free in nsTArray Length()
during XSLT processing

- CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT

- CVE-2017-5436: Out-of-bounds write with malicious font
in Graphite 2

- CVE-2017-5435: Use-after-free during transaction
processing in the editor

- CVE-2017-5434: Use-after-free during focus handling

- CVE-2017-5433: Use-after-free in SMIL animation

- CVE-2017-5432: Use-after-free in text input selection

- CVE-2017-5430: Memory safety bugs fixed in Firefox 53
and Firefox ESR 52.1

- CVE-2017-5459: Buffer overflow in WebGL

- CVE-2017-5462: DRBG flaw in NSS

- CVE-2017-5455: Sandbox escape through internal feed
reader APIs

- CVE-2017-5454: Sandbox escape allowing file system read
access through file picker

- CVE-2017-5456: Sandbox escape allowing local file system

- CVE-2017-5451: Addressbar spoofing with onblur event

- General

- CVE-2015-5276: Fix for C++11 std::random_device short
reads (bsc#945842) Bugfixes :

- workaround for Firefox hangs (bsc#1031485, bsc#1025108)

- Update to gcc-5-branch head.

- Includes fixes for (bsc#966220), (bsc#962765),
(bsc#964468), (bsc#939460), (bsc#930496), (bsc#930392)
and (bsc#955382).

- Add fix to revert accidential libffi ABI breakage on
AARCH64. (bsc#968771)

- Build s390[x] with --with-tune=z9-109 --with-arch=z900
on SLE11 again. (bsc#954002)

- Fix libffi include install. (bsc#935510)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t
patch sdksp4-MozillaFirefox-13237=1

SUSE Linux Enterprise Server 11-SP4:zypper in -t patch

SUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch

SUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch

SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch

SUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true