openSUSE Security Update : Mozilla Firefox (openSUSE-2018-452)
High Nessus Plugin ID 109720
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for Mozilla Firefox to 52.8.0 ESR fixes the following issues: Security issssue fixed: (bsc#1092548, MFSA 2018-12) :
- CVE-2018-5183: Backport critical security fixes in Skia
- CVE-2018-5154: Use-after-free with SVG animations and clip paths
- CVE-2018-5155: Use-after-free with SVG animations and text paths
- CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
- CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
- CVE-2018-5168: Lightweight themes can be installed without user interaction
- CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
- CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 The following non-security changes are included :
- Various stability and regression fixes
- Performance improvements to the Safe Browsing service to avoid slowdowns while updating site classification data
SolutionUpdate the affected Mozilla Firefox packages.