SUSE-SU-2024:0229-1 -- SLES MozillaFirefoxID: oval:org.secpod.oval:def:89051407 | Date: (C)2024-04-26 (M)2024-04-26 |
Class: PATCH | Family: unix |
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.7.0 ESR : * CVE-2024-0741: Out of bounds write in ANGLE * CVE-2024-0742: Failure to update user input timestamp * CVE-2024-0746: Crash when listing printers on Linux * CVE-2024-0747: Bypass of Content Security Policy when directive unsafe- inline was set * CVE-2024-0749: Phishing site popup could show local origin in address bar * CVE-2024-0750: Potential permissions request bypass via clickjacking * CVE-2024-0751: Privilege escalation through devtools * CVE-2024-0753: HSTS policy on subdomain could bypass policy of upper domain * CVE-2024-0755: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Desktop 15 SP5 |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |