[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2024:0580-1 -- SLES MozillaFirefox

ID: oval:org.secpod.oval:def:89051523Date: (C)2024-04-26   (M)2024-04-26
Class: PATCHFamily: unix




This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR : * CVE-2024-1546: Out-of-bounds memory read in networking channels * CVE-2024-1547: Alert dialog could have been spoofed on another site * CVE-2024-1548: Fullscreen Notification could have been hidden by select element * CVE-2024-1549: Custom cursor could obscure the permission dialog * CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants * CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie header in response parts * CVE-2024-1552: Incorrect code generation on 32-bit ARM devices * CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 * Recommend libfido2-udev on codestreams that exist, in order to try to get security keys work out of the box

Platform:
SUSE Linux Enterprise Server 12 SP5
Product:
MozillaFirefox
Reference:
SUSE-SU-2024:0580-1
CVE-2024-1546
CVE-2024-1547
CVE-2024-1548
CVE-2024-1549
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553
CVE    8
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553
...
CPE    2
cpe:/o:suse:suse_linux_enterprise_server:12:sp5
cpe:/a:mozilla:MozillaFirefox

© SecPod Technologies