[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2024:0607-1 -- SLES MozillaFirefox

ID: oval:org.secpod.oval:def:89051536Date: (C)2024-04-26   (M)2024-04-26
Class: PATCHFamily: unix




This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR : * CVE-2024-1546: Out-of-bounds memory read in networking channels * CVE-2024-1547: Alert dialog could have been spoofed on another site * CVE-2024-1548: Fullscreen Notification could have been hidden by select element * CVE-2024-1549: Custom cursor could obscure the permission dialog * CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants * CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie header in response parts * CVE-2024-1552: Incorrect code generation on 32-bit ARM devices * CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 * Recommend libfido2-udev on codestreams that exist, in order to try to get security keys work out of the box

Platform:
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
Product:
MozillaFirefox
Reference:
SUSE-SU-2024:0607-1
CVE-2024-1546
CVE-2024-1547
CVE-2024-1548
CVE-2024-1549
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553
CVE    8
CVE-2024-1550
CVE-2024-1551
CVE-2024-1552
CVE-2024-1553
...
CPE    5
cpe:/o:suse:suse_linux_enterprise_server:15:sp4
cpe:/o:suse:suse_linux_enterprise_server:15:sp3
cpe:/o:suse:suse_linux_enterprise_server:15:sp2
cpe:/a:mozilla:MozillaFirefox
...

© SecPod Technologies