Security update for MozillaFirefox SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:2298-1 Final 1 1 2018-08-10T09:36:01Z current 2018-08-10T09:36:01Z 2018-08-10T09:36:01Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for MozillaFirefox This update for MozillaFirefox to the 52.9 ESR release fixes the following issues: These security issues were fixed: - Firefox ESR 52.9: - CVE-2018-5188 Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9 (bsc#1098998). - CVE-2018-12368 No warning when opening executable SettingContent-ms files (bsc#1098998). - CVE-2018-12366 Invalid data handling during QCMS transformations (bsc#1098998). - CVE-2018-12365 Compromised IPC child process can list local filenames (bsc#1098998). - CVE-2018-12364 CSRF attacks through 307 redirects and NPAPI plugins (bsc#1098998). - CVE-2018-12363 Use-after-free when appending DOM nodes (bsc#1098998). - CVE-2018-12362 Integer overflow in SSSE3 scaler (bsc#1098998). - CVE-2018-12360 Use-after-free when using focus() (bsc#1098998). - CVE-2018-5156 Media recorder segmentation fault when track type is changed during capture (bsc#1098998). - CVE-2018-12359 Buffer overflow using computed size of canvas element (bsc#1098998). - Firefox ESR 52.8: - CVE-2018-6126: Prevent heap buffer overflow in rasterizing paths in SVG with Skia (bsc#1096449). - CVE-2018-5183: Backport critical security fixes in Skia (bsc#1092548). - CVE-2018-5154: Use-after-free with SVG animations and clip paths (bsc#1092548). - CVE-2018-5155: Use-after-free with SVG animations and text paths (bsc#1092548). - CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files (bsc#1092548). - CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer (bsc#1092548). - CVE-2018-5159: Integer overflow and out-of-bounds write in Skia (bsc#1092548). - CVE-2018-5168: Lightweight themes can be installed without user interaction (bsc#1092548). - CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (bsc#1092548). - CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (bsc#1092548). These non-security issues were fixed: - Various stability and regression fixes - Performance improvements to the Safe Browsing service to avoid slowdowns while updating site classification data The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Module-Desktop-Applications-15-2018-1536 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ Link for SUSE-SU-2018:2298-1 https://lists.suse.com/pipermail/sle-security-updates/2018-August/004400.html E-Mail link for SUSE-SU-2018:2298-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1096449 SUSE Bug 1096449 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 https://www.suse.com/security/cve/CVE-2018-12359/ SUSE CVE CVE-2018-12359 page https://www.suse.com/security/cve/CVE-2018-12360/ SUSE CVE CVE-2018-12360 page https://www.suse.com/security/cve/CVE-2018-12362/ SUSE CVE CVE-2018-12362 page https://www.suse.com/security/cve/CVE-2018-12363/ SUSE CVE CVE-2018-12363 page https://www.suse.com/security/cve/CVE-2018-12364/ SUSE CVE CVE-2018-12364 page https://www.suse.com/security/cve/CVE-2018-12365/ SUSE CVE CVE-2018-12365 page https://www.suse.com/security/cve/CVE-2018-12366/ SUSE CVE CVE-2018-12366 page https://www.suse.com/security/cve/CVE-2018-12368/ SUSE CVE CVE-2018-12368 page https://www.suse.com/security/cve/CVE-2018-5150/ SUSE CVE CVE-2018-5150 page https://www.suse.com/security/cve/CVE-2018-5154/ SUSE CVE CVE-2018-5154 page https://www.suse.com/security/cve/CVE-2018-5155/ SUSE CVE CVE-2018-5155 page https://www.suse.com/security/cve/CVE-2018-5156/ SUSE CVE CVE-2018-5156 page https://www.suse.com/security/cve/CVE-2018-5157/ SUSE CVE CVE-2018-5157 page https://www.suse.com/security/cve/CVE-2018-5158/ SUSE CVE CVE-2018-5158 page https://www.suse.com/security/cve/CVE-2018-5159/ SUSE CVE CVE-2018-5159 page https://www.suse.com/security/cve/CVE-2018-5168/ SUSE CVE CVE-2018-5168 page https://www.suse.com/security/cve/CVE-2018-5178/ SUSE CVE CVE-2018-5178 page https://www.suse.com/security/cve/CVE-2018-5183/ SUSE CVE CVE-2018-5183 page https://www.suse.com/security/cve/CVE-2018-5188/ SUSE CVE CVE-2018-5188 page https://www.suse.com/security/cve/CVE-2018-6126/ SUSE CVE CVE-2018-6126 page SUSE Linux Enterprise Module for Desktop Applications 15 MozillaFirefox-52.9.0esr-3.7.12 MozillaFirefox-devel-52.9.0esr-3.7.12 MozillaFirefox-translations-common-52.9.0esr-3.7.12 MozillaFirefox-translations-other-52.9.0esr-3.7.12 MozillaFirefox-52.9.0esr-3.7.12 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 MozillaFirefox-devel-52.9.0esr-3.7.12 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 MozillaFirefox-translations-common-52.9.0esr-3.7.12 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 MozillaFirefox-translations-other-52.9.0esr-3.7.12 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-12359 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-12359.html CVE-2018-12359 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-12360 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-12360.html CVE-2018-12360 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-12362 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-12362.html CVE-2018-12362 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-12363 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-12363.html CVE-2018-12363 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-12364 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-12364.html CVE-2018-12364 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-12365 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-12365.html CVE-2018-12365 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-12366 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-12366.html CVE-2018-12366 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web." Without the warning, unsuspecting users unfamiliar with this new file type might run an unwanted executable. This also allows a WebExtension with the limited downloads.open permission to execute arbitrary code without user interaction on Windows 10 systems. *Note: this issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-12368 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-12368.html CVE-2018-12368 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. CVE-2018-5150 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5150.html CVE-2018-5150 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. CVE-2018-5154 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5154.html CVE-2018-5154 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. CVE-2018-5155 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5155.html CVE-2018-5155 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-5156 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5156.html CVE-2018-5156 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60. CVE-2018-5157 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5157.html CVE-2018-5157 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60. CVE-2018-5158 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5158.html CVE-2018-5158 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. CVE-2018-5159 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5159.html CVE-2018-5159 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. CVE-2018-5168 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5168.html CVE-2018-5168 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8. CVE-2018-5178 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5178.html CVE-2018-5178 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8. CVE-2018-5183 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5183.html CVE-2018-5183 https://bugzilla.suse.com/1092548 SUSE Bug 1092548 https://bugzilla.suse.com/1092611 SUSE Bug 1092611 https://bugzilla.suse.com/1093969 SUSE Bug 1093969 https://bugzilla.suse.com/1093970 SUSE Bug 1093970 https://bugzilla.suse.com/1093971 SUSE Bug 1093971 https://bugzilla.suse.com/1093972 SUSE Bug 1093972 https://bugzilla.suse.com/1093973 SUSE Bug 1093973 Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. CVE-2018-5188 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-5188.html CVE-2018-5188 https://bugzilla.suse.com/1098998 SUSE Bug 1098998 A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2018-6126 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-devel-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-common-52.9.0esr-3.7.12 SUSE Linux Enterprise Module for Desktop Applications 15:MozillaFirefox-translations-other-52.9.0esr-3.7.12 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182298-1/ https://www.suse.com/security/cve/CVE-2018-6126.html CVE-2018-6126 https://bugzilla.suse.com/1095163 SUSE Bug 1095163 https://bugzilla.suse.com/1096449 SUSE Bug 1096449