SUSE-SU-2015:1703-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2015/suse-su-20151703-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1703-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:1703-1
Related
  • CVE-2015-4500
  • CVE-2015-4501
  • CVE-2015-4506
  • CVE-2015-4509
  • CVE-2015-4511
  • CVE-2015-4517
  • CVE-2015-4519
  • CVE-2015-4520
  • CVE-2015-4521
  • CVE-2015-4522
  • CVE-2015-7174
  • CVE-2015-7175
  • CVE-2015-7176
  • CVE-2015-7177
  • CVE-2015-7180
Published
2015-10-05T17:04:52Z
Modified
2015-10-05T17:04:52Z
Summary
Security update for MozillaFirefox
Details

Mozilla Firefox was updated to version 38.3.0 ESR (bsc#947003), fixing bugs and security issues.

  • MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
  • MFSA 2015-101/CVE-2015-4506 Buffer overflow in libvpx while parsing vp9 format video
  • MFSA 2015-105/CVE-2015-4511 Buffer overflow while decoding WebM video
  • MFSA 2015-106/CVE-2015-4509 Use-after-free while manipulating HTML media content
  • MFSA 2015-110/CVE-2015-4519 Dragging and dropping images exposes final URL after redirects
  • MFSA 2015-111/CVE-2015-4520 Errors in the handling of CORS preflight request headers
  • MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522 CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177 CVE-2015-7180 Vulnerabilities found through code inspection

More details can be found on https://www.mozilla.org/en-US/security/advisories/

References

Affected packages

SUSE:Linux Enterprise Software Development Kit 11 SP3 / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox-devel": "38.3.0esr-22.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 11 SP4 / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox-devel": "38.3.0esr-22.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 11 SP3 / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox": "38.3.0esr-22.1",
            "MozillaFirefox-translations": "38.3.0esr-22.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 11 SP4 / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox": "38.3.0esr-22.1",
            "MozillaFirefox-translations": "38.3.0esr-22.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3 / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox": "38.3.0esr-22.1",
            "MozillaFirefox-translations": "38.3.0esr-22.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-TERADATA / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox": "38.3.0esr-22.1",
            "MozillaFirefox-translations": "38.3.0esr-22.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 11 SP3 / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox": "38.3.0esr-22.1",
            "MozillaFirefox-translations": "38.3.0esr-22.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4 / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox": "38.3.0esr-22.1",
            "MozillaFirefox-translations": "38.3.0esr-22.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 11 SP4 / MozillaFirefox

Package

Name
MozillaFirefox
Purl
pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
38.3.0esr-22.1

Ecosystem specific 

{
    "binaries": [
        {
            "MozillaFirefox": "38.3.0esr-22.1",
            "MozillaFirefox-translations": "38.3.0esr-22.1"
        }
    ]
}