This update for Mozilla Firefox to 52.8.0 ESR fixes the following issues:
Security issssue fixed: (bsc#1092548, MFSA 2018-12):
- CVE-2018-5183: Backport critical security fixes in Skia
- CVE-2018-5154: Use-after-free with SVG animations and clip paths
- CVE-2018-5155: Use-after-free with SVG animations and text paths
- CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF
files
- CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
- CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
- CVE-2018-5168: Lightweight themes can be installed without user
interaction
- CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
- CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR
52.8
The following non-security changes are included:
- Various stability and regression fixes
- Performance improvements to the Safe Browsing service to avoid slowdowns
while updating site classification data