Lucene search

K
suseSuseOPENSUSE-SU-2019:1595-1
HistoryJun 24, 2019 - 12:00 a.m.

Security update for MozillaFirefox (important)

2019-06-2400:00:00
lists.opensuse.org
155

EPSS

0.025

Percentile

90.4%

An update that fixes one vulnerability is now available.

Description:

This update for MozillaFirefox fixes the following issues:

  • Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872)

  • CVE-2019-11708: Fix sandbox escape using Prompt:Open.

    • Insufficient vetting of parameters passed with the Prompt:Open IPC
      message between child and parent processes could result in the
      non-sandboxed parent process opening web content chosen by a
      compromised child process. When combined with additional
      vulnerabilities this could result in executing arbitrary code on the
      user’s computer.

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.1:

    zypper in -t patch openSUSE-2019-1595=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.1x86_64< - openSUSE Leap 15.1 (x86_64):- openSUSE Leap 15.1 (x86_64):.x86_64.rpm