Bugzilla – Bug 1021824
VUL-0: CVE-2017-5373: MozillaFirefox: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7
Last modified: 2020-05-12 17:59:39 UTC
Security vulnerabilities fixed in Firefox ESR 45.7, Firefox 51 https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/ https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/ Discovered by: Mozilla developers and community Mozilla developers and community members Christian Holler, Gary Kwong, André Bargull, Jan de Mooij, Tom Schuster, and Oriol reported memory safety bugs present in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. https://bugzilla.mozilla.org/buglist.cgi?bug_id=1322315%2C1328834%2C1322420%2C1285833%2C1285960%2C1328251%2C1331058%2C1325938%2C1325877
Firefox on SLE and openSUSE, cc openSUSE maintainer
This is an autogenerated message for OBS integration: This bug (1021824) was mentioned in https://build.opensuse.org/request/show/452490 42.1+42.2+Backports:SLE-12 / MozillaThunderbird
This is an autogenerated message for OBS integration: This bug (1021824) was mentioned in https://build.opensuse.org/request/show/452598 Factory / MozillaThunderbird
This is an autogenerated message for OBS integration: This bug (1021824) was mentioned in https://build.opensuse.org/request/show/452961 42.1+42.2+Backports:SLE-12 / MozillaThunderbird
openSUSE-SU-2017:0354-1: An update that solves 8 vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1021814,1021817,1021818,1021819,1021820,1021821,1021822,1021824,1021991 CVE References: CVE-2017-5373,CVE-2017-5375,CVE-2017-5376,CVE-2017-5378,CVE-2017-5380,CVE-2017-5383,CVE-2017-5390,CVE-2017-5396 Sources used: SUSE Package Hub for SUSE Linux Enterprise 12 (src): MozillaThunderbird-45.7.0-23.1
openSUSE-SU-2017:0357-1: An update that solves 8 vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 1021814,1021817,1021818,1021819,1021820,1021821,1021822,1021824,1021991 CVE References: CVE-2017-5373,CVE-2017-5375,CVE-2017-5376,CVE-2017-5378,CVE-2017-5380,CVE-2017-5383,CVE-2017-5390,CVE-2017-5396 Sources used: openSUSE Leap 42.2 (src): MozillaThunderbird-45.7.0-34.1 openSUSE Leap 42.1 (src): MozillaThunderbird-45.7.0-34.1
openSUSE-SU-2017:0358-1: An update that fixes 24 vulnerabilities is now available. Category: security (important) Bug References: 1017174,1021814,1021817,1021818,1021819,1021820,1021821,1021822,1021823,1021824,1021826,1021827,1021828,1021830,1021831,1021832,1021833,1021835,1021837,1021839,1021840,1021841 CVE References: CVE-2017-5373,CVE-2017-5374,CVE-2017-5375,CVE-2017-5376,CVE-2017-5377,CVE-2017-5378,CVE-2017-5379,CVE-2017-5380,CVE-2017-5381,CVE-2017-5382,CVE-2017-5383,CVE-2017-5384,CVE-2017-5385,CVE-2017-5386,CVE-2017-5387,CVE-2017-5388,CVE-2017-5389,CVE-2017-5390,CVE-2017-5391,CVE-2017-5392,CVE-2017-5393,CVE-2017-5394,CVE-2017-5395,CVE-2017-5396 Sources used: openSUSE Leap 42.2 (src): MozillaFirefox-51.0.1-50.2 openSUSE Leap 42.1 (src): MozillaFirefox-51.0.1-50.2
SUSE-SU-2017:0426-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1021814,1021817,1021818,1021819,1021820,1021821,1021822,1021823,1021824,1021991 CVE References: CVE-2017-5373,CVE-2017-5375,CVE-2017-5376,CVE-2017-5378,CVE-2017-5380,CVE-2017-5383,CVE-2017-5386,CVE-2017-5390,CVE-2017-5396 Sources used: SUSE OpenStack Cloud 5 (src): MozillaFirefox-45.7.0esr-65.2 SUSE Manager Proxy 2.1 (src): MozillaFirefox-45.7.0esr-65.2 SUSE Manager 2.1 (src): MozillaFirefox-45.7.0esr-65.2 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): MozillaFirefox-45.7.0esr-65.2 SUSE Linux Enterprise Server 11-SP4 (src): MozillaFirefox-45.7.0esr-65.2 SUSE Linux Enterprise Server 11-SP3-LTSS (src): MozillaFirefox-45.7.0esr-65.2 SUSE Linux Enterprise Point of Sale 11-SP3 (src): MozillaFirefox-45.7.0esr-65.2 SUSE Linux Enterprise Debuginfo 11-SP4 (src): MozillaFirefox-45.7.0esr-65.2 SUSE Linux Enterprise Debuginfo 11-SP3 (src): MozillaFirefox-45.7.0esr-65.2
SUSE-SU-2017:0427-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1021814,1021817,1021818,1021819,1021820,1021821,1021822,1021823,1021824,1021991 CVE References: CVE-2017-5373,CVE-2017-5375,CVE-2017-5376,CVE-2017-5378,CVE-2017-5380,CVE-2017-5383,CVE-2017-5386,CVE-2017-5390,CVE-2017-5396 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP2 (src): MozillaFirefox-45.7.0esr-99.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): MozillaFirefox-45.7.0esr-99.1 SUSE Linux Enterprise Server for SAP 12 (src): MozillaFirefox-45.7.0esr-99.1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src): MozillaFirefox-45.7.0esr-99.1 SUSE Linux Enterprise Server 12-SP2 (src): MozillaFirefox-45.7.0esr-99.1 SUSE Linux Enterprise Server 12-SP1 (src): MozillaFirefox-45.7.0esr-99.1 SUSE Linux Enterprise Server 12-LTSS (src): MozillaFirefox-45.7.0esr-99.1 SUSE Linux Enterprise Desktop 12-SP2 (src): MozillaFirefox-45.7.0esr-99.1 SUSE Linux Enterprise Desktop 12-SP1 (src): MozillaFirefox-45.7.0esr-99.1
released