Bugzilla – Bug 1215575
VUL-0: MozillaFirefox / MozillaThunderbird: update to 118 and 115.3esr
Last modified: 2024-01-24 15:29:53 UTC
Security Vulnerabilities fixed in Firefox 118 - CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1 - CVE-2023-5169: Out-of-bounds write in PathOps - CVE-2023-5170: Memory leak from a privileged process - CVE-2023-5171: Use-after-free in Ion Compiler - CVE-2023-5172: Memory Corruption in Ion Hints - CVE-2023-5173: Out-of-bounds write in HTTP Alternate Services - CVE-2023-5174: Double-free in process spawning on Windows - CVE-2023-5175: Use-after-free of ImageBitmap during process shutdown - CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://www.mozilla.org/en-US/security/advisories/mfsa2023-41/
Security Vulnerabilities fixed in Firefox ESR 115.3 - CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1 - CVE-2023-5169: Out-of-bounds write in PathOps - CVE-2023-5171: Use-after-free in Ion Compiler - CVE-2023-5174: Double-free in process spawning on Windows - CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://www.mozilla.org/en-US/security/advisories/mfsa2023-42/
Security Vulnerabilities fixed in Thunderbird 115.3 - CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1 - CVE-2023-5169: Out-of-bounds write in PathOps - CVE-2023-5171: Use-after-free in Ion Compiler - CVE-2023-5174: Double-free in process spawning on Windows - CVE-2023-5176: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 https://www.mozilla.org/en-US/security/advisories/mfsa2023-43/
This is an autogenerated message for OBS integration: This bug (1215575) was mentioned in https://build.opensuse.org/request/show/1113844 Factory / MozillaThunderbird
SUSE-SU-2023:3837-1: An update that solves five vulnerabilities can now be installed. Category: security (important) Bug References: 1215309, 1215575 CVE References: CVE-2023-5168, CVE-2023-5169, CVE-2023-5171, CVE-2023-5174, CVE-2023-5176 Sources used: SUSE Linux Enterprise Software Development Kit 12 SP5 (src): MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server 12 SP5 (src): MozillaFirefox-115.3.0-112.182.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): MozillaFirefox-115.3.0-112.182.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
This is an autogenerated message for OBS integration: This bug (1215575) was mentioned in https://build.opensuse.org/request/show/1114282 Factory / MozillaFirefox
SUSE-SU-2023:3899-1: An update that solves five vulnerabilities can now be installed. Category: security (important) Bug References: 1215309, 1215575 CVE References: CVE-2023-5168, CVE-2023-5169, CVE-2023-5171, CVE-2023-5174, CVE-2023-5176 Sources used: SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): MozillaFirefox-115.3.0-150000.150.107.1 SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): MozillaFirefox-115.3.0-150000.150.107.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): MozillaFirefox-115.3.0-150000.150.107.1 SUSE CaaS Platform 4.0 (src): MozillaFirefox-115.3.0-150000.150.107.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:3898-1: An update that solves five vulnerabilities can now be installed. Category: security (important) Bug References: 1215309, 1215575 CVE References: CVE-2023-5168, CVE-2023-5169, CVE-2023-5171, CVE-2023-5174, CVE-2023-5176 Sources used: openSUSE Leap 15.5 (src): MozillaFirefox-115.3.0-150200.152.108.1 Desktop Applications Module 15-SP4 (src): MozillaFirefox-115.3.0-150200.152.108.1 Desktop Applications Module 15-SP5 (src): MozillaFirefox-115.3.0-150200.152.108.1 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): MozillaFirefox-115.3.0-150200.152.108.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): MozillaFirefox-115.3.0-150200.152.108.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): MozillaFirefox-115.3.0-150200.152.108.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): MozillaFirefox-115.3.0-150200.152.108.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): MozillaFirefox-115.3.0-150200.152.108.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): MozillaFirefox-115.3.0-150200.152.108.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): MozillaFirefox-115.3.0-150200.152.108.1 SUSE Enterprise Storage 7.1 (src): MozillaFirefox-115.3.0-150200.152.108.1 openSUSE Leap 15.4 (src): MozillaFirefox-115.3.0-150200.152.108.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:4016-1: An update that solves six vulnerabilities can now be installed. Category: security (critical) Bug References: 1210168, 1215309, 1215575, 1215814 CVE References: CVE-2023-5168, CVE-2023-5169, CVE-2023-5171, CVE-2023-5174, CVE-2023-5176, CVE-2023-5217 Sources used: openSUSE Leap 15.4 (src): MozillaThunderbird-115.3.1-150200.8.133.1 openSUSE Leap 15.5 (src): MozillaThunderbird-115.3.1-150200.8.133.1 SUSE Package Hub 15 15-SP4 (src): MozillaThunderbird-115.3.1-150200.8.133.1 SUSE Package Hub 15 15-SP5 (src): MozillaThunderbird-115.3.1-150200.8.133.1 SUSE Linux Enterprise Workstation Extension 15 SP4 (src): MozillaThunderbird-115.3.1-150200.8.133.1 SUSE Linux Enterprise Workstation Extension 15 SP5 (src): MozillaThunderbird-115.3.1-150200.8.133.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done