Security update for MozillaFirefox, mozilla-nspr and mozilla-nss

Announcement ID:	SUSE-SU-2018:4235-1
Rating:	important
References:	bsc#1097410 bsc#1106873 bsc#1119069 bsc#1119105
Cross-References:	CVE-2018-0495 CVE-2018-12384 CVE-2018-12404 CVE-2018-12405 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498
CVSS scores:	CVE-2018-0495 ( SUSE ): 5.1 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2018-0495 ( NVD ): 4.7 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2018-12384 ( SUSE ): 4.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2018-12384 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2018-12404 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2018-12404 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2018-12405 ( SUSE ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-12405 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-17466 ( SUSE ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-17466 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-18492 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-18492 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-18493 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-18493 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-18494 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-18494 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2018-18498 ( SUSE ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-18498 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:	Basesystem Module 15 Desktop Applications Module 15 SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 15

An update that solves nine vulnerabilities can now be installed.

Description:

This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues:

Issues fixed in MozillaFirefox:

• Update to Firefox ESR 60.4 (bsc#1119105)
• CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11
• CVE-2018-18492: Fixed a use-after-free with select element
• CVE-2018-18493: Fixed a buffer overflow in accelerated 2D canvas with Skia
• CVE-2018-18494: Fixed a Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs
• CVE-2018-18498: Fixed a integer overflow when calculating buffer sizes for images
• CVE-2018-12405: Fixed a few memory safety bugs

Issues fixed in mozilla-nss:

• Update to NSS 3.40.1 (bsc#1119105)
• CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack (bsc#1119069)
• CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. (bsc#1106873)
• CVE-2018-0495: Fixed a memory-cache side-channel attack with ECDSA signatures (bsc#1097410)
• Fixed a decryption failure during FFDHE key exchange
• Various security fixes in the ASN.1 code

Issues fixed in mozilla-nspr:

• Update mozilla-nspr to 4.20 (bsc#1119105)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• Basesystem Module 15
  zypper in -t patch SUSE-SLE-Module-Basesystem-15-2018-3044=1
• Desktop Applications Module 15
  zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-3044=1

Package List:

• Basesystem Module 15 (aarch64 ppc64le s390x x86_64)
  • mozilla-nss-sysinit-3.40.1-3.7.2
  • mozilla-nspr-debuginfo-4.20-3.3.2
  • mozilla-nss-tools-debuginfo-3.40.1-3.7.2
  • mozilla-nss-debuginfo-3.40.1-3.7.2
  • mozilla-nss-certs-3.40.1-3.7.2
  • mozilla-nss-sysinit-debuginfo-3.40.1-3.7.2
  • mozilla-nss-3.40.1-3.7.2
  • mozilla-nspr-debugsource-4.20-3.3.2
  • libsoftokn3-3.40.1-3.7.2
  • mozilla-nspr-4.20-3.3.2
  • libfreebl3-debuginfo-3.40.1-3.7.2
  • libsoftokn3-debuginfo-3.40.1-3.7.2
  • mozilla-nss-certs-debuginfo-3.40.1-3.7.2
  • mozilla-nss-debugsource-3.40.1-3.7.2
  • mozilla-nss-devel-3.40.1-3.7.2
  • mozilla-nss-tools-3.40.1-3.7.2
  • libfreebl3-3.40.1-3.7.2
  • mozilla-nspr-devel-4.20-3.3.2
• Basesystem Module 15 (x86_64)
  • libsoftokn3-32bit-debuginfo-3.40.1-3.7.2
  • libfreebl3-32bit-debuginfo-3.40.1-3.7.2
  • libsoftokn3-32bit-3.40.1-3.7.2
  • mozilla-nss-certs-32bit-debuginfo-3.40.1-3.7.2
  • mozilla-nss-32bit-3.40.1-3.7.2
  • mozilla-nss-32bit-debuginfo-3.40.1-3.7.2
  • mozilla-nspr-32bit-4.20-3.3.2
  • mozilla-nspr-32bit-debuginfo-4.20-3.3.2
  • libfreebl3-32bit-3.40.1-3.7.2
  • mozilla-nss-certs-32bit-3.40.1-3.7.2
• Desktop Applications Module 15 (aarch64 ppc64le s390x x86_64)
  • MozillaFirefox-translations-common-60.4.0-3.21.1
  • MozillaFirefox-debuginfo-60.4.0-3.21.1
  • MozillaFirefox-devel-60.4.0-3.21.1
  • MozillaFirefox-translations-other-60.4.0-3.21.1
  • MozillaFirefox-60.4.0-3.21.1
  • MozillaFirefox-debugsource-60.4.0-3.21.1

References:

• https://www.suse.com/security/cve/CVE-2018-0495.html
• https://www.suse.com/security/cve/CVE-2018-12384.html
• https://www.suse.com/security/cve/CVE-2018-12404.html
• https://www.suse.com/security/cve/CVE-2018-12405.html
• https://www.suse.com/security/cve/CVE-2018-17466.html
• https://www.suse.com/security/cve/CVE-2018-18492.html
• https://www.suse.com/security/cve/CVE-2018-18493.html
• https://www.suse.com/security/cve/CVE-2018-18494.html
• https://www.suse.com/security/cve/CVE-2018-18498.html
• https://bugzilla.suse.com/show_bug.cgi?id=1097410
• https://bugzilla.suse.com/show_bug.cgi?id=1106873
• https://bugzilla.suse.com/show_bug.cgi?id=1119069
• https://bugzilla.suse.com/show_bug.cgi?id=1119105