ESB-2018.0260.2 - UPDATE [Ubuntu] firefox: Multiple vulnerabilities 2018-02-14

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2018.0260.2
                   Firefox vulnerabilities affect Ubuntu
                             14 February 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           firefox
Publisher:         Ubuntu
Operating System:  Ubuntu
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Access Privileged Data          -- Remote with User Interaction
                   Create Arbitrary Files          -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Provide Misleading Information  -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-5122 CVE-2018-5119 CVE-2018-5118
                   CVE-2018-5117 CVE-2018-5116 CVE-2018-5115
                   CVE-2018-5114 CVE-2018-5113 CVE-2018-5112
                   CVE-2018-5111 CVE-2018-5109 CVE-2018-5108
                   CVE-2018-5107 CVE-2018-5106 CVE-2018-5105
                   CVE-2018-5104 CVE-2018-5103 CVE-2018-5102
                   CVE-2018-5101 CVE-2018-5100 CVE-2018-5099
                   CVE-2018-5098 CVE-2018-5097 CVE-2018-5095
                   CVE-2018-5094 CVE-2018-5093 CVE-2018-5092
                   CVE-2018-5091 CVE-2018-5090 CVE-2018-5089

Reference:         ASB-2018.0036

Original Bulletin: 
   http://www.ubuntu.com/usn/usn-3544-1

Revision History:  February 14 2018: USN-3544-1 caused some regressions in 
                                     Firefox.
                   January  25 2018: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

==========================================================================
Ubuntu Security Notice USN-3544-2
February 12, 2018

firefox regressions
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- - Ubuntu 17.10
- - Ubuntu 16.04 LTS
- - Ubuntu 14.04 LTS

Summary:

USN-3544-1 caused some regressions in Firefox.

Software Description:
- - firefox: Mozilla Open Source web browser

Details:

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web
compatibility regression and a tab crash during printing in some
circumstances. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 Multiple security issues were discovered in Firefox. If a user were
 tricked in to opening a specially crafted website, an attacker could
 potentially exploit these to cause a denial of service via application
 crash, spoof the origin in audio capture prompts, trick the user in to
 providing HTTP credentials for another origin, spoof the addressbar
 contents, or execute arbitrary code. (CVE-2018-5089, CVE-2018-5090,
 CVE-2018-5091, CVE-2018-5092, CVE-2018-5093, CVE-2018-5094, CVE-2018-5095,
 CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5100, CVE-2018-5101,
 CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5109, CVE-2018-5114,
 CVE-2018-5115, CVE-2018-5117, CVE-2018-5122)
 
 Multiple security issues were discovered in WebExtensions. If a user were
 tricked in to installing a specially crafted extension, an attacker could
 potentially exploit these to gain additional privileges, bypass
 same-origin restrictions, or execute arbitrary code. (CVE-2018-5105,
 CVE-2018-5113, CVE-2018-5116)
 
 A security issue was discovered with the developer tools. If a user were
 tricked in to opening a specially crafted website with the developer tools
 open, an attacker could potentially exploit this to obtain sensitive
 information from other origins. (CVE-2018-5106)
 
 A security issue was discovered with printing. An attacker could
 potentially exploit this to obtain sensitive information from local files.
 (CVE-2018-5107)
 
 It was discovered that manually entered blob URLs could be accessed by
 subsequent private browsing tabs. If a user were tricked in to entering
 a blob URL, an attacker could potentially exploit this to obtain sensitive
 information from a private browsing context. (CVE-2018-5108)
 
 It was discovered that dragging certain specially formatted URLs to the
 addressbar could cause the wrong URL to be displayed. If a user were
 tricked in to opening a specially crafted website and dragging a URL to
 the addressbar, an attacker could potentially exploit this to spoof the
 addressbar contents. (CVE-2018-5111)
 
 It was discovered that WebExtension developer tools panels could open
 non-relative URLs. If a user were tricked in to installing a specially
 crafted extension and running the developer tools, an attacker could
 potentially exploit this to gain additional privileges. (CVE-2018-5112)
 
 It was discovered that ActivityStream images can attempt to load local
 content through file: URLs. If a user were tricked in to opening a
 specially crafted website, an attacker could potentially exploit this in
 combination with another vulnerability that allowed sandbox protections to
 be bypassed, in order to obtain sensitive information from local files.
 (CVE-2018-5118)
 
 It was discovered that the reader view will load cross-origin content in
 violation of CORS headers. An attacker could exploit this to bypass CORS
 restrictions. (CVE-2018-5119)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
  firefox                         58.0.2+build1-0ubuntu0.17.10.1

Ubuntu 16.04 LTS:
  firefox                         58.0.2+build1-0ubuntu0.16.04.1

Ubuntu 14.04 LTS:
  firefox                         58.0.2+build1-0ubuntu0.14.04.1

After a standard system update you need to restart Firefox to make
all the necessary changes.

References:
  https://www.ubuntu.com/usn/usn-3544-2
  https://www.ubuntu.com/usn/usn-3544-1
  https://launchpad.net/bugs/1749025

Package Information:
  https://launchpad.net/ubuntu/+source/firefox/58.0.2+build1-0ubuntu0.17.10.1
  https://launchpad.net/ubuntu/+source/firefox/58.0.2+build1-0ubuntu0.16.04.1
  https://launchpad.net/ubuntu/+source/firefox/58.0.2+build1-0ubuntu0.14.04.1

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWoPAhox+lLeg9Ub1AQiNdg/9H65Qj9wqqMd1XLOF9UR0cKe9rxUCSCGQ
XS5D7tfVpl0L5Be26/Zh4qpEVVSnauqBzx7XMFxBXUYLJcJCgqFdRSrrC6KGjIwS
6TV0fgtW8IGJutOOHQpK15p83vkN0VCow1RFh/6XX7oWBeSvr1LpMoKwE9AQ9yLP
rlmxAL/k7+xMJWW7l9zLm137ccfZK4e8kXWK/CUmjKiObx0++EYQdMGlg8ZB/y+Y
qaq8vbhBc3g051JiTaZ005aRYj19RpcBjC+4mDjkUUvedbn48vgLzH2RaXAceDfR
H2U4KxC3uVe52vvcVvlcRs02dcae2FUX/dqHlB1HroJAw3H9EPnyooBWFUyrbNnd
+5vvfKSUkHWCmmv91/Sm8NVJQyJ8uYTqCOu2G0sxXAGAg9B/jtFHCYXH0Bo7+c2R
N+YecbNUJsVAXDJEAPUgl9e1i4PYEP+6GFy9HpMObEvG5OtDKIBIDTM1ma7dd75t
qGMb30jn0eebkbqpEIdCHM5724KdnawlOaDDsQ9ylm/RVqC47r9mOnuwQIr0VNwX
6Erf+ePsKgjY5De6cDhiquqkD8gbOy/DTwLG+SmRTQBMM2AvRRLllpTckAiJQjGb
p/wI0kby3ClUf3rJMQ6VCE2H+KbkHF6yS75GqJ3T9ZeSLCH06+VtzLx4mnhtDp1K
uYru1XoXoTA=
=fMay
-----END PGP SIGNATURE-----

« Back to bulletins