ESB-2018.2730 - [RedHat] firefox: Multiple vulnerabilities 2018-09-13

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.2730
                     Critical: firefox security update
                             13 September 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           firefox
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux WS/Desktop 6
                   Red Hat Enterprise Linux Server 6
                   Red Hat Enterprise Linux WS/Desktop 7
                   Red Hat Enterprise Linux Server 7
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Reduced Security                -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-12379 CVE-2018-12378 CVE-2018-12377
                   CVE-2018-12376 CVE-2017-16541 

Reference:         ASB-2018.0207
                   ASB-2018.0206
                   ESB-2018.2692
                   ESB-2018.2660

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2018:2693
   https://access.redhat.com/errata/RHSA-2018:2692

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: firefox security update
Advisory ID:       RHSA-2018:2693-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:2693
Issue date:        2018-09-12
CVE Names:         CVE-2017-16541 CVE-2018-12376 CVE-2018-12377 
                   CVE-2018-12378 CVE-2018-12379 
=====================================================================

1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance, and portability.

This update upgrades Firefox to version 60.2.0 ESR.

Security Fix(es):

* Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
(CVE-2018-12376)

* Mozilla: Use-after-free in driver timers (CVE-2018-12377)

* Mozilla: Use-after-free in IndexedDB (CVE-2018-12378)

* Mozilla: Proxy bypass using automount and autofs (CVE-2017-16541)

* Mozilla: Out-of-bounds write with malicious MAR file (CVE-2018-12379)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Alex Gaynor, Boris Zbarsky, Christoph Diehl,
Christian Holler, Jason Kratzer, Jed Davis, Tyson Smith, Bogdan Tara, Karl
Tomlinson, Mats Palmgren, Nika Layzell, Ted Campbell, Nils, Zhanjia Song,
and Holger Fuhrmannek as the original reporters.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1510816 - CVE-2017-16541 Mozilla: Proxy bypass using automount and autofs
1625525 - CVE-2018-12376 Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
1625526 - CVE-2018-12377 Mozilla: Use-after-free in driver timers
1625527 - CVE-2018-12378 Mozilla: Use-after-free in IndexedDB
1625528 - CVE-2018-12379 Mozilla: Out-of-bounds write with malicious MAR file

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
firefox-60.2.0-1.el6.src.rpm

i386:
firefox-60.2.0-1.el6.i686.rpm
firefox-debuginfo-60.2.0-1.el6.i686.rpm

x86_64:
firefox-60.2.0-1.el6.x86_64.rpm
firefox-debuginfo-60.2.0-1.el6.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

x86_64:
firefox-60.2.0-1.el6.i686.rpm
firefox-debuginfo-60.2.0-1.el6.i686.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

Source:
firefox-60.2.0-1.el6.src.rpm

x86_64:
firefox-60.2.0-1.el6.i686.rpm
firefox-60.2.0-1.el6.x86_64.rpm
firefox-debuginfo-60.2.0-1.el6.i686.rpm
firefox-debuginfo-60.2.0-1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
firefox-60.2.0-1.el6.src.rpm

i386:
firefox-60.2.0-1.el6.i686.rpm
firefox-debuginfo-60.2.0-1.el6.i686.rpm

ppc64:
firefox-60.2.0-1.el6.ppc64.rpm
firefox-debuginfo-60.2.0-1.el6.ppc64.rpm

s390x:
firefox-60.2.0-1.el6.s390x.rpm
firefox-debuginfo-60.2.0-1.el6.s390x.rpm

x86_64:
firefox-60.2.0-1.el6.x86_64.rpm
firefox-debuginfo-60.2.0-1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

x86_64:
firefox-60.2.0-1.el6.i686.rpm
firefox-debuginfo-60.2.0-1.el6.i686.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
firefox-60.2.0-1.el6.src.rpm

i386:
firefox-60.2.0-1.el6.i686.rpm
firefox-debuginfo-60.2.0-1.el6.i686.rpm

x86_64:
firefox-60.2.0-1.el6.x86_64.rpm
firefox-debuginfo-60.2.0-1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

x86_64:
firefox-60.2.0-1.el6.i686.rpm
firefox-debuginfo-60.2.0-1.el6.i686.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-16541
https://access.redhat.com/security/cve/CVE-2018-12376
https://access.redhat.com/security/cve/CVE-2018-12377
https://access.redhat.com/security/cve/CVE-2018-12378
https://access.redhat.com/security/cve/CVE-2018-12379
https://access.redhat.com/security/updates/classification/#critical
https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBW5jxP9zjgjWX9erEAQjZfA//ZEMF3oLXFor4/Q4IOhH6owSADJ/QBfrq
vLg5330DNTpS2DqT3QD3BefGmoydHd8w5+HRIDO9jx5xEXv+ycqOF+x26vtd62Rs
BSZzR1Tphy0b8LnBhQNZd0PlQeH1llNTV91T6RBhjnYSily9KbZkcT5CeI/seCg4
kLpINCT7DRNXYS7/UnuXtxzXzBBNJfA8OfUhMDzZYTqwUg27YoxNCM41tswcLxaQ
BNbJiMQJaGSBWVHfh6e/k2e6ysZc74Bum0gR6YMilehpZLXQEWPo6yekfoRhI9jm
AU2uBdzc8PjnBdf54NNHEuLRt7UCqFFfmoWg5QPpbYJkPuBlad9rEdOw7hSGH8f/
XCpGaSGV9R1VaC3zSe3IQk5VfzHezBcXHhF+rOlM5GYOXKRO2rhqNzByk4fySiRv
v9xevzMGkmq3xRHqvx/go7fBC1jg2YDEu0E4OnwZ6YVR4k5IzkAow63K+xZgAjFv
EicwvDVNuG6O8pMz+oFXLtd3tCG6OO9fRnIkAZvMmOvUMlLcTZ6fQj1+VVAmHYxe
W3aU4qI31IkwS1Jzy32Az121HdaHM7RJ6F4phLlvdyHEof5+mAtCl/s+1o/a9N9O
9KeB97xDmnxx3QBrZxe5b8dGGZGYbWy2JTu6K23IZZcm1phiLb3O2qH3RVWlPDYu
swY4Oac198E=
=8U+K
- -----END PGP SIGNATURE-----


- ---


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Critical: firefox security update
Advisory ID:       RHSA-2018:2692-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2018:2692
Issue date:        2018-09-12
CVE Names:         CVE-2017-16541 CVE-2018-12376 CVE-2018-12377 
                   CVE-2018-12378 CVE-2018-12379 
=====================================================================

1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance, and portability.

This update upgrades Firefox to version 60.2.0 ESR.

Security Fix(es):

* Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
(CVE-2018-12376)

* Mozilla: Use-after-free in driver timers (CVE-2018-12377)

* Mozilla: Use-after-free in IndexedDB (CVE-2018-12378)

* Mozilla: Proxy bypass using automount and autofs (CVE-2017-16541)

* Mozilla: Out-of-bounds write with malicious MAR file (CVE-2018-12379)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Alex Gaynor, Boris Zbarsky, Christoph Diehl,
Christian Holler, Jason Kratzer, Jed Davis, Tyson Smith, Bogdan Tara, Karl
Tomlinson, Mats Palmgren, Nika Layzell, Ted Campbell, Nils, Zhanjia Song,
and Holger Fuhrmannek as the original reporters.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1510816 - CVE-2017-16541 Mozilla: Proxy bypass using automount and autofs
1625525 - CVE-2018-12376 Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
1625526 - CVE-2018-12377 Mozilla: Use-after-free in driver timers
1625527 - CVE-2018-12378 Mozilla: Use-after-free in IndexedDB
1625528 - CVE-2018-12379 Mozilla: Out-of-bounds write with malicious MAR file

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
firefox-60.2.0-1.el7_5.src.rpm

x86_64:
firefox-60.2.0-1.el7_5.x86_64.rpm
firefox-debuginfo-60.2.0-1.el7_5.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
firefox-60.2.0-1.el7_5.i686.rpm
firefox-debuginfo-60.2.0-1.el7_5.i686.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
firefox-60.2.0-1.el7_5.src.rpm

ppc64:
firefox-60.2.0-1.el7_5.ppc64.rpm
firefox-debuginfo-60.2.0-1.el7_5.ppc64.rpm

ppc64le:
firefox-60.2.0-1.el7_5.ppc64le.rpm
firefox-debuginfo-60.2.0-1.el7_5.ppc64le.rpm

s390x:
firefox-60.2.0-1.el7_5.s390x.rpm
firefox-debuginfo-60.2.0-1.el7_5.s390x.rpm

x86_64:
firefox-60.2.0-1.el7_5.x86_64.rpm
firefox-debuginfo-60.2.0-1.el7_5.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

Source:
firefox-60.2.0-1.el7_5.src.rpm

aarch64:
firefox-60.2.0-1.el7_5.aarch64.rpm
firefox-debuginfo-60.2.0-1.el7_5.aarch64.rpm

ppc64le:
firefox-60.2.0-1.el7_5.ppc64le.rpm
firefox-debuginfo-60.2.0-1.el7_5.ppc64le.rpm

s390x:
firefox-60.2.0-1.el7_5.s390x.rpm
firefox-debuginfo-60.2.0-1.el7_5.s390x.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

x86_64:
firefox-60.2.0-1.el7_5.i686.rpm
firefox-debuginfo-60.2.0-1.el7_5.i686.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
firefox-60.2.0-1.el7_5.src.rpm

x86_64:
firefox-60.2.0-1.el7_5.x86_64.rpm
firefox-debuginfo-60.2.0-1.el7_5.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
firefox-60.2.0-1.el7_5.i686.rpm
firefox-debuginfo-60.2.0-1.el7_5.i686.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-16541
https://access.redhat.com/security/cve/CVE-2018-12376
https://access.redhat.com/security/cve/CVE-2018-12377
https://access.redhat.com/security/cve/CVE-2018-12378
https://access.redhat.com/security/cve/CVE-2018-12379
https://access.redhat.com/security/updates/classification/#critical
https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBW5jwxtzjgjWX9erEAQi5pg/8CUOa1LMOqXcBYIm2TNOelKnjLPLmQR8H
l3wmULXBuNrxwDabDB4HifxD1+nbZuKrRG08ynEGuEaNN7r9rggu8Al6XFzRmJng
QuPMpP8moBCtlryFgTPk9LnuvNJyZrUiBLDye/s1DS4QoOeXZh4Udx13kX4SsKqE
QNHr+4GRGZoEZNtnL+lcEF+0uwUN1K1JJlR9UO080ayzhDBScY8fWZ/2t5L5Dt0N
N0f7hvkus5MgwTSW9Mq/FwoK4g2r/Le86RRlP+dM+mZ11c/h/U0UbP06+JE21Fcm
KO9lyqyqond0OSz03AEwzAxnaxqLVjdlWFWgvKihU3jwIeiMZ8f7SY/4NE0f3Wld
eRIj2g5TozOATE2BWhBK847D9hrV7R3FvkgpLppn6SCo55vA5qv/wkV6r8HfubYJ
CB3uMjCAH0G8rx70rhMOEf8V+UM1okUyr0orwACc1NLYTOTA/hLyhyqHcPVJXs1H
2HjGtVPBAnniC74k8+rERlTPjUfWmSd+BaoDiSHuW0mp6m/fUME8S1ssYkMsRnkh
pOyyPR5KnvXPyIN2vjnYQZIi1RMVdIdsJxFbLl2CDHLKt3/VuiFhe3NrzsegDR2m
ZpAg9KO/Y5DzENHDcB5JR1A0yB07busndsfg2uqdQfwzWLPaUA6qkC0R/CfyMohv
ah6p15D/4n8=
=IhMZ
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW5nvzGaOgq3Tt24GAQhJSA/9Hi1e+y6TBY6cNsMIlE816IjkTQN6lbLN
TbCRTqcieNKYzSqmtDsvg0Fodqnfn0mJqsDrDQXaWx1vWNxjczTUD3MYeQ5Tw5dR
UujrmfG/1mMF6D1ARdXmEcwYruW/RHwT16msnDEjCggRnSc+IxGwUDgwlS9jGxaF
z8jE9stxZnZhEsvtUA4oYpRMLFkITARrh1zGOgCqavzfkCCxmLMP4kvruDq09uer
1Z2ScLPYPlLqQvRchwxgoTJLkHh9z3NbAG1CwNcw1/sOmUJEU17D3ovBWptlLqv1
ALnxmkKDIZBewmprb1toK351GuRBO4Xpkc8D6yAs+DiKM8PNiFZECMRSAEkzZjBN
/DGKqK4spzKewXPgQTYtP2Q1KFrJ9Df6lzKjdhqqKS9fgITgbX7wh1k1zZmAqjBS
04gcwFJDI8V/0sjwkv0ESzUXz7QPccxgp4eVvwfVRjajX88a7orPYWLIIu+WX8Zd
EsVkoSSpyDV+skT4p0cf0GDul3e6Ih6oErxw6O89Sp5V2orBR2mir/BkMwl92IQu
f0+r2IKJGvXYsd0Beg9EUCNQnsOyeBvoUWHnf196xBLK2E9m4Em8C+AVu887q1w7
7OXTnJijVnwCokyDPKzYy00MNCkkRaKAnaBhOPFKAsDO+Cch/7p56lMY5YKaTk/+
CtbfQG49RDc=
=qyak
-----END PGP SIGNATURE-----

« Back to bulletins