Upstream information

CVE-2017-5459 at MITRE

Description

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

SUSE information

CVSS v2 Scores
  SUSE
Base Score 6.82
Vector AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entries: 1035082 [NEW], 1035209 [RESOLVED / INVALID]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12 SP1
  • MozillaFirefox >= 45.9.0esr-105.1
  • MozillaFirefox-translations >= 45.9.0esr-105.1
  • java-1_8_0-openjdk >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-headless >= 1.8.0.121-23.4
  • libfreebl3 >= 3.29.5-57.1
  • libfreebl3-32bit >= 3.29.5-57.1
  • libsoftokn3 >= 3.29.5-57.1
  • libsoftokn3-32bit >= 3.29.5-57.1
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nspr-32bit >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-32bit >= 3.29.5-57.1
  • mozilla-nss-certs >= 3.29.5-57.1
  • mozilla-nss-certs-32bit >= 3.29.5-57.1
  • mozilla-nss-sysinit >= 3.29.5-57.1
  • mozilla-nss-sysinit-32bit >= 3.29.5-57.1
  • mozilla-nss-tools >= 3.29.5-57.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP1-2017-748
SUSE Linux Enterprise Desktop 12 SP2
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-branding-SLE >= 52-31.1
  • MozillaFirefox-translations >= 52.2.0esr-108.3
  • java-1_8_0-openjdk >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-headless >= 1.8.0.121-23.4
  • libfreebl3 >= 3.29.5-57.1
  • libfreebl3-32bit >= 3.29.5-57.1
  • libsoftokn3 >= 3.29.5-57.1
  • libsoftokn3-32bit >= 3.29.5-57.1
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nspr-32bit >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-32bit >= 3.29.5-57.1
  • mozilla-nss-certs >= 3.29.5-57.1
  • mozilla-nss-certs-32bit >= 3.29.5-57.1
  • mozilla-nss-sysinit >= 3.29.5-57.1
  • mozilla-nss-sysinit-32bit >= 3.29.5-57.1
  • mozilla-nss-tools >= 3.29.5-57.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP2-2017-1035
SUSE-SLE-DESKTOP-12-SP2-2017-748
SUSE Linux Enterprise Point of Sale 11 SP3
  • MozillaFirefox >= 45.9.0esr-71.2
  • MozillaFirefox-translations >= 45.9.0esr-71.2
  • libfreebl3 >= 3.29.5-46.1
  • libsoftokn3 >= 3.29.5-46.1
  • mozilla-nspr >= 4.13.1-32.1
  • mozilla-nss >= 3.29.5-46.1
  • mozilla-nss-tools >= 3.29.5-46.1
Patchnames:
sleposp3-MozillaFirefox-13090
SUSE Linux Enterprise Server 11 SP3-LTSS
  • MozillaFirefox >= 45.9.0esr-71.2
  • MozillaFirefox-translations >= 45.9.0esr-71.2
  • libfreebl3 >= 3.29.5-46.1
  • libfreebl3-32bit >= 3.29.5-46.1
  • libsoftokn3 >= 3.29.5-46.1
  • libsoftokn3-32bit >= 3.29.5-46.1
  • mozilla-nspr >= 4.13.1-32.1
  • mozilla-nspr-32bit >= 4.13.1-32.1
  • mozilla-nss >= 3.29.5-46.1
  • mozilla-nss-32bit >= 3.29.5-46.1
  • mozilla-nss-tools >= 3.29.5-46.1
Patchnames:
slessp3-MozillaFirefox-13090
SUSE Linux Enterprise Server 11 SP4
  • MozillaFirefox >= 45.9.0esr-71.2
  • MozillaFirefox-translations >= 45.9.0esr-71.2
  • libfreebl3 >= 3.29.5-46.1
  • libfreebl3-32bit >= 3.29.5-46.1
  • libfreebl3-x86 >= 3.29.5-46.1
  • libsoftokn3 >= 3.29.5-46.1
  • libsoftokn3-32bit >= 3.29.5-46.1
  • libsoftokn3-x86 >= 3.29.5-46.1
  • mozilla-nspr >= 4.13.1-32.1
  • mozilla-nspr-32bit >= 4.13.1-32.1
  • mozilla-nspr-x86 >= 4.13.1-32.1
  • mozilla-nss >= 3.29.5-46.1
  • mozilla-nss-32bit >= 3.29.5-46.1
  • mozilla-nss-tools >= 3.29.5-46.1
  • mozilla-nss-x86 >= 3.29.5-46.1
Patchnames:
slessp4-MozillaFirefox-13090
SUSE Linux Enterprise Server 12 SP1
  • MozillaFirefox >= 45.9.0esr-105.1
  • MozillaFirefox-translations >= 45.9.0esr-105.1
  • java-1_8_0-openjdk >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-demo >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-devel >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-headless >= 1.8.0.121-23.4
  • libfreebl3 >= 3.29.5-57.1
  • libfreebl3-32bit >= 3.29.5-57.1
  • libfreebl3-hmac >= 3.29.5-57.1
  • libfreebl3-hmac-32bit >= 3.29.5-57.1
  • libsoftokn3 >= 3.29.5-57.1
  • libsoftokn3-32bit >= 3.29.5-57.1
  • libsoftokn3-hmac >= 3.29.5-57.1
  • libsoftokn3-hmac-32bit >= 3.29.5-57.1
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nspr-32bit >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-32bit >= 3.29.5-57.1
  • mozilla-nss-certs >= 3.29.5-57.1
  • mozilla-nss-certs-32bit >= 3.29.5-57.1
  • mozilla-nss-sysinit >= 3.29.5-57.1
  • mozilla-nss-sysinit-32bit >= 3.29.5-57.1
  • mozilla-nss-tools >= 3.29.5-57.1
Patchnames:
SUSE-SLE-SERVER-12-SP1-2017-748
SUSE Linux Enterprise Server 12 SP1-LTSS
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-branding-SLE >= 52-31.1
  • MozillaFirefox-devel >= 52.2.0esr-108.3
  • MozillaFirefox-translations >= 52.2.0esr-108.3
Patchnames:
SUSE-SLE-SERVER-12-SP1-2017-1035
SUSE Linux Enterprise Server 12 SP2
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-branding-SLE >= 52-31.1
  • MozillaFirefox-translations >= 52.2.0esr-108.3
  • java-1_8_0-openjdk >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-demo >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-devel >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-headless >= 1.8.0.121-23.4
  • libfreebl3 >= 3.29.5-57.1
  • libfreebl3-32bit >= 3.29.5-57.1
  • libfreebl3-hmac >= 3.29.5-57.1
  • libfreebl3-hmac-32bit >= 3.29.5-57.1
  • libsoftokn3 >= 3.29.5-57.1
  • libsoftokn3-32bit >= 3.29.5-57.1
  • libsoftokn3-hmac >= 3.29.5-57.1
  • libsoftokn3-hmac-32bit >= 3.29.5-57.1
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nspr-32bit >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-32bit >= 3.29.5-57.1
  • mozilla-nss-certs >= 3.29.5-57.1
  • mozilla-nss-certs-32bit >= 3.29.5-57.1
  • mozilla-nss-sysinit >= 3.29.5-57.1
  • mozilla-nss-sysinit-32bit >= 3.29.5-57.1
  • mozilla-nss-tools >= 3.29.5-57.1
Patchnames:
SUSE-SLE-SERVER-12-SP2-2017-1035
SUSE-SLE-SERVER-12-SP2-2017-748
SUSE Linux Enterprise Server 12-LTSS
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-branding-SLE >= 52-31.1
  • MozillaFirefox-devel >= 52.2.0esr-108.3
  • MozillaFirefox-translations >= 52.2.0esr-108.3
  • libfreebl3 >= 3.29.5-57.1
  • libfreebl3-32bit >= 3.29.5-57.1
  • libfreebl3-hmac >= 3.29.5-57.1
  • libfreebl3-hmac-32bit >= 3.29.5-57.1
  • libsoftokn3 >= 3.29.5-57.1
  • libsoftokn3-32bit >= 3.29.5-57.1
  • libsoftokn3-hmac >= 3.29.5-57.1
  • libsoftokn3-hmac-32bit >= 3.29.5-57.1
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nspr-32bit >= 4.13.1-18.1
  • mozilla-nspr-devel >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-32bit >= 3.29.5-57.1
  • mozilla-nss-certs >= 3.29.5-57.1
  • mozilla-nss-certs-32bit >= 3.29.5-57.1
  • mozilla-nss-devel >= 3.29.5-57.1
  • mozilla-nss-sysinit >= 3.29.5-57.1
  • mozilla-nss-sysinit-32bit >= 3.29.5-57.1
  • mozilla-nss-tools >= 3.29.5-57.1
Patchnames:
SUSE-SLE-SERVER-12-2017-1035
SUSE-SLE-SERVER-12-2017-748
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-branding-SLE >= 52-31.1
  • MozillaFirefox-translations >= 52.2.0esr-108.3
  • java-1_8_0-openjdk >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-demo >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-devel >= 1.8.0.121-23.4
  • java-1_8_0-openjdk-headless >= 1.8.0.121-23.4
  • libfreebl3 >= 3.29.5-57.1
  • libfreebl3-hmac >= 3.29.5-57.1
  • libsoftokn3 >= 3.29.5-57.1
  • libsoftokn3-hmac >= 3.29.5-57.1
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-certs >= 3.29.5-57.1
  • mozilla-nss-sysinit >= 3.29.5-57.1
  • mozilla-nss-tools >= 3.29.5-57.1
Patchnames:
SUSE-SLE-RPI-12-SP2-2017-1035
SUSE-SLE-RPI-12-SP2-2017-748
SUSE Linux Enterprise Software Development Kit 11 SP4
  • MozillaFirefox >= 45.9.0esr-71.2
  • MozillaFirefox-devel >= 45.9.0esr-71.2
  • mozilla-nspr >= 4.13.1-32.1
  • mozilla-nspr-devel >= 4.13.1-32.1
  • mozilla-nss >= 3.29.5-46.1
  • mozilla-nss-devel >= 3.29.5-46.1
Patchnames:
sdksp4-MozillaFirefox-13090
SUSE Linux Enterprise Software Development Kit 12 SP1
  • MozillaFirefox >= 45.9.0esr-105.1
  • MozillaFirefox-devel >= 45.9.0esr-105.1
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nspr-devel >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-devel >= 3.29.5-57.1
Patchnames:
SUSE-SLE-SDK-12-SP1-2017-748
SUSE Linux Enterprise Software Development Kit 12 SP2
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-devel >= 52.2.0esr-108.3
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nspr-devel >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-devel >= 3.29.5-57.1
Patchnames:
SUSE-SLE-SDK-12-SP2-2017-1035
SUSE-SLE-SDK-12-SP2-2017-748
SUSE Linux Enterprise for SAP 12
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-branding-SLE >= 52-31.1
  • MozillaFirefox-devel >= 52.2.0esr-108.3
  • MozillaFirefox-translations >= 52.2.0esr-108.3
  • libfreebl3 >= 3.29.5-57.1
  • libfreebl3-32bit >= 3.29.5-57.1
  • libfreebl3-hmac >= 3.29.5-57.1
  • libfreebl3-hmac-32bit >= 3.29.5-57.1
  • libsoftokn3 >= 3.29.5-57.1
  • libsoftokn3-32bit >= 3.29.5-57.1
  • libsoftokn3-hmac >= 3.29.5-57.1
  • libsoftokn3-hmac-32bit >= 3.29.5-57.1
  • mozilla-nspr >= 4.13.1-18.1
  • mozilla-nspr-32bit >= 4.13.1-18.1
  • mozilla-nspr-devel >= 4.13.1-18.1
  • mozilla-nss >= 3.29.5-57.1
  • mozilla-nss-32bit >= 3.29.5-57.1
  • mozilla-nss-certs >= 3.29.5-57.1
  • mozilla-nss-certs-32bit >= 3.29.5-57.1
  • mozilla-nss-devel >= 3.29.5-57.1
  • mozilla-nss-sysinit >= 3.29.5-57.1
  • mozilla-nss-sysinit-32bit >= 3.29.5-57.1
  • mozilla-nss-tools >= 3.29.5-57.1
Patchnames:
SUSE-SLE-SAP-12-2017-1035
SUSE-SLE-SAP-12-2017-748
SUSE Linux Enterprise for SAP 12 SP1
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-branding-SLE >= 52-31.1
  • MozillaFirefox-devel >= 52.2.0esr-108.3
  • MozillaFirefox-translations >= 52.2.0esr-108.3
Patchnames:
SUSE-SLE-SAP-12-SP1-2017-1035
SUSE Manager 2.1
  • MozillaFirefox >= 45.9.0esr-71.2
  • MozillaFirefox-translations >= 45.9.0esr-71.2
  • libfreebl3 >= 3.29.5-46.1
  • libfreebl3-32bit >= 3.29.5-46.1
  • libsoftokn3 >= 3.29.5-46.1
  • libsoftokn3-32bit >= 3.29.5-46.1
  • mozilla-nspr >= 4.13.1-32.1
  • mozilla-nspr-32bit >= 4.13.1-32.1
  • mozilla-nss >= 3.29.5-46.1
  • mozilla-nss-32bit >= 3.29.5-46.1
  • mozilla-nss-tools >= 3.29.5-46.1
Patchnames:
sleman21-MozillaFirefox-13090
SUSE Manager Proxy 2.1
  • MozillaFirefox >= 45.9.0esr-71.2
  • MozillaFirefox-translations >= 45.9.0esr-71.2
  • libfreebl3 >= 3.29.5-46.1
  • libfreebl3-32bit >= 3.29.5-46.1
  • libsoftokn3 >= 3.29.5-46.1
  • libsoftokn3-32bit >= 3.29.5-46.1
  • mozilla-nspr >= 4.13.1-32.1
  • mozilla-nspr-32bit >= 4.13.1-32.1
  • mozilla-nss >= 3.29.5-46.1
  • mozilla-nss-32bit >= 3.29.5-46.1
  • mozilla-nss-tools >= 3.29.5-46.1
Patchnames:
slemap21-MozillaFirefox-13090
SUSE OpenStack Cloud 5
  • MozillaFirefox >= 45.9.0esr-71.2
  • MozillaFirefox-translations >= 45.9.0esr-71.2
  • libfreebl3 >= 3.29.5-46.1
  • libfreebl3-32bit >= 3.29.5-46.1
  • libsoftokn3 >= 3.29.5-46.1
  • libsoftokn3-32bit >= 3.29.5-46.1
  • mozilla-nspr >= 4.13.1-32.1
  • mozilla-nspr-32bit >= 4.13.1-32.1
  • mozilla-nss >= 3.29.5-46.1
  • mozilla-nss-32bit >= 3.29.5-46.1
  • mozilla-nss-tools >= 3.29.5-46.1
Patchnames:
sleclo50sp3-MozillaFirefox-13090
SUSE OpenStack Cloud 6
  • MozillaFirefox >= 52.2.0esr-108.3
  • MozillaFirefox-branding-SLE >= 52-31.1
  • MozillaFirefox-devel >= 52.2.0esr-108.3
  • MozillaFirefox-translations >= 52.2.0esr-108.3
Patchnames:
SUSE-OpenStack-Cloud-6-2017-1035
openSUSE Leap 42.1
  • MozillaThunderbird >= 52.1.0-42.1
  • MozillaThunderbird-buildsymbols >= 52.1.0-42.1
  • MozillaThunderbird-debuginfo >= 52.1.0-42.1
  • MozillaThunderbird-debugsource >= 52.1.0-42.1
  • MozillaThunderbird-devel >= 52.1.0-42.1
  • MozillaThunderbird-translations-common >= 52.1.0-42.1
  • MozillaThunderbird-translations-other >= 52.1.0-42.1
Patchnames:
openSUSE-2017-545
openSUSE Leap 42.2
  • MozillaThunderbird >= 52.1.0-41.3.1
  • MozillaThunderbird-buildsymbols >= 52.1.0-41.3.1
  • MozillaThunderbird-debuginfo >= 52.1.0-41.3.1
  • MozillaThunderbird-debugsource >= 52.1.0-41.3.1
  • MozillaThunderbird-devel >= 52.1.0-41.3.1
  • MozillaThunderbird-translations-common >= 52.1.0-41.3.1
  • MozillaThunderbird-translations-other >= 52.1.0-41.3.1
Patchnames:
openSUSE-2017-545