Bug 1149324 - VUL-0: TRACKERBUG: MozillaFirefox: Firefox 69 Security Advisory 2019-25
VUL-0: TRACKERBUG: MozillaFirefox: Firefox 69 Security Advisory 2019-25
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Wolfgang Rosenauer
Security Team bot
CVSSv2:NVD:CVE-2019-11751:6.8:(AV:N/...
:
Depends on:
Blocks: CVE-2019-11751 CVE-2019-11734 CVE-2019-11741 CVE-2019-11750 CVE-2019-11749 CVE-2019-11748 CVE-2019-11736 CVE-2019-11735 CVE-2019-9812 CVE-2019-11753 CVE-2019-11752 CVE-2019-11746 CVE-2019-11743 CVE-2019-11740 CVE-2019-11737 CVE-2019-11747 CVE-2019-11738 CVE-2019-11742 CVE-2019-11744 CVE-2019-5849
  Show dependency treegraph
 
Reported: 2019-09-04 08:37 UTC by Alexander Bergmann
Modified: 2019-10-03 00:31 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2019-09-04 08:37:33 UTC
Mozilla Foundation Security Advisory 2019-25

Security vulnerabilities fixed in Firefox 69

Announced  September 3, 2019
Impact     critical
Products   Firefox
Fixed in   Firefox 69

CVE-2019-11751: bsc#1149286
CVE-2019-11746: bsc#1149297
CVE-2019-11744: bsc#1149304
CVE-2019-11742: bsc#1149303
CVE-2019-11736: bsc#1149292
CVE-2019-11753: bsc#1149295
CVE-2019-11752: bsc#1149296
CVE-2019-9812:  bsc#1149294
CVE-2019-11741: bsc#1149288
CVE-2019-11743: bsc#1149298
CVE-2019-11748: bsc#1149291
CVE-2019-11749: bsc#1149290
CVE-2019-5849:  bsc#1149321
CVE-2019-11750: bsc#1149289
CVE-2019-11737: bsc#1149300
CVE-2019-11738: bsc#1149302
CVE-2019-11747: bsc#1149301
CVE-2019-11734: bsc#1149287
CVE-2019-11735: bsc#1149293
CVE-2019-11740: bsc#1149299

Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/
Comment 1 Andreas Stieger 2019-09-04 14:51:03 UTC
update to 69 is Tumbleweed only
Comment 2 Wolfgang Rosenauer 2019-09-09 06:32:17 UTC
https://build.opensuse.org/request/show/729322
Comment 3 Swamp Workflow Management 2019-09-12 22:00:07 UTC
This is an autogenerated message for OBS integration:
This bug (1149324) was mentioned in
https://build.opensuse.org/request/show/730473 Factory / MozillaFirefox
Comment 8 Wolfgang Rosenauer 2019-09-22 21:11:03 UTC
As 69 is released in Tumbleweed and not planned for other releases I think this can be closed?
Comment 9 Swamp Workflow Management 2019-09-23 16:12:04 UTC
SUSE-SU-2019:2436-1: An update that solves 8 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1149294,1149295,1149296,1149297,1149298,1149299,1149303,1149304,1149324
CVE References: CVE-2019-11740,CVE-2019-11742,CVE-2019-11743,CVE-2019-11744,CVE-2019-11746,CVE-2019-11752,CVE-2019-11753,CVE-2019-9812
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE OpenStack Cloud 8 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE OpenStack Cloud 7 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Desktop 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Enterprise Storage 5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Enterprise Storage 4 (src):    MozillaFirefox-60.9.0-109.86.1
HPE Helion Openstack 8 (src):    MozillaFirefox-60.9.0-109.86.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.