SUSE-SU-2025:0788-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-20250788-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0788-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2025:0788-1
- Related
- Published
- 2025-03-05T15:30:33Z
- Modified
- 2025-04-04T01:09:52.383924Z
- Summary
- Security update for MozillaFirefox
- Details
-
This update for MozillaFirefox fixes the following issues:
Security Vulnerabilities fixed in Firefox ESR 128.8 (MFSA 2025-16) (bsc#1237683) - CVE-2024-43097: Overflow when growing an SkRegion's RunArray - CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the Browser process - CVE-2025-1931: Use-after-free in WebTransportChild - CVE-2025-1932: Inconsistent comparator in XSLT sorting led to out-of-bounds access - CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs - CVE-2025-1934: Unexpected GC during RegExp bailout processing - CVE-2025-1935: Clickjacking the registerProtocolHandler info-bar - CVE-2025-1936: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents - CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 - CVE-2025-1938: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-20250788-1/
- https://bugzilla.suse.com/1237683
- https://www.suse.com/security/cve/CVE-2024-43097
- https://www.suse.com/security/cve/CVE-2025-1930
- https://www.suse.com/security/cve/CVE-2025-1931
- https://www.suse.com/security/cve/CVE-2025-1932
- https://www.suse.com/security/cve/CVE-2025-1933
- https://www.suse.com/security/cve/CVE-2025-1934
- https://www.suse.com/security/cve/CVE-2025-1935
- https://www.suse.com/security/cve/CVE-2025-1936
- https://www.suse.com/security/cve/CVE-2025-1937
- https://www.suse.com/security/cve/CVE-2025-1938
Affected packages
SUSE:Linux Enterprise Module for Desktop Applications 15 SP6 / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6
SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS
SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
SUSE:Linux Enterprise Server 15 SP3-LTSS / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
SUSE:Linux Enterprise Server 15 SP4-LTSS / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
SUSE:Linux Enterprise Server 15 SP5-LTSS / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS
SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
SUSE:Linux Enterprise Server for SAP Applications 15 SP4 / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
SUSE:Linux Enterprise Server for SAP Applications 15 SP5 / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
SUSE:Enterprise Storage 7.1 / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%207.1
openSUSE:Leap 15.6 / MozillaFirefox
Package
- Name
- MozillaFirefox
- Purl
- pkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Leap%2015.6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed128.8.0-150200.152.173.1
Ecosystem specific
{
"binaries": [
{
"MozillaFirefox": "128.8.0-150200.152.173.1",
"MozillaFirefox-translations-common": "128.8.0-150200.152.173.1",
"MozillaFirefox-devel": "128.8.0-150200.152.173.1",
"MozillaFirefox-translations-other": "128.8.0-150200.152.173.1",
"MozillaFirefox-branding-upstream": "128.8.0-150200.152.173.1"
}
]
}