Bug 1149324

Summary: VUL-0: TRACKERBUG: MozillaFirefox: Firefox 69 Security Advisory 2019-25
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Wolfgang Rosenauer <wolfgang>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: Andreas.Stieger, cgrobertson, wolfgang
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVSSv2:NVD:CVE-2019-11751:6.8:(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1149286, 1149287, 1149288, 1149289, 1149290, 1149291, 1149292, 1149293, 1149294, 1149295, 1149296, 1149297, 1149298, 1149299, 1149300, 1149301, 1149302, 1149303, 1149304, 1149321    

Description Alexander Bergmann 2019-09-04 08:37:33 UTC 
Mozilla Foundation Security Advisory 2019-25

Security vulnerabilities fixed in Firefox 69

Announced  September 3, 2019
Impact     critical
Products   Firefox
Fixed in   Firefox 69

CVE-2019-11751: bsc#1149286
CVE-2019-11746: bsc#1149297
CVE-2019-11744: bsc#1149304
CVE-2019-11742: bsc#1149303
CVE-2019-11736: bsc#1149292
CVE-2019-11753: bsc#1149295
CVE-2019-11752: bsc#1149296
CVE-2019-9812:  bsc#1149294
CVE-2019-11741: bsc#1149288
CVE-2019-11743: bsc#1149298
CVE-2019-11748: bsc#1149291
CVE-2019-11749: bsc#1149290
CVE-2019-5849:  bsc#1149321
CVE-2019-11750: bsc#1149289
CVE-2019-11737: bsc#1149300
CVE-2019-11738: bsc#1149302
CVE-2019-11747: bsc#1149301
CVE-2019-11734: bsc#1149287
CVE-2019-11735: bsc#1149293
CVE-2019-11740: bsc#1149299

Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/
Comment 1 Andreas Stieger 2019-09-04 14:51:03 UTC 
update to 69 is Tumbleweed only
Comment 2 Wolfgang Rosenauer 2019-09-09 06:32:17 UTC 
https://build.opensuse.org/request/show/729322
Comment 3 Swamp Workflow Management 2019-09-12 22:00:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1149324) was mentioned in
https://build.opensuse.org/request/show/730473 Factory / MozillaFirefox
Comment 8 Wolfgang Rosenauer 2019-09-22 21:11:03 UTC 
As 69 is released in Tumbleweed and not planned for other releases I think this can be closed?
Comment 9 Swamp Workflow Management 2019-09-23 16:12:04 UTC 
SUSE-SU-2019:2436-1: An update that solves 8 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1149294,1149295,1149296,1149297,1149298,1149299,1149303,1149304,1149324
CVE References: CVE-2019-11740,CVE-2019-11742,CVE-2019-11743,CVE-2019-11744,CVE-2019-11746,CVE-2019-11752,CVE-2019-11753,CVE-2019-9812
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE OpenStack Cloud 8 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE OpenStack Cloud 7 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Desktop 12-SP5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Enterprise Storage 5 (src):    MozillaFirefox-60.9.0-109.86.1
SUSE Enterprise Storage 4 (src):    MozillaFirefox-60.9.0-109.86.1
HPE Helion Openstack 8 (src):    MozillaFirefox-60.9.0-109.86.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.