Security update for Mozilla Firefox and NSS

7325 Security update for Mozilla Firefox and NSS important openSUSE Leap 42.2 Update ports This update to Mozilla Firefox 52.4esr, along with Mozilla NSS 3.28.6, fixes security issues and bugs. The following vulnerabilities advised upstream under MFSA 2017-22 (boo#1060445) were fixed: - CVE-2017-7793: Use-after-free with Fetch API - CVE-2017-7818: Use-after-free during ARIA array manipulation - CVE-2017-7819: Use-after-free while resizing images in design mode - CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE - CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings - CVE-2017-7823: CSP sandbox directive did not create a unique origin - CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 The following security issue was fixed in Mozilla NSS 3.28.6: - CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes (bsc#1061005) The following bug was fixed: - boo#1029917: language accept header use incorrect locale For compatibility reasons, java-1_8_0-openjdk was rebuilt to the updated version of NSS. java-1_8_0-openjdk-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-1.8.0.144-10.15.2.src.rpm java-1_8_0-openjdk-accessibility-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-debuginfo-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-debugsource-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-demo-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-demo-debuginfo-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-devel-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-devel-debuginfo-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-headless-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-10.15.2.ppc64le.rpm java-1_8_0-openjdk-javadoc-1.8.0.144-10.15.2.noarch.rpm java-1_8_0-openjdk-src-1.8.0.144-10.15.2.ppc64le.rpm libfreebl3-3.28.6-40.10.1.ppc64le.rpm libfreebl3-debuginfo-3.28.6-40.10.1.ppc64le.rpm libsoftokn3-3.28.6-40.10.1.ppc64le.rpm libsoftokn3-debuginfo-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-3.28.6-40.10.1.src.rpm mozilla-nss-certs-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-certs-debuginfo-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-debuginfo-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-debugsource-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-devel-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-sysinit-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-sysinit-debuginfo-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-tools-3.28.6-40.10.1.ppc64le.rpm mozilla-nss-tools-debuginfo-3.28.6-40.10.1.ppc64le.rpm java-1_8_0-openjdk-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-accessibility-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-debuginfo-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-debugsource-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-demo-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-demo-debuginfo-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-devel-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-devel-debuginfo-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-headless-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-headless-debuginfo-1.8.0.144-10.15.2.aarch64.rpm java-1_8_0-openjdk-src-1.8.0.144-10.15.2.aarch64.rpm libfreebl3-3.28.6-40.10.1.aarch64.rpm libfreebl3-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm libfreebl3-debuginfo-3.28.6-40.10.1.aarch64.rpm libfreebl3-debuginfo-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm libsoftokn3-3.28.6-40.10.1.aarch64.rpm libsoftokn3-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm libsoftokn3-debuginfo-3.28.6-40.10.1.aarch64.rpm libsoftokn3-debuginfo-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm mozilla-nss-3.28.6-40.10.1.aarch64.rpm mozilla-nss-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm mozilla-nss-certs-3.28.6-40.10.1.aarch64.rpm mozilla-nss-certs-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm mozilla-nss-certs-debuginfo-3.28.6-40.10.1.aarch64.rpm mozilla-nss-certs-debuginfo-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm mozilla-nss-debuginfo-3.28.6-40.10.1.aarch64.rpm mozilla-nss-debuginfo-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm mozilla-nss-debugsource-3.28.6-40.10.1.aarch64.rpm mozilla-nss-devel-3.28.6-40.10.1.aarch64.rpm mozilla-nss-sysinit-3.28.6-40.10.1.aarch64.rpm mozilla-nss-sysinit-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm mozilla-nss-sysinit-debuginfo-3.28.6-40.10.1.aarch64.rpm mozilla-nss-sysinit-debuginfo-64bit-3.28.6-40.10.1.aarch64_ilp32.rpm mozilla-nss-tools-3.28.6-40.10.1.aarch64.rpm mozilla-nss-tools-debuginfo-3.28.6-40.10.1.aarch64.rpm MozillaFirefox-52.4.0-57.18.2.armv7hl.rpm MozillaFirefox-52.4.0-57.18.2.src.rpm MozillaFirefox-branding-upstream-52.4.0-57.18.2.armv7hl.rpm MozillaFirefox-debuginfo-52.4.0-57.18.2.armv7hl.rpm MozillaFirefox-debugsource-52.4.0-57.18.2.armv7hl.rpm MozillaFirefox-devel-52.4.0-57.18.2.armv7hl.rpm MozillaFirefox-translations-common-52.4.0-57.18.2.armv7hl.rpm MozillaFirefox-translations-other-52.4.0-57.18.2.armv7hl.rpm libfreebl3-3.28.6-40.10.1.armv7hl.rpm libfreebl3-debuginfo-3.28.6-40.10.1.armv7hl.rpm libsoftokn3-3.28.6-40.10.1.armv7hl.rpm libsoftokn3-debuginfo-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-certs-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-certs-debuginfo-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-debuginfo-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-debugsource-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-devel-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-sysinit-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-sysinit-debuginfo-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-tools-3.28.6-40.10.1.armv7hl.rpm mozilla-nss-tools-debuginfo-3.28.6-40.10.1.armv7hl.rpm