| Description: | Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 68.6.0 ESR.
Security Fix(es):
Mozilla: Use-after-free when removing data about origins (CVE-2020-6805)
Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806)
Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807)
Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814)
Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503)
Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection (CVE-2020-6811)
Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission (CVE-2020-6812)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
|