Oval Definition:oval:org.opensuse.security:def:104225
Revision Date:2020-09-07Version:1
Title:Security update for MozillaFirefox (Moderate)
Description:

This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.2.0 ESR * Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 (bsc#1175686) * CVE-2020-15663 (bmo#1643199) Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege * CVE-2020-15664 (bmo#1658214) Attacker-induced prompt for extension installation * CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626, bmo#1656957) Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

- Fixed Firefox tab crash in FIPS mode (bsc#1174284).

- Fix broken translation-loading (bsc#1173991) * allow addon sideloading * mark signatures for langpacks non-mandatory * do not autodisable user profile scopes - Google API key is not usable for geolocation service any more
Family:unixClass:patch
Status:Reference(s):1173991
1174284
1175686
CVE-2020-15663
CVE-2020-15664
CVE-2020-15670
SUSE-SU-2020:2563-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-78.2.0-3.105.1 is installed
  • OR MozillaFirefox-devel-78.2.0-3.105.1 is installed
  • OR MozillaFirefox-translations-common-78.2.0-3.105.1 is installed
  • OR MozillaFirefox-translations-other-78.2.0-3.105.1 is installed
    • BACK