| Revision Date: | 2020-12-01 | Version: | 1 |
| Title: | Security update for MozillaFirefox (Important) |
| Description: |
This update for MozillaFirefox fixes the following issues:
MozillaFirefox was updated to 68.6.0 ESR (MFSA 2020-09 bsc#1132665 bsc#1166238)
- CVE-2020-6805: Fixed a use-after-free when removing data about origins - CVE-2020-6806: Fixed improper protections against state confusion - CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction - CVE-2020-6811: Fixed an issue where copy as cURL' feature did not fully escape website-controlled data potentially leading to command injection - CVE-2019-20503: Fixed out of bounds reads in sctp_load_addresses_from_init - CVE-2020-6812: Fixed an issue where the names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission - CVE-2020-6814: Fixed multiple memory safety bugs - Fixed an issue with minimizing a window (bsc#1132665).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1132665
1144502
1166238
CVE-2019-13233
CVE-2019-20503
CVE-2020-6805
CVE-2020-6806
CVE-2020-6807
CVE-2020-6811
CVE-2020-6812
CVE-2020-6814
SUSE-SU-2020:0686-1
|
| Platform(s): | SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information
kernel-livepatch-4_12_14-195-default-5-13 is installed
OR kernel-livepatch-SLE15-SP1_Update_0-5-13 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
AND Package Information
MozillaFirefox-68.6.0-3.75 is installed
OR MozillaFirefox-branding-upstream-68.6.0-3.75 is installed
OR MozillaFirefox-buildsymbols-68.6.0-3.75 is installed
OR MozillaFirefox-devel-68.6.0-3.75 is installed
|