[openSUSE-SU-2020:1147-1] Security update for MozillaFirefox
Severity
Important
Affected Packages
6
CVEs
10
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.1.0 ESR
- Fixed: Various stability, functionality, and security fixes (bsc#1174538)
- CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker
- CVE-2020-6514: WebRTC data channel leaks internal address to peer
- CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
- CVE-2020-15653: Bypassing iframe sandbox when allowing popups
- CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
- CVE-2020-15656: Type confusion for special arguments in IonMonkey
- CVE-2020-15658: Overriding file type when saving to disk
- CVE-2020-15657: DLL hijacking due to incorrect loading path
- CVE-2020-15654: Custom cursor can overlay user interface
- CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
This update was imported from the SUSE:SLE-15:Update update project.
| Package | Affected Version |
|---|---|
 pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.1
|
< 78.1.0-lp151.2.61.1 |
|
pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.1
|
< 78.1.0-lp151.2.61.1 |
|
pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.1
|
< 78.1.0-lp151.2.61.1 |
|
pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.1
|
< 78.1.0-lp151.2.61.1 |
|
pkg:rpm/opensuse/MozillaFirefox-buildsymbols?arch=x86_64&distro=opensuse-leap-15.1
|
< 78.1.0-lp151.2.61.1 |
|
pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.1
|
< 78.1.0-lp151.2.61.1 |
- ID
- openSUSE-SU-2020:1147-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5DGEDDAZOZ3MVQ6CTQDOF3OY2ZULXYVT/
- Published
-
2020-08-05T07:40:10
(4 years ago) - Modified
-
2020-08-05T07:40:10
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS2-2020-1487
-
ALPINE:CVE-2020-15652
-
ALPINE:CVE-2020-15653
-
ALPINE:CVE-2020-15654
-
ALPINE:CVE-2020-15655
-
ALPINE:CVE-2020-15656
-
ALPINE:CVE-2020-15657
-
ALPINE:CVE-2020-15658
-
ALPINE:CVE-2020-15659
-
ALPINE:CVE-2020-6463
-
ALPINE:CVE-2020-6514
-
DSA-4714-1
-
DSA-4736-1
-
DSA-4740-1
-
DSA-4824-1
-
ELSA-2020-3233
-
ELSA-2020-3241
-
ELSA-2020-3253
-
ELSA-2020-3341
-
ELSA-2020-3344
-
ELSA-2020-3345
-
ELSA-2020-3557
-
ELSA-2020-4080
-
FEDORA-2020-08561721ad
-
FEDORA-2020-77f89ab772
-
FEDORA-2020-84d87cbd50
-
FEDORA-2020-bf684961d9
-
FREEBSD:870D59B0-C6C4-11EA-8015-E09467587C17
-
GLSA-202007-08
-
GLSA-202007-60
-
GLSA-202007-64
-
GLSA-202101-30
-
MFSA-2020-30
-
MFSA-2020-31
-
MFSA-2020-32
-
MFSA-2020-33
-
MFSA-2020-35
-
openSUSE-SU-2020:0823-1
-
openSUSE-SU-2020:0832-1
-
openSUSE-SU-2020:1020-1
-
openSUSE-SU-2020:1021-1
-
openSUSE-SU-2020:1048-1
-
openSUSE-SU-2020:1061-1
-
openSUSE-SU-2020:1148-1
-
openSUSE-SU-2020:1155-1
-
openSUSE-SU-2020:1172-1
-
openSUSE-SU-2020:1179-1
-
openSUSE-SU-2020:1189-1
-
openSUSE-SU-2020:1205-1
-
RHSA-2020:1970
-
RHSA-2020:3233
-
RHSA-2020:3241
-
RHSA-2020:3253
-
RHSA-2020:3341
-
RHSA-2020:3344
-
RHSA-2020:3345
-
RHSA-2020:3377
-
RHSA-2020:3557
-
RHSA-2020:4080
-
SSA:2020-213-01
-
SUSE-SU-2020:2100-1
-
SUSE-SU-2020:2118-1
-
SUSE-SU-2020:2147-1
-
SUSE-SU-2020:2179-1
-
USN-4443-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaFirefox
|
< 78.1.0-lp151.2.61.1 | opensuse-leap-15.1 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaFirefox-translations-other
|
< 78.1.0-lp151.2.61.1 | opensuse-leap-15.1 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaFirefox-translations-common
|
< 78.1.0-lp151.2.61.1 | opensuse-leap-15.1 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaFirefox-devel
|
< 78.1.0-lp151.2.61.1 | opensuse-leap-15.1 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaFirefox-buildsymbols?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaFirefox-buildsymbols
|
< 78.1.0-lp151.2.61.1 | opensuse-leap-15.1 | x86_64 | |
| Affected | pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.1 | opensuse |
MozillaFirefox-branding-upstream
|
< 78.1.0-lp151.2.61.1 | opensuse-leap-15.1 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |