1. Home
  2. Security Advisories
  3. OpenSUSE
  4. openSUSE-SU-2020:1555-1

[openSUSE-SU-2020:1555-1] Security update for MozillaFirefox

Severity Important
Affected Packages 6
CVEs 4
Info Packages References Vulnerabilities

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues:

-Firefox was updated to 78.3.0 ESR (bsc#1176756, MFSA 2020-43)
- CVE-2020-15677: Download origin spoofing via redirect
- CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a
contenteditable element
- CVE-2020-15678: When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential use-after-free scenario
- CVE-2020-15673: Fixed memory safety bugs
- Enhance fix for wayland-detection (bsc#1174420)
- Attempt to fix langpack-parallelization by introducing separate
obj-dirs for each lang (bsc#1173986, bsc#1167976)

This update was imported from the SUSE:SLE-15:Update update project.

Package Affected Version
pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.1 < 78.3.0-lp151.2.69.1
pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.1 < 78.3.0-lp151.2.69.1
pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.1 < 78.3.0-lp151.2.69.1
pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.1 < 78.3.0-lp151.2.69.1
pkg:rpm/opensuse/MozillaFirefox-buildsymbols?arch=x86_64&distro=opensuse-leap-15.1 < 78.3.0-lp151.2.69.1
pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.1 < 78.3.0-lp151.2.69.1
ID
openSUSE-SU-2020:1555-1
Severity
important
URL
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BGV7A23CWHNBANNVQ6C3WS22F3FRDIO4/
Published
2020-09-27T19:47:11
(4 years ago)
Modified
2020-09-27T19:47:11
(4 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.1 opensuse MozillaFirefox < 78.3.0-lp151.2.69.1 opensuse-leap-15.1 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.1 opensuse MozillaFirefox-translations-other < 78.3.0-lp151.2.69.1 opensuse-leap-15.1 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.1 opensuse MozillaFirefox-translations-common < 78.3.0-lp151.2.69.1 opensuse-leap-15.1 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.1 opensuse MozillaFirefox-devel < 78.3.0-lp151.2.69.1 opensuse-leap-15.1 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-buildsymbols?arch=x86_64&distro=opensuse-leap-15.1 opensuse MozillaFirefox-buildsymbols < 78.3.0-lp151.2.69.1 opensuse-leap-15.1 x86_64
Affected pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.1 opensuse MozillaFirefox-branding-upstream < 78.3.0-lp151.2.69.1 opensuse-leap-15.1 x86_64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date