[openSUSE-SU-2020:1574-1] Security update for MozillaFirefox
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
-Firefox was updated to 78.3.0 ESR (bsc#1176756, MFSA 2020-43)
- CVE-2020-15677: Download origin spoofing via redirect
- CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a
contenteditable element
- CVE-2020-15678: When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential use-after-free scenario
- CVE-2020-15673: Fixed memory safety bugs
- Enhance fix for wayland-detection (bsc#1174420)
- Attempt to fix langpack-parallelization by introducing separate
obj-dirs for each lang (bsc#1173986, bsc#1167976)
This update was imported from the SUSE:SLE-15:Update update project.
Package | Affected Version |
---|---|
pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.2 | < 78.3.0-lp152.2.21.1 |
pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.2 | < 78.3.0-lp152.2.21.1 |
pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.2 | < 78.3.0-lp152.2.21.1 |
pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.2 | < 78.3.0-lp152.2.21.1 |
pkg:rpm/opensuse/MozillaFirefox-buildsymbols?arch=x86_64&distro=opensuse-leap-15.2 | < 78.3.0-lp152.2.21.1 |
pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.2 | < 78.3.0-lp152.2.21.1 |
- ID
- openSUSE-SU-2020:1574-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4BLMBLPQOANT6X2TSM5JYZQJWZLARWUV/
- Published
-
2020-09-29T08:13:26
(4 years ago) - Modified
-
2020-09-29T08:13:26
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2020-1572
- ALPINE:CVE-2020-15673
- ALPINE:CVE-2020-15676
- ALPINE:CVE-2020-15677
- ALPINE:CVE-2020-15678
- ASA-202009-10
- DSA-4768-1
- DSA-4770-1
- ELSA-2020-3832
- ELSA-2020-3835
- ELSA-2020-4080
- ELSA-2020-4155
- ELSA-2020-4158
- ELSA-2020-4163
- GLSA-202010-02
- MFSA-2020-42
- MFSA-2020-43
- MFSA-2020-44
- openSUSE-SU-2020:1555-1
- openSUSE-SU-2020:1780-1
- openSUSE-SU-2020:1785-1
- RHSA-2020:3832
- RHSA-2020:3835
- RHSA-2020:4080
- RHSA-2020:4155
- RHSA-2020:4158
- RHSA-2020:4163
- SUSE-SU-2020:2747-1
- SUSE-SU-2020:2749-1
- SUSE-SU-2020:2759-1
- SUSE-SU-2020:3091-1
- USN-4546-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/MozillaFirefox?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | MozillaFirefox | < 78.3.0-lp152.2.21.1 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-other?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | MozillaFirefox-translations-other | < 78.3.0-lp152.2.21.1 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-translations-common?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | MozillaFirefox-translations-common | < 78.3.0-lp152.2.21.1 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-devel?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | MozillaFirefox-devel | < 78.3.0-lp152.2.21.1 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-buildsymbols?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | MozillaFirefox-buildsymbols | < 78.3.0-lp152.2.21.1 | opensuse-leap-15.2 | x86_64 | |
Affected | pkg:rpm/opensuse/MozillaFirefox-branding-upstream?arch=x86_64&distro=opensuse-leap-15.2 | opensuse | MozillaFirefox-branding-upstream | < 78.3.0-lp152.2.21.1 | opensuse-leap-15.2 | x86_64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |