1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2020:0078-1

[SUSE-SU-2020:0078-1] Security update for MozillaFirefox

Severity Important
CVEs 7
Info References Vulnerabilities

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues:

  • Firefox Extended Support Release 68.4.1 ESR
    • Fixed: Security fix MFSA 2020-03 (bsc#1160498)
    • CVE-2019-17026 (bmo#1607443) IonMonkey type confusion with StoreElementHole and FallibleStoreElement
  • Firefox Extended Support Release 68.4.0 ESR
    • Fixed: Various security fixes MFSA 2020-02 (bsc#1160305)
    • CVE-2019-17015 (bmo#1599005) Memory corruption in parent process during new content process initialization on Windows
    • CVE-2019-17016 (bmo#1599181) Bypass of @namespace CSS sanitization during pasting
    • CVE-2019-17017 (bmo#1603055) Type Confusion in XPCVariant.cpp
    • CVE-2019-17021 (bmo#1599008) Heap address disclosure in parent process during content process initialization on Windows
    • CVE-2019-17022 (bmo#1602843) CSS sanitization does not escape HTML tags
    • CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826) Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
ID
SUSE-SU-2020:0078-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2020/suse-su-20200078-1/
Published
2020-01-13T09:26:02
(4 years ago)
Modified
2020-01-13T09:26:02
(4 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date