[SUSE-SU-2020:0078-1] Security update for MozillaFirefox
Severity
Important
CVEs
7
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.4.1 ESR
- Fixed: Security fix MFSA 2020-03 (bsc#1160498)
- CVE-2019-17026 (bmo#1607443) IonMonkey type confusion with StoreElementHole and FallibleStoreElement
- Firefox Extended Support Release 68.4.0 ESR
- Fixed: Various security fixes MFSA 2020-02 (bsc#1160305)
- CVE-2019-17015 (bmo#1599005) Memory corruption in parent process during new content process initialization on Windows
- CVE-2019-17016 (bmo#1599181) Bypass of @namespace CSS sanitization during pasting
- CVE-2019-17017 (bmo#1603055) Type Confusion in XPCVariant.cpp
- CVE-2019-17021 (bmo#1599008) Heap address disclosure in parent process during content process initialization on Windows
- CVE-2019-17022 (bmo#1602843) CSS sanitization does not escape HTML tags
- CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826) Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
- ID
- SUSE-SU-2020:0078-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2020/suse-su-20200078-1/
- Published
-
2020-01-13T09:26:02
(4 years ago) - Modified
-
2020-01-13T09:26:02
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2020-1393
- ALPINE:CVE-2019-17016
- ALPINE:CVE-2019-17017
- ALPINE:CVE-2019-17022
- ALPINE:CVE-2019-17024
- ALPINE:CVE-2019-17026
- ASA-202001-1
- ASA-202001-3
- ASA-202001-4
- CISA-2021:1103
- DSA-4600-1
- DSA-4603-1
- ELSA-2020-0085
- ELSA-2020-0086
- ELSA-2020-0111
- ELSA-2020-0120
- ELSA-2020-0123
- ELSA-2020-0127
- GLSA-202003-02
- MFSA-2020-01
- MFSA-2020-02
- MFSA-2020-03
- MFSA-2020-04
- openSUSE-SU-2020:0060-1
- openSUSE-SU-2020:0094-1
- RHSA-2020:0085
- RHSA-2020:0086
- RHSA-2020:0111
- RHSA-2020:0120
- RHSA-2020:0123
- RHSA-2020:0127
- SSA:2020-010-01
- SUSE-SU-2020:0068-1
- SUSE-SU-2020:0142-1
- USN-4234-1
- USN-4241-1
- USN-4335-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |