[SUSE-SU-2020:1899-1] Security update for MozillaFirefox
Severity
Important
Affected Packages
60
CVEs
14
Security update for MozillaFirefox
This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues:
Security issues fixed:
- CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing (bsc#1173576).
- CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster (bsc#1173576).
- CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 (bsc#1173576).
- CVE-2020-12418: Information disclosure due to manipulated URL object (bsc#1173576).
- CVE-2020-12419: Use-after-free in nsGlobalWindowInner (bsc#1173576).
- CVE-2020-12420: Use-After-Free when trying to connect to a STUN server (bsc#1173576).
- CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack (bsc#1173576).
- CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates (bsc#1173576).
- CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (bsc#1173576).
- CVE-2020-12423: DLL Hijacking due to searching %PATH% for a library (bsc#1173576).
- CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process (bsc#1173576).
- CVE-2020-12425: Out of bound read in Date.parse() (bsc#1173576).
- CVE-2020-12426: Memory safety bugs fixed in Firefox 78 (bsc#1173576).
- FIPS: MozillaFirefox: allow /proc/sys/crypto/fips_enabled (bsc#1167231).
Non-security issues fixed:
- Fixed interaction with freetype6 (bsc#1173613).
- ID
- SUSE-SU-2020:1899-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2020/suse-su-20201899-1/
- Published
-
2020-07-13T13:06:56
(4 years ago) - Modified
-
2020-07-13T13:06:56
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2021-1522
-
ALAS2-2020-1468
-
ALAS2-2020-1559
-
ALPINE:CVE-2020-12402
-
ALPINE:CVE-2020-12415
-
ALPINE:CVE-2020-12416
-
ALPINE:CVE-2020-12417
-
ALPINE:CVE-2020-12418
-
ALPINE:CVE-2020-12419
-
ALPINE:CVE-2020-12420
-
ALPINE:CVE-2020-12421
-
ALPINE:CVE-2020-12422
-
ALPINE:CVE-2020-12423
-
ALPINE:CVE-2020-12424
-
ALPINE:CVE-2020-12425
-
ALPINE:CVE-2020-12426
-
ALPINE:CVE-2020-6813
-
ALSA-2020:3280
-
ASA-202003-8
-
DSA-4713-1
-
DSA-4718-1
-
DSA-4726-1
-
ELSA-2020-2824
-
ELSA-2020-2827
-
ELSA-2020-2828
-
ELSA-2020-2906
-
ELSA-2020-2966
-
ELSA-2020-3038
-
ELSA-2020-3280
-
ELSA-2020-3557
-
ELSA-2020-4076
-
ELSA-2020-4080
-
FEDORA-2020-16741ac7ff
-
FEDORA-2020-3ef1937475
-
GLSA-202007-09
-
GLSA-202007-10
-
MFSA-2020-08
-
MFSA-2020-24
-
MFSA-2020-25
-
MFSA-2020-26
-
MFSA-2020-29
-
openSUSE-SU-2020:0953-1
-
openSUSE-SU-2020:0955-1
-
openSUSE-SU-2020:0967-1
-
openSUSE-SU-2020:0982-1
-
openSUSE-SU-2020:0983-1
-
openSUSE-SU-2020:1017-1
-
RHSA-2020:2824
-
RHSA-2020:2827
-
RHSA-2020:2828
-
RHSA-2020:2906
-
RHSA-2020:2966
-
RHSA-2020:3038
-
RHSA-2020:3280
-
RHSA-2020:3557
-
RHSA-2020:4076
-
RHSA-2020:4080
-
SUSE-SU-2020:1839-1
-
SUSE-SU-2020:1850-1
-
SUSE-SU-2020:1898-1
-
SUSE-SU-2020:1900-1
-
USN-4299-1
-
USN-4408-1
-
USN-4417-1
-
USN-4417-2
-
USN-4421-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=5 | suse |
 MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=4 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=3 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=x86_64&distro=sles-12&sp=2 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=5 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=4 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=3 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=s390x&distro=sles-12&sp=2 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=5 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=4 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=3 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=ppc64le&distro=sles-12&sp=2 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=5 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=4 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox?arch=aarch64&distro=sles-12&sp=3 | suse |
MozillaFirefox
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=5 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=4 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=3 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=x86_64&distro=sles-12&sp=2 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=5 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=4 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=3 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=s390x&distro=sles-12&sp=2 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=5 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=4 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=3 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=ppc64le&distro=sles-12&sp=2 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=5 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=4 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-translations-common?arch=aarch64&distro=sles-12&sp=3 | suse |
MozillaFirefox-translations-common
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=5 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=4 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=3 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=x86_64&distro=sles-12&sp=2 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=5 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=4 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=3 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=s390x&distro=sles-12&sp=2 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=5 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=4 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=3 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=ppc64le&distro=sles-12&sp=2 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=5 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=4 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-devel?arch=aarch64&distro=sles-12&sp=3 | suse |
MozillaFirefox-devel
|
< 78.0.1-112.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=x86_64&distro=sles-12&sp=5 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=x86_64&distro=sles-12&sp=4 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=x86_64&distro=sles-12&sp=3 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=x86_64&distro=sles-12&sp=2 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | x86_64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=s390x&distro=sles-12&sp=5 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=s390x&distro=sles-12&sp=4 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=s390x&distro=sles-12&sp=3 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=s390x&distro=sles-12&sp=2 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | s390x | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=ppc64le&distro=sles-12&sp=5 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=ppc64le&distro=sles-12&sp=4 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=ppc64le&distro=sles-12&sp=3 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=ppc64le&distro=sles-12&sp=2 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | ppc64le | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=aarch64&distro=sles-12&sp=5 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=aarch64&distro=sles-12&sp=4 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | aarch64 | |
| Affected | pkg:rpm/suse/MozillaFirefox-branding-SLE?arch=aarch64&distro=sles-12&sp=3 | suse |
MozillaFirefox-branding-SLE
|
< 78-35.3.1 | sles-12 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |