[SUSE-SU-2020:2563-1] Security update for MozillaFirefox
Severity
Moderate
CVEs
3
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.2.0 ESR
- Fixed: Various stability, functionality, and security fixes
Mozilla Firefox ESR 78.2
MFSA 2020-38 (bsc#1175686)- CVE-2020-15663 (bmo#1643199) Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege
- CVE-2020-15664 (bmo#1658214) Attacker-induced prompt for extension installation
- CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626, bmo#1656957) Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
Fixed Firefox tab crash in FIPS mode (bsc#1174284).
Fix broken translation-loading (bsc#1173991)
- allow addon sideloading
- mark signatures for langpacks non-mandatory
- do not autodisable user profile scopes
Google API key is not usable for geolocation service any more
- ID
- SUSE-SU-2020:2563-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2020/suse-su-20202563-1/
- Published
-
2020-09-07T15:10:48
(4 years ago) - Modified
-
2020-09-07T15:10:48
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS2-2020-1496
-
ALPINE:CVE-2020-15663
-
ALPINE:CVE-2020-15664
-
ALPINE:CVE-2020-15670
-
DSA-4749-1
-
DSA-4754-1
-
ELSA-2020-3556
-
ELSA-2020-3557
-
ELSA-2020-3558
-
ELSA-2020-3631
-
ELSA-2020-3634
-
ELSA-2020-3643
-
GLSA-202008-16
-
MFSA-2020-36
-
MFSA-2020-37
-
MFSA-2020-38
-
MFSA-2020-39
-
MFSA-2020-40
-
MFSA-2020-41
-
openSUSE-SU-2020:1383-1
-
openSUSE-SU-2020:1384-1
-
openSUSE-SU-2020:1391-1
-
openSUSE-SU-2020:1392-1
-
RHSA-2020:3556
-
RHSA-2020:3557
-
RHSA-2020:3558
-
RHSA-2020:3631
-
RHSA-2020:3634
-
RHSA-2020:3643
-
SSA:2020-256-01
-
SUSE-SU-2020:2544-1
-
SUSE-SU-2020:2552-1
-
SUSE-SU-2020:2749-1
-
USN-4474-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2020:2563-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2020:2563-1 |
|
|
| Bugzilla | SUSE Bug 1173991 |
|
|
| Bugzilla | SUSE Bug 1174284 |
|
|
| Bugzilla | SUSE Bug 1175686 |
|
|
| CVE | SUSE CVE CVE-2020-15663 page |
|
|
| CVE | SUSE CVE CVE-2020-15664 page |
|
|
| CVE | SUSE CVE CVE-2020-15670 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |