[SUSE-SU-2020:2563-1] Security update for MozillaFirefox
Severity
Moderate
CVEs
3
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.2.0 ESR
- Fixed: Various stability, functionality, and security fixes
Mozilla Firefox ESR 78.2
MFSA 2020-38 (bsc#1175686)- CVE-2020-15663 (bmo#1643199) Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege
- CVE-2020-15664 (bmo#1658214) Attacker-induced prompt for extension installation
- CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626, bmo#1656957) Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
Fixed Firefox tab crash in FIPS mode (bsc#1174284).
Fix broken translation-loading (bsc#1173991)
- allow addon sideloading
- mark signatures for langpacks non-mandatory
- do not autodisable user profile scopes
Google API key is not usable for geolocation service any more
- ID
- SUSE-SU-2020:2563-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2020/suse-su-20202563-1/
- Published
-
2020-09-07T15:10:48
(4 years ago) - Modified
-
2020-09-07T15:10:48
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2020-1496
- ALPINE:CVE-2020-15663
- ALPINE:CVE-2020-15664
- ALPINE:CVE-2020-15670
- DSA-4749-1
- DSA-4754-1
- ELSA-2020-3556
- ELSA-2020-3557
- ELSA-2020-3558
- ELSA-2020-3631
- ELSA-2020-3634
- ELSA-2020-3643
- GLSA-202008-16
- MFSA-2020-36
- MFSA-2020-37
- MFSA-2020-38
- MFSA-2020-39
- MFSA-2020-40
- MFSA-2020-41
- openSUSE-SU-2020:1383-1
- openSUSE-SU-2020:1384-1
- openSUSE-SU-2020:1391-1
- openSUSE-SU-2020:1392-1
- RHSA-2020:3556
- RHSA-2020:3557
- RHSA-2020:3558
- RHSA-2020:3631
- RHSA-2020:3634
- RHSA-2020:3643
- SSA:2020-256-01
- SUSE-SU-2020:2544-1
- SUSE-SU-2020:2552-1
- SUSE-SU-2020:2749-1
- USN-4474-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2563-1.json | |
Suse | URL for SUSE-SU-2020:2563-1 | https://www.suse.com/support/update/announcement/2020/suse-su-20202563-1/ | |
Suse | E-Mail link for SUSE-SU-2020:2563-1 | https://lists.suse.com/pipermail/sle-security-updates/2020-September/007378.html | |
Bugzilla | SUSE Bug 1173991 | https://bugzilla.suse.com/1173991 | |
Bugzilla | SUSE Bug 1174284 | https://bugzilla.suse.com/1174284 | |
Bugzilla | SUSE Bug 1175686 | https://bugzilla.suse.com/1175686 | |
CVE | SUSE CVE CVE-2020-15663 page | https://www.suse.com/security/cve/CVE-2020-15663/ | |
CVE | SUSE CVE CVE-2020-15664 page | https://www.suse.com/security/cve/CVE-2020-15664/ | |
CVE | SUSE CVE CVE-2020-15670 page | https://www.suse.com/security/cve/CVE-2020-15670/ |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |