SUSE-SU-2020:2118-1 -- SLES MozillaFirefoxID: oval:org.secpod.oval:def:89050282 | Date: (C)2023-10-10 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker * CVE-2020-6514: WebRTC data channel leaks internal address to peer * CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy * CVE-2020-15653: Bypassing iframe sandbox when allowing popups * CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture * CVE-2020-15656: Type confusion for special arguments in IonMonkey * CVE-2020-15658: Overriding file type when saving to disk * CVE-2020-15657: DLL hijacking due to incorrect loading path * CVE-2020-15654: Custom cursor can overlay user interface * CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
Platform: |
SUSE Linux Enterprise Desktop 15 SP1 |