SUSE-SU-2020:0384-1 -- SLES MozillaFirefoxID: oval:org.secpod.oval:def:89000451 | Date: (C)2021-02-23 (M)2023-12-20 |
Class: PATCH | Family: unix |
This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.5.0 ESR * CVE-2020-6796 Missing bounds check on shared memory read in the parent process * CVE-2020-6797 Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6799 Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader * CVE-2020-6800 Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 * Fixed: Fixed various issues opening files with spaces in their path
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |
SUSE Linux Enterprise Desktop 12 SP4 |