SUSE-SU-2020:1209-1 -- SLES MozillaFirefoxID: oval:org.secpod.oval:def:89050384 | Date: (C)2023-10-10 (M)2023-10-10 |
Class: PATCH | Family: unix |
This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020-6831: Buffer overflow in SCTP chunk input validation - CVE-2020-12392: Arbitrary local file access with "Copy as cURL" - CVE-2020-12393: Devtools" "Copy as cURL" feature did not fully escape website-controlled data, potentially leading to command injection - CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
Platform: |
SUSE Linux Enterprise Desktop 15 SP1 |