Описание
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 68.6.1 ESR
MFSA 2020-11 (bsc#1168630)
- CVE-2020-6819 (bmo#1620818) Use-after-free while running the nsDocShell destructor
- CVE-2020-6820 (bmo#1626728) Use-after-free when handling a ReadableStream
Список пакетов
SUSE Linux Enterprise Server 11 SP4-LTSS
MozillaFirefox-68.6.1-78.67.1
MozillaFirefox-translations-common-68.6.1-78.67.1
MozillaFirefox-translations-other-68.6.1-78.67.1
Ссылки
- Link for SUSE-SU-2020:14337-1
- E-Mail link for SUSE-SU-2020:14337-1
- SUSE Security Ratings
- SUSE Bug 1168630
- SUSE CVE CVE-2020-6819 page
- SUSE CVE CVE-2020-6820 page
Описание
Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.6.1-78.67.1
SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.6.1-78.67.1
SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.6.1-78.67.1
Ссылки
- CVE-2020-6819
- SUSE Bug 1168630
- SUSE Bug 1168874
Описание
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-68.6.1-78.67.1
SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-68.6.1-78.67.1
SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-68.6.1-78.67.1
Ссылки
- CVE-2020-6820
- SUSE Bug 1168630
- SUSE Bug 1168874