Описание
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.4.1 ESR
- Fixed: Security fix MFSA 2020-49 (bsc#1178588)
- CVE-2020-26950 (bmo#1675905) Write side effects in MCallGetProperty opcode not accounted for
Список пакетов
Image SLES15-SAP-Azure-LI-BYOS-Production
MozillaFirefox-78.4.1-3.116.1
Image SLES15-SAP-Azure-VLI-BYOS-Production
MozillaFirefox-78.4.1-3.116.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
MozillaFirefox-78.4.1-3.116.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
MozillaFirefox-78.4.1-3.116.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
MozillaFirefox-78.4.1-3.116.1
MozillaFirefox-devel-78.4.1-3.116.1
MozillaFirefox-translations-common-78.4.1-3.116.1
MozillaFirefox-translations-other-78.4.1-3.116.1
Ссылки
- Link for SUSE-SU-2020:3311-1
- E-Mail link for SUSE-SU-2020:3311-1
- SUSE Security Ratings
- SUSE Bug 1178588
- SUSE CVE CVE-2020-26950 page
Описание
In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.
Затронутые продукты
Image SLES15-SAP-Azure-LI-BYOS-Production:MozillaFirefox-78.4.1-3.116.1
Image SLES15-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-78.4.1-3.116.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:MozillaFirefox-78.4.1-3.116.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:MozillaFirefox-78.4.1-3.116.1
Ссылки
- CVE-2020-26950
- SUSE Bug 1177872
- SUSE Bug 1178588
- SUSE Bug 1178611