Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:3331-1

Опубликовано: 16 нояб. 2020
Источник: suse-cvrf

Описание

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues:

  • Firefox Extended Support Release 78.4.1 ESR
    • Fixed: Security fix MFSA 2020-49 (bsc#1178588)
    • CVE-2020-26950 (bmo#1675905) Write side effects in MCallGetProperty opcode not accounted for

Список пакетов

HPE Helion OpenStack 8
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
MozillaFirefox-78.4.1-112.32.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
MozillaFirefox-78.4.1-112.32.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
MozillaFirefox-78.4.1-112.32.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
MozillaFirefox-78.4.1-112.32.1
SUSE Enterprise Storage 5
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server 12 SP2-BCL
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server 12 SP2-LTSS
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server 12 SP3-BCL
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server 12 SP3-LTSS
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server 12 SP4-LTSS
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server 12 SP5
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE Linux Enterprise Software Development Kit 12 SP5
MozillaFirefox-devel-78.4.1-112.32.1
SUSE OpenStack Cloud 7
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE OpenStack Cloud 8
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE OpenStack Cloud 9
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE OpenStack Cloud Crowbar 8
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1
SUSE OpenStack Cloud Crowbar 9
MozillaFirefox-78.4.1-112.32.1
MozillaFirefox-devel-78.4.1-112.32.1
MozillaFirefox-translations-common-78.4.1-112.32.1

Ссылки

Описание

In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox ESR < 78.4.1, and Thunderbird < 78.4.2.

Затронутые продукты
HPE Helion OpenStack 8:MozillaFirefox-78.4.1-112.32.1
HPE Helion OpenStack 8:MozillaFirefox-devel-78.4.1-112.32.1
HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.4.1-112.32.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production:MozillaFirefox-78.4.1-112.32.1
Ссылки