Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:Update
patchinfo.17245
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.17245
<patchinfo incident="17245"> <issue tracker="bnc" id="1178824">VUL-0: MozillaFirefox: update to 78.5.0 ESR / 83.0 (MFSA 2020-50, MFSA 2020-51)</issue> <issue tracker="cve" id="2020-16012"/> <issue tracker="cve" id="2020-26961"/> <issue tracker="cve" id="2020-26958"/> <issue tracker="cve" id="2020-15999"/> <issue tracker="cve" id="2020-26968"/> <issue tracker="cve" id="2020-26960"/> <issue tracker="cve" id="2020-26959"/> <issue tracker="cve" id="2020-26965"/> <issue tracker="cve" id="2020-26951"/> <issue tracker="cve" id="2020-26953"/> <issue tracker="cve" id="2020-26966"/> <issue tracker="cve" id="2020-26956"/> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaFirefox</summary> <description>This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.5.0 ESR (bsc#1178824) * CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012: Variable time processing of cross-origin images during drawImage calls * CVE-2020-26953: Fullscreen could be enabled without displaying the security UI * CVE-2020-26956: XSS through paste (manual and clipboard API) * CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME type restrictions * CVE-2020-26959: Use-after-free in WebRequestService * CVE-2020-26960: Potential use-after-free in uses of nsTArray * CVE-2020-15999: Heap buffer overflow in freetype * CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses * CVE-2020-26965: Software keyboards may have remembered typed passwords * CVE-2020-26966: Single-word search queries were also broadcast to local network * CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor