Alerts This Week
Warning Icon 1 770
Alerts This Week
Warning Icon 1 770

openSUSE Leap 15.1: 2020:1384-1 Moderate: Mozilla Firefox Security Fix

opensuse
Calendar Grey September 8, 2020
Dist Opensuse Esm H88
Update for openSUSE fixes security flaws in Mozilla Firefox with advisory ID openSUSE-SU-2020:1384-1 and moderate risk.
An update that fixes three vulnerabilities is now available.

Description

This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.2.0 ESR

* Fixed: Various stability, functionality, and security fixes

- Mozilla Firefox ESR 78.2 MFSA 2020-38 (bsc#1175686)

* CVE-2020-15663 (bmo#1643199) Downgrade attack on the Mozilla

Maintenance Service could have resulted in escalation of privilege

* CVE-2020-15664 (bmo#1658214) Attacker-induced prompt for extension

installation

* CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626, bmo#1656957)

Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

- Fixed Firefox tab crash in FIPS mode (bsc#1174284).

- Fix broken translation-loading (bsc#1173991)

* allow addon sideloading

* mark signatures for langpacks non-mandatory

* do not autodisable user profile scopes

- Google API key is not usable for geolocation service any more

This update was imported from the SUSE:SLE-15:Update update project.

Topics%20covered

Topics Covered

security advisory moderate security fix Mozilla Firefox openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1384=1

Package List

- openSUSE Leap 15.1 (x86_64):

MozillaFirefox-78.2.0-lp151.2.65.1

MozillaFirefox-branding-upstream-78.2.0-lp151.2.65.1

MozillaFirefox-buildsymbols-78.2.0-lp151.2.65.1

MozillaFirefox-debuginfo-78.2.0-lp151.2.65.1

MozillaFirefox-debugsource-78.2.0-lp151.2.65.1

MozillaFirefox-devel-78.2.0-lp151.2.65.1

MozillaFirefox-translations-common-78.2.0-lp151.2.65.1

MozillaFirefox-translations-other-78.2.0-lp151.2.65.1

References

https://www.suse.com/security/cve/CVE-2020-15663.html

https://www.suse.com/security/cve/CVE-2020-15664.html

https://www.suse.com/security/cve/CVE-2020-15670.html

https://bugzilla.suse.com/1173991

https://bugzilla.suse.com/1174284

https://bugzilla.suse.com/1175686

--

Announcement ID: openSUSE-SU-2020:1384-1
Rating: moderate
Affected Products: openSUSE Leap 15.1

Topics%20covered

Topics Covered

security advisory moderate security fix Mozilla Firefox openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here