Alerts This Week
Warning Icon 1 924
Alerts This Week
Warning Icon 1 924

SUSE: 2020:0078-1 Important MozillaFirefox Security Update

suse
Calendar Grey January 13, 2020
Dist Suse Esm H88
SUSE has rolled out a Security Patch addressing 7 vulnerabilities in MozillaFirefox, rated as critical. Update guidelines can be found in their official documentation.
An update that fixes 7 vulnerabilities is now available

Summary

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 68.4.1 ESR * Fixed: Security fix MFSA 2020-03 (bsc#1160498) * CVE-2019-17026 (bmo#1607443) IonMonkey type confusion with StoreElementHole and FallibleStoreElement - Firefox Extended Support Release 68.4.0 ESR * Fixed: Various security fixes MFSA 2020-02 (bsc#1160305) * CVE-2019-17015 (bmo#1599005) Memory corruption in parent process during new content process initialization on Windows * CVE-2019-17016 (bmo#1599181) Bypass of @namespace CSS sanitization during pasting * CVE-2019-17017 (bmo#1603055) Type Confusion in XPCVariant.cpp * CVE-2019-17021 (bmo#1599008) Heap address disclosure in parent process during content process initialization on Windows

Topics%20covered

Topics Covered

security advisory remote execution important memory safety Mozilla Firefox SUSE Linux Enterprise

References

#1160305 #1160498

Cross- CVE-2019-17015 CVE-2019-17016 CVE-2019-17017

CVE-2019-17021 CVE-2019-17022 CVE-2019-17024

CVE-2019-17026

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Desktop Applications 15-SP1

SUSE Linux Enterprise Module for Desktop Applications 15

https://www.suse.com/security/cve/CVE-2019-17015.html

https://www.suse.com/security/cve/CVE-2019-17016.html

https://www.suse.com/security/cve/CVE-2019-17017.html

https://www.suse.com/security/cve/CVE-2019-17021.html

https://www.suse.com/security/cve/CVE-2019-17022.html

https://www.suse.com/security/cve/CVE-2019-17024.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:0078-1
Rating: important

Topics%20covered

Topics Covered

security advisory remote execution important memory safety Mozilla Firefox SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here