SUSE: 2020:14290-1 Important: MozillaFirefox Update for Security Issues
suse
February 24, 2020
An update that fixes 5 vulnerabilities is now available
Summary
This update for MozillaFirefox fixes the following issues: Firefox was updated to version 68.5.0 ESR (bsc#1163368). Security issues fixed: - CVE-2020-6796: Fixed a missing bounds check on shared memory in the parent process (bsc#1163368). - CVE-2020-6798: Fixed a JavaScript code injection issue caused by the incorrect parsing of template tags (bsc#1163368). - CVE-2020-6799: Fixed a local arbitrary code execution issue when handling PDF links from other applications (bsc#1163368). - CVE-2020-6800: Fixed several memory safety bugs (bsc#1163368). Non-security issues fixed: - Fixed various issues opening files with spaces in their path (bmo#1601905, bmo#1602726). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods
References
#1161799 #1163368
Cross- CVE-2020-6796 CVE-2020-6797 CVE-2020-6798
CVE-2020-6799 CVE-2020-6800
Affected Products:
SUSE Linux Enterprise Server 11-SP4-LTSS
https://www.suse.com/security/cve/CVE-2020-6796.html
https://www.suse.com/security/cve/CVE-2020-6797.html
https://www.suse.com/security/cve/CVE-2020-6798.html
https://www.suse.com/security/cve/CVE-2020-6799.html
https://www.suse.com/security/cve/CVE-2020-6800.html
https://bugzilla.suse.com/1161799
https://bugzilla.suse.com/1163368
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:14290-1
Rating: important
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!