Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 20.04 LTS: USN-4423-1 Moderate: Firefox X-Frame-Options Bypass

ubuntu
Calendar Grey July 14, 2020
Dist Ubuntu Esm H88
Uncover the issue with Ubuntu Firefox's X-Frame-Options bypass leading to potential clickjacking risks.
A X-Frame-Options bypass was discovered in Firefox.

Summary

A X-Frame-Options bypass was discovered in Firefox.

Software Description:

- firefox: Mozilla Open Source web browser

Details:

It was discovered that X-Frame-Options could be bypassed in some

circumstances. If a user were tricked in to opening a specially crafted

website, an attacker could potentially exploit this to conduct

clickjacking attacks.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  firefox                         78.0.2+build2-0ubuntu0.20.04.1

Ubuntu 19.10:
  firefox                         78.0.2+build2-0ubuntu0.19.10.1

Ubuntu 18.04 LTS:
  firefox                         78.0.2+build2-0ubuntu0.18.04.1

Ubuntu 16.04 LTS:
  firefox                         78.0.2+build2-0ubuntu0.16.04.1

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4423-1

https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1887576

July 14, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here