Anfälligkeitssuche        Suche in 211766 CVE Beschreibungen
und 97459 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:
Kategorie:SuSE Local Security Checks
Titel:SUSE: Security Advisory (SUSE-SU-2020:14456-1)
Zusammenfassung:The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2020:14456-1 advisory.
The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2020:14456-1 advisory.

Vulnerability Insight:
This update for MozillaFirefox fixes the following issues:

Fix broken translation-loading (boo#1173991)
* allow addon sideloading
* mark signatures for langpacks non-mandatory
* do not autodisable user profile scopes

Google API key is not usable for geolocation service any more

Mozilla Firefox 78.1 ESR
* Fixed: Various stability, functionality, and security fixe (MFSA
2020-32) (bsc#1174538).
* CVE-2020-15652 (bmo#1634872) Potential leak of redirect targets when
loading scripts in a worker
* CVE-2020-6514 (bmo#1642792) WebRTC data channel leaks internal address
to peer
* CVE-2020-15655 (bmo#1645204) Extension APIs could be used to bypass
Same-Origin Policy
* CVE-2020-15653 (bmo#1521542) Bypassing iframe sandbox when allowing
* CVE-2020-6463 (bmo#1635293) Use-after-free in ANGLE
* CVE-2020-15656 (bmo#1647293) Type confusion for special arguments in
* CVE-2020-15658 (bmo#1637745) Overriding file type when saving to disk
* CVE-2020-15657 (bmo#1644954) DLL hijacking due to incorrect loading
* CVE-2020-15654 (bmo#1648333) Custom cursor can overlay user interface
* CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1643613, bmo#1644839,
bmo#1645835, bmo#1646006, bmo#1646787, bmo#1649347, bmo#1650811,
bmo#1651678) Memory safety bugs fixed in Firefox 79 and Firefox ESR

Add sle11-icu-generation-python3.patch to fix icu-generation
on big endian platforms

Mozilla Firefox 78.0.2 ESR
* MFSA 2020-28 (bsc#1173948)
* MFSA-2020-0003 (bmo#1644076) X-Frame-Options bypass using object or
embed tags
* Fixed: Fixed an accessibility regression in reader mode (bmo#1650922)
* Fixed: Made the address bar more resilient to data corruption in the
user profile (bmo#1649981)
* Fixed: Fixed a regression opening certain external applications

Affected Software/OS:
'MozillaFirefox' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP4

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2020-6463
Debian Security Information: DSA-4714 (Google Search)
Debian Security Information: DSA-4736 (Google Search)
Debian Security Information: DSA-4740 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0823 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0832 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1147 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1155 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1179 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1189 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1205 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2020-6514
Debian Security Information: DSA-4824 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1048 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1061 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1148 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:1172 (Google Search)
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 97459 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.