Lucene search

K
altlinuxHttps://packages.altlinux.org/en/sisyphus/security/DABA184416A75A46AE97FCFDB8DD6816
HistoryNov 16, 2020 - 12:00 a.m.

Security fix for the ALT Linux 10 package firefox-esr version 78.5.0-alt1

2020-11-1600:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
13

EPSS

0.026

Percentile

90.3%

Nov. 16, 2020 Andrey Cherepanov 78.5.0-alt1

- New version (78.5.0).
- Fixes:
  + CVE-2020-26951 Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code
  + CVE-2020-16012 Variable time processing of cross-origin images during drawImage calls
  + CVE-2020-26953 Fullscreen could be enabled without displaying the security UI
  + CVE-2020-26956 XSS through paste (manual and clipboard API)
  + CVE-2020-26958 Requests intercepted through ServiceWorkers lacked MIME type restrictions
  + CVE-2020-26959 Use-after-free in WebRequestService
  + CVE-2020-26960 Potential use-after-free in uses of nsTArray
  + CVE-2020-15999 Heap buffer overflow in freetype
  + CVE-2020-26961 DoH did not filter IPv4 mapped IP Addresses
  + CVE-2020-26965 Software keyboards may have remembered typed passwords
  + CVE-2020-26966 Single-word search queries were also broadcast to local network
  + CVE-2020-26968 Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5