Slackware: Security Advisory (SSA:2020-042-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:14290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0383-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0384-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-6797

creationtimestamp| type| source ---|---|--- 2020-12-30 15:05:44+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1497...

Internet Bug Bounty: Uncovering file quarantine and UX security issues in macOS apps ( .terminal, .fileloc and .url)

Slides : https://docs.google.com/presentation/d/19WeQbqcOKnrSv1I3Z4sm-oNAf6IVzHwRyQP4i9BvY/editslide=id.g758ad3e04223231 See Blogpost for more details - https://medium.com/@metnew/exploiting-popular-macos-apps-with-a-single-terminal-file-f6c2efdfedaa Summary Popular macOS apps with a file-sharing...

CVE-2020-6797

By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact...

CVE-2020-6797

By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact...

CVE-2020-6797

By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact...

CVE-2020-6797

CVE-2020-6797 describes a macOS-specific issue where downloading a file with the .fileloc extension could cause a semi-privileged extension to launch an arbitrary application on the user’s Mac. The attacker is constrained by the ability to download only quarantined files and cannot pass command-l...

CVE-2020-6797

By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2020:0230-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2020:0231-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : MozillaFirefox (openSUSE-2020-230)

This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 68.5.0 ESR - Fixed: Various stability and security fixes - Mozilla Firefox ESR68.5 MFSA 2020-06 bsc1163368 - CVE-2020-6796 bmo1610426 Missing bounds check on shared memory read in the parent process -...

openSUSE Security Update : MozillaThunderbird (openSUSE-2020-231)

This update for MozillaThunderbird fixes the following issues : - Mozilla Thunderbird 68.5 bsc1162777 MFSA 2020-07 bsc1163368 - CVE-2020-6793 bmo1608539 Out-of-bounds read when processing certain email messages - CVE-2020-6794 bmo1606619 Setting a master password post-Thunderbird 52 does not dele...

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:0230-1 Rating: important References: 1163368 Cross-References: CVE-2020-6796 CVE-2020-6797 CVE-2020-6798 CVE-2020-6799 CVE-2020-6800 Affected Products: openSUSE Leap 15.1 An update that fixes 5...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-68.5.0esr-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...

Slackware 14.2 / current : mozilla-thunderbird (SSA:2020-042-02)

New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-042-02. The text itself is copyright C Slackware Linu...

Security fix for the ALT Linux 10 package thunderbird version 68.5.0-alt1

Feb. 12, 2020 Andrey Cherepanov 68.5.0-alt1 - New version 68.5.0. - Fixed: + CVE-2020-6793 Out-of-bounds read when processing certain email messages + CVE-2020-6794 Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords + CVE-2020-6795 Crash processi...

Security fix for the ALT Linux 10 package firefox-esr version 68.5.0-alt1

Feb. 12, 2020 Andrey Cherepanov 68.5.0-alt1 - New ESR version 68.5.0. - Fixed: + CVE-2020-6796 Missing bounds check on shared memory read in the parent process + CVE-2020-6797 Extensions granted downloads.open permission could open arbitrary applications on Mac OSX + CVE-2020-6798 Incorrect parsi...