OPENSUSE-SU-2020:2318-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.6.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3901-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.6.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 - CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed -...

RHEL 8 : thunderbird (RHSA-2020:5645)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5645 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Security Fixes:...

RHEL 8 : thunderbird (RHSA-2020:5644)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5644 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Security Fixes:...

Security update for MozillaFirefox (critical)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:2318-1 Rating: critical References: 1180039 Cross-References: CVE-2020-16042 CVE-2020-26971 CVE-2020-26973 CVE-2020-26974 CVE-2020-26978 CVE-2020-35111 CVE-2020-35112 CVE-2020-35113 Affected Products:...

Arbitrary Code Execution

chromium is vulnerable to arbitrary code execution. The vulnerability exists through use after free in CSS that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE-SU-2020:3903-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.6.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed...

SUSE-SU-2020:14584-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.6.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2020-55 bsc1180039 CVE-2020-16042 bmo1679003 Operations on a BigInt could have caused uninitialized memory to be exposed...

RHEL 8 : firefox (RHSA-2020:5563)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5563 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 8 : firefox (RHSA-2020:5564)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5564 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Oracle Linux 7 : ELSA-2020-5618-1: / thunderbird (ELSA-2020-56181)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-56181 advisory. 78.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.6.0-1 - Update to 78.6.0 Tenable has extracted...

RHEL 8 : firefox (RHSA-2020:5562)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5562 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 7 : firefox (RHSA-2020:5561)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5561 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 8 : firefox (RHSA-2020:5565)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5565 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 8 : thunderbird (RHSA-2020:5622)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5622 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Security Fixes:...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Mozilla: CSS Sanitizer performed incorrect sanitization

The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Mozilla: CSS Sanitizer performed incorrect sanitization

The Mozilla Foundation Security Advisory describes this flaw as: Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass...

MGASA-2020-0462 Updated thunderbird packages fix security vulnerabilities

When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read CVE-2020-16042. Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow in WebGL on some video drivers CVE-2020-26971. Certain inpu...