SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:3053-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.4.0 ESR - Fixed: Various stability, functionality, and security fixes MFSA 2020-46 bsc1177872, bsc1176756 - CVE-2020-15969 Use-after-free in usersctp - CVE-2020-15683 Memory safety bugs fixed in Firefo...

Security Vulnerabilities fixed in Firefox ESR 78.4 — Mozilla

A use-after-free bug in the usersctp library was reported upstream. We assume this could have led to memory corruption and a potentially exploitable crash. Mozilla developers and community members Jason Kratzer, Simon Giesecke, Philipp, and Christian Holler reported memory safety bugs present in...

usersctp - Out-of-Bounds Reads in sctp_load_addresses_from_init

usersctp - Out-of-Bounds Reads in sctploadaddressesfrominit ''' usersctp is SCTP library used by a variety of software including WebRTC. There is a vulnerability in the sctploadaddressesfrominit function of usersctp that can lead to a number of out-of-bound reads. The input to...