SUSE-SU-2021:0080-1

UNKNOWN

Security update for MozillaFirefox

Published Jan 12, 2021

Modified 5 years ago

Fix available

Details

This update for MozillaFirefox fixes the following issues:

Firefox Extended Support Release 78.6.1 ESR
- Fixed: Critical security issue MFSA 2021-01 (bsc#1180623)
- CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Affected Packages

MozillaFirefox

SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12 SP3-BCL

Fixed in:

78.6.1-112.42.1

MozillaFirefox-devel

SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12 SP3-BCL

Fixed in:

78.6.1-112.42.1

MozillaFirefox-translations-common

SUSE Enterprise Storage 5SUSE HPE Helion OpenStack 8SUSE Linux Enterprise Server 12 SP2-BCLSUSE Linux Enterprise Server 12 SP2-LTSSSUSE Linux Enterprise Server 12 SP3-BCL

Fixed in:

78.6.1-112.42.1

References

REPORT

https://bugzilla.suse.com/1180623

WEB

https://www.suse.com/security/cve/CVE-2020-16044

ADVISORY

https://www.suse.com/support/update/announcement/2021/suse-su-20210080-1/

Upstream

CVE-2020-16044

Ecosystems(18)

SUSE Enterprise Storage 5 SUSE HPE Helion OpenStack 8 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3-BCL

Timeline

PublishedJan 12, 2021

ModifiedJan 12, 2021