Overview

File _patchinfo of Package patchinfo.16039

<patchinfo incident="16039">
  <issue tracker="bnc" id="1173991">Firefox translations not available after reinstalling MozillaFirefox-translations-common</issue>
  <issue tracker="bnc" id="1174284"></issue>
  <issue tracker="bnc" id="1175686">VUL-0: MozillaFirefox: Update to 78.2.0 ESR /80 (MFSA 2020-38 and MFSA 2020-36)</issue>
  <issue tracker="cve" id="2020-15663"/>
  <issue tracker="cve" id="2020-15664"/>
  <issue tracker="cve" id="2020-15670"/>
  <packager>MSirringhaus</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for MozillaFirefox</summary>
  <description>This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 78.2.0 ESR
  * Fixed: Various stability, functionality, and security fixes
- Mozilla Firefox ESR 78.2
  MFSA 2020-38 (bsc#1175686)
  * CVE-2020-15663 (bmo#1643199)
    Downgrade attack on the Mozilla Maintenance Service could
    have resulted in escalation of privilege
  * CVE-2020-15664 (bmo#1658214)
    Attacker-induced prompt for extension installation
  * CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
    bmo#1656957)
    Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

- Fixed Firefox tab crash in FIPS mode (bsc#1174284).

- Fix broken translation-loading (bsc#1173991) 
  * allow addon sideloading
  * mark signatures for langpacks non-mandatory
  * do not autodisable user profile scopes
- Google API key is not usable for geolocation service any more
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places