File _patchinfo of Package patchinfo.14307
<patchinfo incident="14307">
<issue tracker="bnc" id="1132665">With Firefox 66.0.2 there's now apparent way of minimizing a window!</issue>
<issue tracker="bnc" id="1166238">VUL-0: MozillaFirefox,MozillaThunderbird: 68.6ESR / 74 release - MFSA 2020-08 / 2020-09</issue>
<issue tracker="cve" id="2020-6811"/>
<issue tracker="cve" id="2019-20503"/>
<issue tracker="cve" id="2020-6812"/>
<issue tracker="cve" id="2020-6814"/>
<issue tracker="cve" id="2020-6806"/>
<issue tracker="cve" id="2020-6805"/>
<issue tracker="cve" id="2020-6807"/>
<packager>MSirringhaus</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for MozillaFirefox</summary>
<description>This update for MozillaFirefox fixes the following issues:
MozillaFirefox was updated to 68.6.0 ESR (MFSA 2020-09 bsc#1132665 bsc#1166238)
- CVE-2020-6805: Fixed a use-after-free when removing data about origins
- CVE-2020-6806: Fixed improper protections against state confusion
- CVE-2020-6807: Fixed a use-after-free in cubeb during stream destruction
- CVE-2020-6811: Fixed an issue where copy as cURL' feature did not fully
escape website-controlled data potentially leading to command injection
- CVE-2019-20503: Fixed out of bounds reads in sctp_load_addresses_from_init
- CVE-2020-6812: Fixed an issue where the names of AirPods with personally
identifiable information were exposed to websites with camera or microphone
permission
- CVE-2020-6814: Fixed multiple memory safety bugs
- Fixed an issue with minimizing a window (bsc#1132665).
</description>
</patchinfo>