Request 829614: Submit MozillaFirefox - openSUSE Build Service

This request is superseded by request 829621 (Show diff)

Overview

Request 829614 superseded

- Mozilla Firefox 80.0
MFSA 2020- (bsc#1175686)
* CVE-2020-15663 (bmo#1643199)
Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
* CVE-2020-15664 (bmo#1658214)
Attacker-induced prompt for extension installation
* CVE-2020-12401 (bmo#1631573)
Timing-attack on ECDSA signature generation
* CVE-2020-6829 (bmo#1631583)
P-384 and P-521 vulnerable to an electro-magnetic side
channel attack on signature generation
* CVE-2020-12400 (bmo#1623116)
P-384 and P-521 vulnerable to a side channel attack on
modular inversion
* CVE-2020-15665 (bmo#1651636)
Address bar not reset when choosing to stay on a page after
the beforeunload dialog is shown
* CVE-2020-15666 (bmo#1450853)
MediaError message property leaks cross-origin response
status
* CVE-2020-15667 (bmo#1653371)
Heap overflow when processing an update file
* CVE-2020-15668 (bmo#1651520)
Data Race when reading certificate information
* CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
bmo#1656957)
Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
- requires
* NSPR 4.27

Created by wrosenauer over 3 years ago
In state superseded
Supersedes 829610
Superseded by 829621
Open review for licensedigger
Open review for factory-staging
Open review for opensuse-review-team

Submit MozillaFirefox

Comments for request 829614 0

Login required, please login in order to comment

Request History

wrosenauer created request over 3 years ago

- Mozilla Firefox 80.0
MFSA 2020- (bsc#1175686)
* CVE-2020-15663 (bmo#1643199)
Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
* CVE-2020-15664 (bmo#1658214)
Attacker-induced prompt for extension installation
* CVE-2020-12401 (bmo#1631573)
Timing-attack on ECDSA signature generation
* CVE-2020-6829 (bmo#1631583)
P-384 and P-521 vulnerable to an electro-magnetic side
channel attack on signature generation
* CVE-2020-12400 (bmo#1623116)
P-384 and P-521 vulnerable to a side channel attack on
modular inversion
* CVE-2020-15665 (bmo#1651636)
Address bar not reset when choosing to stay on a page after
the beforeunload dialog is shown
* CVE-2020-15666 (bmo#1450853)
MediaError message property leaks cross-origin response
status
* CVE-2020-15667 (bmo#1653371)
Heap overflow when processing an update file
* CVE-2020-15668 (bmo#1651520)
Data Race when reading certificate information
* CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
bmo#1656957)
Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
- requires
* NSPR 4.27

factory-auto added opensuse-review-team as a reviewer over 3 years ago

Please review sources

factory-auto accepted review over 3 years ago

Check script succeeded

wrosenauer superseded request over 3 years ago

superseded by 829621

openSUSE Build Service is sponsored by