Synopsis: Important: firefox security update
Advisory ID: SLSA-2020:1420-1
Issue Date: 2020-04-09
CVE Numbers: CVE-2020-6821
CVE-2020-6822
CVE-2020-6825
—
This update upgrades Firefox to version 68.7.0 ESR.
Security Fix(es):
* Mozilla: Uninitialized memory could be read when using the WebGL
copyTexSubImage method (CVE-2020-6821)
* Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7
(CVE-2020-6825)
* Mozilla: Out of bounds write in GMPDecodeData when processing large
images (CVE-2020-6822)
—
SL7
x86_64
firefox-68.7.0-2.el7_8.x86_64.rpm
firefox-debuginfo-68.7.0-2.el7_8.x86_64.rpm
firefox-68.7.0-2.el7_8.i686.rpm
firefox-debuginfo-68.7.0-2.el7_8.i686.rpm
– Scientific Linux Development Team
