Request 829621: Submit MozillaFirefox - openSUSE Build Service

This request supersedes: request 829614 (Show diff)

Overview

Request 829621 accepted

- Mozilla Firefox 80.0
MFSA 2020-36 (bsc#1175686)
* CVE-2020-15663 (bmo#1643199)
Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
* CVE-2020-15664 (bmo#1658214)
Attacker-induced prompt for extension installation
* CVE-2020-12401 (bmo#1631573)
Timing-attack on ECDSA signature generation
* CVE-2020-6829 (bmo#1631583)
P-384 and P-521 vulnerable to an electro-magnetic side
channel attack on signature generation
* CVE-2020-12400 (bmo#1623116)
P-384 and P-521 vulnerable to a side channel attack on
modular inversion
* CVE-2020-15665 (bmo#1651636)
Address bar not reset when choosing to stay on a page after
the beforeunload dialog is shown
* CVE-2020-15666 (bmo#1450853)
MediaError message property leaks cross-origin response
status
* CVE-2020-15667 (bmo#1653371)
Heap overflow when processing an update file
* CVE-2020-15668 (bmo#1651520)
Data Race when reading certificate information
* CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
bmo#1656957)
Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
- requires
* NSPR 4.27

Created by wrosenauer about 4 years ago
In state accepted
Supersedes 829614

Submit MozillaFirefox

Comments for request 829621 0

Login required, please login in order to comment

Request History

wrosenauer created request about 4 years ago

- Mozilla Firefox 80.0
MFSA 2020-36 (bsc#1175686)
* CVE-2020-15663 (bmo#1643199)
Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
* CVE-2020-15664 (bmo#1658214)
Attacker-induced prompt for extension installation
* CVE-2020-12401 (bmo#1631573)
Timing-attack on ECDSA signature generation
* CVE-2020-6829 (bmo#1631583)
P-384 and P-521 vulnerable to an electro-magnetic side
channel attack on signature generation
* CVE-2020-12400 (bmo#1623116)
P-384 and P-521 vulnerable to a side channel attack on
modular inversion
* CVE-2020-15665 (bmo#1651636)
Address bar not reset when choosing to stay on a page after
the beforeunload dialog is shown
* CVE-2020-15666 (bmo#1450853)
MediaError message property leaks cross-origin response
status
* CVE-2020-15667 (bmo#1653371)
Heap overflow when processing an update file
* CVE-2020-15668 (bmo#1651520)
Data Race when reading certificate information
* CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
bmo#1656957)
Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
- requires
* NSPR 4.27

factory-auto added opensuse-review-team as a reviewer about 4 years ago

Please review sources

factory-auto accepted review about 4 years ago

Check script succeeded

licensedigger accepted review about 4 years ago

ok

namtrac accepted review about 4 years ago

dimstar_suse set openSUSE:Factory:Staging:G as a staging project about 4 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:G"

dimstar_suse accepted review about 4 years ago

Picked "openSUSE:Factory:Staging:G"

dimstar_suse accepted review about 4 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

dimstar_suse approved review about 4 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

dimstar_suse accepted request about 4 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

openSUSE Build Service is sponsored by