Lucene search
RedHatRHSA-2020:0086HistoryJan 13, 2020 - 1:06 p.m.
(RHSA-2020:0086) Critical: firefox security update
2020-01-1313:06:35
access.redhat.com
69
0.526 Medium
EPSS
Percentile
97.6%
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 68.4.1 ESR.
Security Fix(es):
-
Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026)
-
Mozilla: Bypass of @namespace CSS sanitization during pasting (CVE-2019-17016)
-
Mozilla: Type Confusion in XPCVariant.cpp (CVE-2019-17017)
-
Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 (CVE-2019-17024)
-
Mozilla: CSS sanitization does not escape HTML tags (CVE-2019-17022)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | i686 | firefox-debuginfo | < 68.4.1-1.el6_10 | firefox-debuginfo-68.4.1-1.el6_10.i686.rpm |
| RedHat | 6 | ppc64 | firefox | < 68.4.1-1.el6_10 | firefox-68.4.1-1.el6_10.ppc64.rpm |
| RedHat | 6 | i686 | firefox | < 68.4.1-1.el6_10 | firefox-68.4.1-1.el6_10.i686.rpm |
| RedHat | 6 | x86_64 | firefox-debuginfo | < 68.4.1-1.el6_10 | firefox-debuginfo-68.4.1-1.el6_10.x86_64.rpm |
| RedHat | 6 | s390x | firefox-debuginfo | < 68.4.1-1.el6_10 | firefox-debuginfo-68.4.1-1.el6_10.s390x.rpm |
| RedHat | 6 | ppc64 | firefox-debuginfo | < 68.4.1-1.el6_10 | firefox-debuginfo-68.4.1-1.el6_10.ppc64.rpm |
| RedHat | 6 | x86_64 | firefox | < 68.4.1-1.el6_10 | firefox-68.4.1-1.el6_10.x86_64.rpm |
| RedHat | 6 | s390x | firefox | < 68.4.1-1.el6_10 | firefox-68.4.1-1.el6_10.s390x.rpm |
Related
openvas
openvas
CentOS Update for firefox CESA-2020:0085 centos7
2020-01-16 00:00:00
Mageia: Security Advisory (MGASA-2020-0034)
2022-01-28 00:00:00
CentOS Update for firefox CESA-2020:0086 centos6
2020-01-15 00:00:00
nessus
nessus
Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20200113)
2020-01-15 00:00:00
Scientific Linux Security Update : firefox on SL7.x x86_64 (20200113)
2020-01-15 00:00:00
Oracle Linux 7 : thunderbird (ELSA-2020-0120)
2020-01-17 00:00:00
archlinux
archlinux
[ASA-202001-4] thunderbird: multiple issues
2020-01-14 00:00:00
[ASA-202001-1] firefox: multiple issues
2020-01-08 00:00:00
[ASA-202001-3] firefox: arbitrary code execution
2020-01-10 00:00:00
amazon
amazon
Important: thunderbird
2020-02-10 23:43:00
osv
osv
thunderbird - security update
2020-01-20 00:00:00
thunderbird - security update
2020-01-17 00:00:00
firefox-esr - security update
2020-01-09 00:00:00
redhat
redhat
(RHSA-2020:0123) Important: thunderbird security update
2020-01-16 10:46:52
(RHSA-2020:0127) Important: thunderbird security update
2020-01-16 12:26:13
(RHSA-2020:0085) Critical: firefox security update
2020-01-13 13:06:23
oraclelinux
oraclelinux
firefox security update
2020-01-13 00:00:00
thunderbird security update
2020-01-18 00:00:00
thunderbird security update
2020-01-16 00:00:00
centos
centos
thunderbird security update
2020-01-18 14:40:44
thunderbird security update
2020-01-18 14:41:32
firefox security update
2020-01-14 17:25:32
debian
debian
[SECURITY] [DLA 2071-1] thunderbird security update
2020-01-20 11:40:56
[SECURITY] [DSA 4600-1] firefox-esr security update
2020-01-09 09:21:23
[SECURITY] [DLA 2061-1] firefox-esr security update
2020-01-09 10:22:20
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2020-01-12 02:52:04
Updated firefox packages fix security vulnerability
2020-01-09 23:11:02
kaspersky
kaspersky
KLA11635 Multiple vulnerabilities in Mozilla Thunderbird
2020-01-10 00:00:00
KLA11629 Multiple vulnerabilities in Mozilla Firefox ESR
2020-01-07 00:00:00
KLA11628 Multiple vulnerabilities in Mozilla Firefox
2020-01-07 00:00:00
suse
suse
Security update for MozillaThunderbird (important)
2020-01-22 00:00:00
Security update for MozillaFirefox (important)
2020-01-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 68.4.1-alt1
2020-01-11 00:00:00
Security fix for the ALT Linux 10 package firefox-esr version 68.4.1-alt1
2020-01-08 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 68.4.1 — Mozilla
2020-01-10 00:00:00
Security Vulnerabilities fixed in Firefox ESR 68.4 — Mozilla
2020-01-07 00:00:00
Security Vulnerabilities fixed in Firefox 72 — Mozilla
2020-01-07 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2020-01-11 00:19:13
ibm
ibm
ubuntu
ubuntu
Firefox vulnerabilities
2020-01-09 00:00:00
Thunderbird vulnerabilities
2020-01-16 00:00:00
veracode
veracode
Injection Attacks
2020-09-21 06:37:21
Cross-site Scripting (XSS)
2020-09-21 06:40:39
Arbitrary Code Execution
2020-09-21 06:26:48
debiancve
debiancve
alpinelinux
alpinelinux
cvelist
cvelist
ubuntucve
ubuntucve
cve
cve
redhatcve
redhatcve
prion
prion
Design/Logic Flaw
2020-01-08 22:15:00
Design/Logic Flaw
2020-01-08 22:15:00
Type confusion
2020-01-08 22:15:00
nvd
nvd
threatpost
threatpost
Mozilla Updates Firefox Browser: Zero-Day Bug Patched, Fingerprinting Nixed
2020-01-08 18:04:42
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox IonMonkey JIT Compiler Type Confusion (CVE-2019-17026)
2022-02-21 00:00:00
symantec
symantec
avleonov
avleonov
0day RCE in Firefox
2020-01-12 02:06:26
cisa
cisa
Mozilla Patches Critical Vulnerability
2020-01-08 00:00:00
cisa_kev
cisa_kev
Mozilla Firefox And Thunderbird Type Confusion Vulnerability
2021-11-03 00:00:00
thn
thn
Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!
2020-01-09 10:34:00
attackerkb
attackerkb
CVE-2019-17026
2020-03-02 00:00:00
packetstorm
packetstorm
Firefox 72 IonMonkey JIT Type Confusion
2021-05-13 00:00:00