SUSE-SU-2020:14337-1: important: Security update for MozillaFirefox

sle-security-updates at sle-security-updates at
Tue Apr 7 07:18:36 MDT 2020

   SUSE Security Update: Security update for MozillaFirefox

Announcement ID:    SUSE-SU-2020:14337-1
Rating:             important
References:         #1168630 
Cross-References:   CVE-2020-6819 CVE-2020-6820
Affected Products:
                    SUSE Linux Enterprise Server 11-SP4-LTSS

   An update that fixes two vulnerabilities is now available.


   This update for MozillaFirefox fixes the following issues:

   - Firefox Extended Support Release 68.6.1 ESR MFSA 2020-11 (bsc#1168630)
     * CVE-2020-6819 (bmo#1620818) Use-after-free while running the
       nsDocShell destructor
     * CVE-2020-6820 (bmo#1626728) Use-after-free when handling a

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP4-LTSS:

      zypper in -t patch slessp4-MozillaFirefox-14337=1

Package List:

   - SUSE Linux Enterprise Server 11-SP4-LTSS (x86_64):



More information about the sle-security-updates mailing list