• Firefox vulnerabilities

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Monday, December 09, 2019 20:10:01
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 19.04
    * Ubuntu 18.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, obtain sensitive information, or execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    firefox - 71.0+build5-0ubuntu0.19.10.1

    Ubuntu 19.04
    firefox - 71.0+build5-0ubuntu0.19.04.1

    Ubuntu 18.04 LTS
    firefox - 71.0+build5-0ubuntu0.18.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2019-11745
    * CVE-2019-11756
    * CVE-2019-17005
    * CVE-2019-17008
    * CVE-2019-17010
    * CVE-2019-17011
    * CVE-2019-17012
    * CVE-2019-17013
    * CVE-2019-17014

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Friday, December 13, 2019 12:10:07
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    USN-4216-1 fixed vulnerabilities in Firefox. This update provides
    the corresponding update for Ubuntu 16.04 LTS.

    Original advisory details:

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, obtain sensitive information, or execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 16.04 LTS
    firefox - 71.0+build5-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * USN-4216-1
    * CVE-2019-11745
    * CVE-2019-11756
    * CVE-2019-17005
    * CVE-2019-17008
    * CVE-2019-17010
    * CVE-2019-17011
    * CVE-2019-17012
    * CVE-2019-17013
    * CVE-2019-17014

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, January 09, 2020 20:10:10
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 19.04
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, obtain sensitive information, bypass Content Security
    Policy (CSP) restrictions, conduct cross-site scripting (XSS)
    attacks, or execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    firefox - 72.0.1+build1-0ubuntu0.19.10.1

    Ubuntu 19.04
    firefox - 72.0.1+build1-0ubuntu0.19.04.1

    Ubuntu 18.04 LTS
    firefox - 72.0.1+build1-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 72.0.1+build1-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2019-17016
    * CVE-2019-17017
    * CVE-2019-17020
    * CVE-2019-17022
    * CVE-2019-17023
    * CVE-2019-17024
    * CVE-2019-17025
    * CVE-2019-17026

    --- Mystic BBS v1.12 A43 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, February 13, 2020 20:10:09
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 18.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, conduct cross-site scripting (XSS) attacks, or execute
    arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    firefox - 73.0+build3-0ubuntu0.19.10.1

    Ubuntu 18.04 LTS
    firefox - 73.0+build3-0ubuntu0.18.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-6796
    * CVE-2020-6798
    * CVE-2020-6800
    * CVE-2020-6801

    --- Mystic BBS v1.12 A44 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, February 26, 2020 12:10:03
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    USN-4278-1 fixed vulnerabilities in Firefox. This update provides
    the corresponding update for Ubuntu 16.04 LTS.

    Original advisory details:

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, conduct cross-site scripting (XSS) attacks, or execute
    arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 16.04 LTS
    firefox - 73.0.1+build1-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * USN-4278-1
    * CVE-2020-6796
    * CVE-2020-6798
    * CVE-2020-6800
    * CVE-2020-6801

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, March 11, 2020 20:10:08
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, spoof the URL or other browser chrome, obtain sensitive
    information, bypass Content Security Policy (CSP) protections, or
    execute arbitrary code. (CVE-2019-20503, CVE-2020-6805,
    CVE-2020-6806, CVE-2020-6807, CVE-2020-6808, CVE-2020-6810,
    CVE-2020-6812, CVE-2020-6813, CVE-2020-6814, CVE-2020-6815)

    It was discovered that Web Extensions with the all-url permission
    could access local files. If a user were tricked in to installing
    a specially crafted extension, an attacker could potentially
    exploit this to obtain sensitive information. (CVE-2020-6809)

    It was discovered that the Devtools' `Copy as cURL' feature did
    not fully escape website-controlled data. If a user were tricked
    in to using the `Copy as cURL' feature to copy and paste a command
    with specially crafted data in to a terminal, an attacker could
    potentially exploit this to execute arbitrary commands via command
    injection. (CVE-2020-6811)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    firefox - 74.0+build3-0ubuntu0.19.10.1

    Ubuntu 18.04 LTS
    firefox - 74.0+build3-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 74.0+build3-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2019-20503
    * CVE-2020-6805
    * CVE-2020-6806
    * CVE-2020-6807
    * CVE-2020-6808
    * CVE-2020-6809
    * CVE-2020-6810
    * CVE-2020-6811
    * CVE-2020-6812
    * CVE-2020-6813
    * CVE-2020-6814
    * CVE-2020-6815

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Saturday, April 04, 2020 12:10:00
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Two use-after-free bugs were discovered in Firefox. If a user were
    tricked in to opening a specially crafted website, an attacker
    could exploit these to cause a denial of service or execute
    arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    firefox - 74.0.1+build1-0ubuntu0.19.10.1

    Ubuntu 18.04 LTS
    firefox - 74.0.1+build1-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 74.0.1+build1-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-6819
    * CVE-2020-6820

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Tuesday, April 07, 2020 16:10:07
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, obtain sensitive information, or execute arbitrary code.
    (CVE-2020-6821, CVE-2020-6822, CVE-2020-6824, CVE-2020-6825,
    CVE-2020-6826)

    It was discovered that extensions could obtain auth codes from
    OAuth login flows in some circumstances. If a user were tricked in
    to installing a specially crafted extension, an attacker could
    potentially exploit this to obtain access to the user's account.
    (CVE-2020-6823)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    firefox - 75.0+build3-0ubuntu0.19.10.1

    Ubuntu 18.04 LTS
    firefox - 75.0+build3-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 75.0+build3-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-6821
    * CVE-2020-6822
    * CVE-2020-6823
    * CVE-2020-6824
    * CVE-2020-6825
    * CVE-2020-6826

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, June 04, 2020 20:10:02
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, spoof the addressbar, or execute arbitrary code.
    (CVE-2020-12405, CVE-2020-12406, CVE-2020-12407, CVE-2020-12408,
    CVE-2020-12409, CVE-2020-12410, CVE-2020-12411)

    It was discovered that NSS showed timing differences when
    performing DSA signatures. An attacker could potentially exploit
    this to obtain private keys using a timing attack.
    (CVE-2020-12399)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    firefox - 77.0.1+build1-0ubuntu0.20.04.1

    Ubuntu 19.10
    firefox - 77.0.1+build1-0ubuntu0.19.10.1

    Ubuntu 18.04 LTS
    firefox - 77.0.1+build1-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 77.0.1+build1-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-12399
    * CVE-2020-12405
    * CVE-2020-12406
    * CVE-2020-12407
    * CVE-2020-12408
    * CVE-2020-12409
    * CVE-2020-12410
    * CVE-2020-12411

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, July 02, 2020 12:10:01
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, obtain sensitive information, bypass permission prompts,
    or execute arbitrary code. (CVE-2020-12415, CVE-2020-12416,
    CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420,
    CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426)

    It was discovered that when performing add-on updates, certificate
    chains not terminating with built-in roots were silently rejected.
    This could result in add-ons becoming outdated. (CVE-2020-12421)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    firefox - 78.0.1+build1-0ubuntu0.20.04.1

    Ubuntu 19.10
    firefox - 78.0.1+build1-0ubuntu0.19.10.1

    Ubuntu 18.04 LTS
    firefox - 78.0.1+build1-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 78.0.1+build1-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-12415
    * CVE-2020-12416
    * CVE-2020-12417
    * CVE-2020-12418
    * CVE-2020-12419
    * CVE-2020-12420
    * CVE-2020-12421
    * CVE-2020-12422
    * CVE-2020-12424
    * CVE-2020-12425
    * CVE-2020-12426

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, July 29, 2020 16:10:02
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, obtain sensitive information, bypass iframe sandbox
    restrictions, confuse the user, or execute arbitrary code.
    (CVE-2020-6463, CVE-2020-6514, CVE-2020-15652, CVE-2020-15653,
    CVE-2020-15654, CVE-2020-15656, CVE-2020-15658, CVE-2020-15659)

    It was discovered that redirected HTTP requests which are observed
    or modified through a web extension could bypass existing CORS
    checks. If a user were tricked in to installing a specially
    crafted extension, an attacker could potentially exploit this to
    obtain sensitive information across origins. (CVE-2020-15655)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    firefox - 79.0+build1-0ubuntu0.20.04.1

    Ubuntu 18.04 LTS
    firefox - 79.0+build1-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 79.0+build1-0ubuntu0.16.04.2

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-15652
    * CVE-2020-15653
    * CVE-2020-15654
    * CVE-2020-15655
    * CVE-2020-15656
    * CVE-2020-15658
    * CVE-2020-15659
    * CVE-2020-6463
    * CVE-2020-6514

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, August 26, 2020 16:10:04
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, trick the user in to installing a malicious extension,
    spoof the URL bar, leak sensitive information between origins, or
    execute arbitrary code. (CVE-2020-15664, CVE-2020-15665,
    CVE-2020-15666, CVE-2020-15670)

    It was discovered that NSS incorrectly handled certain signatures.
    An attacker could possibly use this issue to expose sensitive
    information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829)

    A data race was discovered when importing certificate information
    in to the trust store. An attacker could potentially exploit this
    to cause an unspecified impact. (CVE-2020-15668)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    firefox - 80.0+build2-0ubuntu0.20.04.1

    Ubuntu 18.04 LTS
    firefox - 80.0+build2-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 80.0+build2-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-12400
    * CVE-2020-12401
    * CVE-2020-15664
    * CVE-2020-15665
    * CVE-2020-15666
    * CVE-2020-15668
    * CVE-2020-15670
    * CVE-2020-6829

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Monday, September 28, 2020 08:10:00
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, conduct cross-site scripting (XSS) attacks, spoof the
    site displayed in the download dialog, or execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    firefox - 81.0+build2-0ubuntu0.20.04.1

    Ubuntu 18.04 LTS
    firefox - 81.0+build2-0ubuntu0.18.04.1

    Ubuntu 16.04 LTS
    firefox - 81.0+build2-0ubuntu0.16.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-15673
    * CVE-2020-15674
    * CVE-2020-15675
    * CVE-2020-15676
    * CVE-2020-15677
    * CVE-2020-15678

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From boo_ubuntu@21:4/110 to Ubuntu Users on Friday, October 23, 2020 08:10:04
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.10
    * Ubuntu 20.04 LTS
    * Ubuntu 18.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, spoof the prompt for opening an external application,
    obtain sensitive information, or execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.10
    firefox - 82.0+build2-0ubuntu0.20.10.1

    Ubuntu 20.04 LTS
    firefox - 82.0+build2-0ubuntu0.20.04.1

    Ubuntu 18.04 LTS
    firefox - 82.0+build2-0ubuntu0.18.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * CVE-2020-15254
    * CVE-2020-15680
    * CVE-2020-15681
    * CVE-2020-15682
    * CVE-2020-15683
    * CVE-2020-15684
    * CVE-2020-15969

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From boo_ubuntu@21:4/110 to Ubuntu Users on Monday, October 26, 2020 20:10:04
    firefox vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 16.04 LTS

    Summary

    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.

    Software Description

    * firefox - Mozilla Open Source web browser

    Details

    USN-4599-1 fixed vulnerabilities in Firefox. This update provides
    the corresponding updates for Ubuntu 16.04 LTS.

    Original advisory details:

    Multiple security issues were discovered in Firefox. If a user
    were tricked in to opening a specially crafted website, an
    attacker could potentially exploit these to cause a denial of
    service, spoof the prompt for opening an external application,
    obtain sensitive information, or execute arbitrary code.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 16.04 LTS
    firefox - 82.0+build2-0ubuntu0.16.04.5

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart Firefox to make
    all the necessary changes.

    References

    * USN-4599-1
    * CVE-2020-15254
    * CVE-2020-15680
    * CVE-2020-15681
    * CVE-2020-15682
    * CVE-2020-15683
    * CVE-2020-15684
    * CVE-2020-15969

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)