Mozilla releases security fixes for Firefox 77
Hello everyone,
Mozilla has released security fixes for vulnerabilities in Firefox 77. The details of the vulnerabilities fixed are as follows
CVE ID | Vulnerability | Severity |
CVE-2020-12399 | Timing attack on DSA signatures in NSS library | High |
CVE-2020-12405 | Use-after-free in SharedWorkerService | High |
CVE-2020-12406 | JavaScript type confusion with NativeTypes | High |
CVE-2020-12407 | WebRender leaking GPU memory when using border-image CSS directive | Moderate |
CVE-2020-12408 | URL spoofing when using IP addresses | Low |
CVE-2020-12409 | Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 | High |
CVE-2020-12411 | Memory safety bugs fixed in Firefox 77 | High |
To patch these vulnerabilities using Desktop Central, initiate a sync between the Desktop Central server and Central Patch repository. After that, search for the following Patch IDs or Bulletin ID and install the same in the target machines.
Patch ID | Bulletin ID | Description |
314495 | TU-027 | Mozilla Firefox (77.0) |
314496 | TU-027 | Mozilla Firefox (x64) (77.0) |
314497 | TU-054 | Mozilla Firefox ESR (68.9.0) |
314498 | TU-054 | Mozilla Firefox ESR (x64) (68.9.0) |
Cheers,
Topic Participants
Karthika s