Mozilla releases security fixes for Firefox 77

Mozilla releases security fixes for Firefox 77

Hello everyone, 

 

Mozilla has released security fixes for vulnerabilities in Firefox 77. The details of the vulnerabilities fixed are as follows 

 

CVE ID

Vulnerability 

Severity

CVE-2020-12399

Timing attack on DSA signatures in NSS library

High

CVE-2020-12405

Use-after-free in SharedWorkerService

High

CVE-2020-12406

JavaScript type confusion with NativeTypes

High

CVE-2020-12407

WebRender leaking GPU memory when using border-image CSS directive 

Moderate

CVE-2020-12408

URL spoofing when using IP addresses

Low

CVE-2020-12409

Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9

High

CVE-2020-12411

Memory safety bugs fixed in Firefox 77

High

 

To patch these vulnerabilities using Patch Manager Plus, initiate a sync between the Patch Manager Plus server and Central Patch repository. After that, search for the following Patch IDs or Bulletin ID and install the same in the target machines. 

 

Patch ID

Bulletin ID

Description

314495

TU-027

Mozilla Firefox (77.0)

314496

TU-027

Mozilla Firefox (x64) (77.0)

314497

TU-054

Mozilla Firefox ESR (68.9.0)

314498

TU-054

Mozilla Firefox ESR (x64) (68.9.0)

 

Cheers, 

The ManageEngine team 

                New to ADSelfService Plus?