Hello everyone,
Mozilla has released security fixes for vulnerabilities in Firefox 77. The details of the vulnerabilities fixed are as follows
CVE ID | Vulnerability | Severity |
CVE-2020-12399 | Timing attack on DSA signatures in NSS library | High |
CVE-2020-12405 | Use-after-free in SharedWorkerService | High |
CVE-2020-12406 | JavaScript type confusion with NativeTypes | High |
CVE-2020-12407 | WebRender leaking GPU memory when using border-image CSS directive | Moderate |
CVE-2020-12408 | URL spoofing when using IP addresses | Low |
CVE-2020-12409 | Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 | High |
CVE-2020-12411 | Memory safety bugs fixed in Firefox 77 | High |
To patch these vulnerabilities using Patch Manager Plus, initiate a sync between the Patch Manager Plus server and Central Patch repository. After that, search for the following Patch IDs or Bulletin ID and install the same in the target machines.
Patch ID | Bulletin ID | Description |
314495 | TU-027 | Mozilla Firefox (77.0) |
314496 | TU-027 | Mozilla Firefox (x64) (77.0) |
314497 | TU-054 | Mozilla Firefox ESR (68.9.0) |
314498 | TU-054 | Mozilla Firefox ESR (x64) (68.9.0) |
Cheers,
The ManageEngine team