Synopsis: Important: firefox security update Advisory ID: SLSA-2020:2824-1 Issue Date: 2020-07-07 CVE Numbers: None -- Security Fix(es): * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect to a STUN server (CVE-2020-12420) * Mozilla: Add-On updates did not respect the same certificate trust rules as software updates (CVE-2020-12421) -- SL6 x86_64 firefox-68.10.0-1.el6_10.x86_64.rpm firefox-debuginfo-68.10.0-1.el6_10.x86_64.rpm firefox-68.10.0-1.el6_10.i686.rpm firefox-debuginfo-68.10.0-1.el6_10.i686.rpm i386 firefox-68.10.0-1.el6_10.i686.rpm firefox-debuginfo-68.10.0-1.el6_10.i686.rpm - Scientific Linux Development Team