| Errata ID | 676 |
|---|---|
| Date | 2020-05-13 |
| Source package | firefox-esr |
| Fixed in version | 68.8.0esr-1~deb9u1 |
| Description | This update addresses the following issues: * Buffer overflow in AUTH chunk input validation (CVE-2020-6831) * Use-after-free during worker shutdown (CVE-2020-12387) * Arbitrary local file access with 'Copy as cURL' (CVE-2020-12392) * Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) |
| Additional notes | |
| CVE ID | CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 |
| UCS Bug number | #51273 |
