advisories/26433.adv

type: security
subject: Updated firefox packages fix security vulnerabilities
CVE:
 - CVE-2020-6819
 - CVE-2020-6820
src:
  7:
   core:
     - firefox-68.6.1-1.mga7
     - firefox-l10n-68.6.1-1.mga7
description: |
  Updated firefox packages fix security vulnerabilities:

  Under certain conditions, when running the nsDocShell destructor,
  a race condition can cause a use-after-free (CVE-2020-6819).

  Under certain conditions, when handling a ReadableStream, a race
  condition can cause a use-after-free (CVE-2020-6820).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=26433
 - https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
ID: MGASA-2020-0161
1	type: security
2	subject: Updated firefox packages fix security vulnerabilities
3	CVE:
4	- CVE-2020-6819
5	- CVE-2020-6820
6	src:
7	7:
8	core:
9	- firefox-68.6.1-1.mga7
10	- firefox-l10n-68.6.1-1.mga7
11	description: \|
12	Updated firefox packages fix security vulnerabilities:
13
14	Under certain conditions, when running the nsDocShell destructor,
15	a race condition can cause a use-after-free (CVE-2020-6819).
16
17	Under certain conditions, when handling a ReadableStream, a race
18	condition can cause a use-after-free (CVE-2020-6820).
19	references:
20	- https://bugs.mageia.org/show_bug.cgi?id=26433
21	- https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
22	ID: MGASA-2020-0161