CVE-2020-6800

Priority
Description
Mozilla developers and community members reported memory safety bugs
present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed
evidence of memory corruption and we presume that with enough effort some
of these could have been exploited to run arbitrary code. In general, these
flaws cannot be exploited through email in the Thunderbird product because
scripting is disabled when reading mail, but are potentially risks in
browser or browser-like contexts. This vulnerability affects Thunderbird <
68.5, Firefox < 73, and Firefox < ESR68.5.
Assigned-to
chrisccoulson
Notes
tyhicksmozjs contains a copy of the SpiderMonkey JavaScript engine
Package
Upstream:released (73.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (73.0.1+build1-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (73.0+build3-0ubuntu0.18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):released (73.0+build3-0ubuntu1)
Ubuntu 20.10 (Groovy Gorilla):released (73.0+build3-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 20.04 LTS (Focal Fossa):needs-triage
Ubuntu 20.10 (Groovy Gorilla):needs-triage
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Priority: Low
Upstream:released (68.5.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1:68.7.0+build1-0ubuntu0.16.04.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (1:68.7.0+build1-0ubuntu0.18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):released (1:68.5.0+build1-0ubuntu1)
Ubuntu 20.10 (Groovy Gorilla):released (1:68.5.0+build1-0ubuntu1)
More Information

Updated: 2020-07-28 19:05:46 UTC (commit 7b6828437fde0509248708fcdb5b0f7587b85bd1)