Security Fixes 11.04.200

Firefox

• Updated Mozilla Firefox to 68.12.0esr:
  • Fixes for mfsa2020-11, also known as CVE-2020-6819, CVE-2020-6820.

  • Fixes for mfsa2020-13, also known as 

    More...

    CVE-2020-6828, CVE-2020-6827, CVE-2020-6821,
    CVE-2020-6822, and CVE-2020-6825

  • Fixes for mfsa2020-17 also known as:

    More...

    CVE-2020-12387, CVE-2020-12388, CVE-2020-12389,
    CVE-2020-6831, CVE-2020-12392, CVE-2020-12393, 
    and CVE-2020-1239

  • Fixes for mfsa2020-21 also known as:

    More...

    CVE-2020-12399, CVE-2020-12405,
    CVE-2020-12406, CVE-2020-12410

  • Fixes for mfsa2020-25 also known as:

    More...

    CVE-2020-12417, CVE-2020-12418, CVE-2020-12419,
    CVE-2020-12420, CVE-2020-12421

  • Fixes for mfsa2020-31 also known as:

    More...

    CVE-2020-15652, CVE-2020-6514, CVE-2020-6463,
    CVE-2020-15650, CVE-2020-15649, and CVE-2020-15659

  • Fixes for mfsa2020-37 also known as: CVE-2020-15663, CVE-2020-15664, and CVE-2020-15669

Base system

• Fixed privilege escalation via environment variables in the /bin/update binary.
• Fixed privilege escalation via environment variable PATH in /bin/usershell binary.
• Fixed privilege escalation via PATH environment variable in the /bin/update binary.