Parent Directory | Revision Log
MGASA-2018-0420: firefox-60.3.0-1.mga6, firefox-l10n-60.3.0-1.mga6, nspr-4.20-1.mga6, nss-3.36.5-1.2.mga6, rootcerts-20181001.00-1.mga6
1 | type: security |
2 | subject: Updated firefox packages fix security vulnerabilities |
3 | CVE: |
4 | - CVE-2018-12389 |
5 | - CVE-2018-12390 |
6 | - CVE-2018-12392 |
7 | - CVE-2018-12393 |
8 | - CVE-2018-12395 |
9 | - CVE-2018-12396 |
10 | - CVE-2018-12397 |
11 | src: |
12 | 6: |
13 | core: |
14 | - firefox-60.3.0-1.mga6 |
15 | - firefox-l10n-60.3.0-1.mga6 |
16 | - nspr-4.20-1.mga6 |
17 | - nss-3.36.5-1.2.mga6 |
18 | - rootcerts-20181001.00-1.mga6 |
19 | description: | |
20 | Updated firefox packages fix security vulnerabilities: |
21 | |
22 | Mozilla: Memory safety bugs fixed in Firefox ESR 60.3 (CVE-2018-12389). |
23 | |
24 | Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 |
25 | (CVE-2018-12390). |
26 | |
27 | Mozilla: Crash with nested event loops (CVE-2018-12392). |
28 | |
29 | Mozilla: Integer overflow during Unicode conversion while loading |
30 | JavaScript (CVE-2018-12393). |
31 | |
32 | Mozilla: WebExtension bypass of domain restrictions through header |
33 | rewriting (CVE-2018-12395). |
34 | |
35 | Mozilla: WebExtension content scripts can execute in disallowed contexts |
36 | (CVE-2018-12396). |
37 | |
38 | Mozilla: WebExtension local file permission check bypass (CVE-2018-12397). |
39 | references: |
40 | - https://bugs.mageia.org/show_bug.cgi?id=23751 |
41 | - https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/ |
42 | - https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ |
43 | - https://access.redhat.com/errata/RHSA-2018:3005 |
44 | ID: MGASA-2018-0420 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |