Parent Directory | Revision Log
MGASA-2019-0116: firefox-60.6.0-2.mga6, firefox-l10n-60.6.0-1.mga6, nspr-4.21-1.mga6, rootcerts-20190306.00-1.mga6, nss-3.36.7-1.1.mga6
1 | type: security |
2 | subject: Updated firefox packages fix security vulnerability |
3 | CVE: |
4 | - CVE-2018-18506 |
5 | - CVE-2019-9788 |
6 | - CVE-2019-9790 |
7 | - CVE-2019-9791 |
8 | - CVE-2019-9792 |
9 | - CVE-2019-9793 |
10 | - CVE-2019-9795 |
11 | - CVE-2019-9796 |
12 | src: |
13 | 6: |
14 | core: |
15 | - firefox-60.6.0-2.mga6 |
16 | - firefox-l10n-60.6.0-1.mga6 |
17 | - nspr-4.21-1.mga6 |
18 | - rootcerts-20190306.00-1.mga6 |
19 | - nss-3.36.7-1.1.mga6 |
20 | description: | |
21 | Proxy Auto-Configuration file can define localhost access to be proxied |
22 | (CVE-2018-18506). |
23 | |
24 | Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 |
25 | (CVE-2019-9788). |
26 | |
27 | Use-after-free when removing in-use DOM elements (CVE-2019-9790). |
28 | |
29 | Type inference is incorrect for constructors entered through on-stack |
30 | replacement with IonMonkey (CVE-2019-9791). |
31 | |
32 | IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792). |
33 | |
34 | Improper bounds checks when Spectre mitigations are disabled |
35 | (CVE-2019-9793). |
36 | |
37 | Type-confusion in IonMonkey JIT compiler (CVE-2019-9795). |
38 | |
39 | Use-after-free with SMIL animation controller (CVE-2019-9796). |
40 | references: |
41 | - https://bugs.mageia.org/show_bug.cgi?id=24534 |
42 | - https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/ |
43 | - https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ |
44 | - https://access.redhat.com/errata/RHSA-2019:0622 |
45 | ID: MGASA-2019-0116 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |