Parent Directory
| 
Revision Log
MGASA-2019-0116: firefox-60.6.0-2.mga6, firefox-l10n-60.6.0-1.mga6, nspr-4.21-1.mga6, rootcerts-20190306.00-1.mga6, nss-3.36.7-1.1.mga6
| 1 | type: security |
| 2 | subject: Updated firefox packages fix security vulnerability |
| 3 | CVE: |
| 4 | - CVE-2018-18506 |
| 5 | - CVE-2019-9788 |
| 6 | - CVE-2019-9790 |
| 7 | - CVE-2019-9791 |
| 8 | - CVE-2019-9792 |
| 9 | - CVE-2019-9793 |
| 10 | - CVE-2019-9795 |
| 11 | - CVE-2019-9796 |
| 12 | src: |
| 13 | 6: |
| 14 | core: |
| 15 | - firefox-60.6.0-2.mga6 |
| 16 | - firefox-l10n-60.6.0-1.mga6 |
| 17 | - nspr-4.21-1.mga6 |
| 18 | - rootcerts-20190306.00-1.mga6 |
| 19 | - nss-3.36.7-1.1.mga6 |
| 20 | description: | |
| 21 | Proxy Auto-Configuration file can define localhost access to be proxied |
| 22 | (CVE-2018-18506). |
| 23 | |
| 24 | Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 |
| 25 | (CVE-2019-9788). |
| 26 | |
| 27 | Use-after-free when removing in-use DOM elements (CVE-2019-9790). |
| 28 | |
| 29 | Type inference is incorrect for constructors entered through on-stack |
| 30 | replacement with IonMonkey (CVE-2019-9791). |
| 31 | |
| 32 | IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792). |
| 33 | |
| 34 | Improper bounds checks when Spectre mitigations are disabled |
| 35 | (CVE-2019-9793). |
| 36 | |
| 37 | Type-confusion in IonMonkey JIT compiler (CVE-2019-9795). |
| 38 | |
| 39 | Use-after-free with SMIL animation controller (CVE-2019-9796). |
| 40 | references: |
| 41 | - https://bugs.mageia.org/show_bug.cgi?id=24534 |
| 42 | - https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/ |
| 43 | - https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ |
| 44 | - https://access.redhat.com/errata/RHSA-2019:0622 |
| 45 | ID: MGASA-2019-0116 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |