/[advisories]/24549.adv
ViewVC logotype

Contents of /24549.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 8432 - (show annotations) (download)
Fri Apr 5 17:37:17 2019 UTC (2 months, 2 weeks ago) by tmb
File size: 773 byte(s)
MGASA-2019-0131: firefox-60.6.1-2.mga6, firefox-l10n-60.6.1-1.mga6
1 type: security
2 subject: Updated firefox packages fix security vulnerability
3 CVE:
4 - CVE-2019-9810
5 - CVE-2019-9813
6 src:
7 6:
8 core:
9 - firefox-60.6.1-2.mga6
10 - firefox-l10n-60.6.1-1.mga6
11 description: |
12 Incorrect alias information in IonMonkey JIT compiler for
13 Array.prototype.slice method may lead to missing bounds check and a buffer
14 overflow (CVE-2019-9810).
15
16 Incorrect handling of __proto__ mutations may lead to type confusion in
17 IonMonkey JIT code and can be leveraged for arbitrary memory read and
18 write (CVE-2019-9813).
19 references:
20 - https://bugs.mageia.org/show_bug.cgi?id=24549
21 - https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/
22 - https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
23 ID: MGASA-2019-0131

  ViewVC Help
Powered by ViewVC 1.1.26