Parent Directory | Revision Log
MGASA-2019-0131: firefox-60.6.1-2.mga6, firefox-l10n-60.6.1-1.mga6
1 | davidwhodgins | 8413 | type: security |
2 | subject: Updated firefox packages fix security vulnerability | ||
3 | CVE: | ||
4 | - CVE-2019-9810 | ||
5 | - CVE-2019-9813 | ||
6 | src: | ||
7 | 6: | ||
8 | core: | ||
9 | - firefox-60.6.1-2.mga6 | ||
10 | - firefox-l10n-60.6.1-1.mga6 | ||
11 | description: | | ||
12 | Incorrect alias information in IonMonkey JIT compiler for | ||
13 | Array.prototype.slice method may lead to missing bounds check and a buffer | ||
14 | overflow (CVE-2019-9810). | ||
15 | |||
16 | Incorrect handling of __proto__ mutations may lead to type confusion in | ||
17 | IonMonkey JIT code and can be leveraged for arbitrary memory read and | ||
18 | write (CVE-2019-9813). | ||
19 | references: | ||
20 | - https://bugs.mageia.org/show_bug.cgi?id=24549 | ||
21 | - https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/ | ||
22 | - https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ | ||
23 | tmb | 8432 | ID: MGASA-2019-0131 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |