Parent Directory
| 
Revision Log
MGASA-2019-0131: firefox-60.6.1-2.mga6, firefox-l10n-60.6.1-1.mga6
| 1 | davidwhodgins | 8413 | type: security |
| 2 | subject: Updated firefox packages fix security vulnerability | ||
| 3 | CVE: | ||
| 4 | - CVE-2019-9810 | ||
| 5 | - CVE-2019-9813 | ||
| 6 | src: | ||
| 7 | 6: | ||
| 8 | core: | ||
| 9 | - firefox-60.6.1-2.mga6 | ||
| 10 | - firefox-l10n-60.6.1-1.mga6 | ||
| 11 | description: | | ||
| 12 | Incorrect alias information in IonMonkey JIT compiler for | ||
| 13 | Array.prototype.slice method may lead to missing bounds check and a buffer | ||
| 14 | overflow (CVE-2019-9810). | ||
| 15 | |||
| 16 | Incorrect handling of __proto__ mutations may lead to type confusion in | ||
| 17 | IonMonkey JIT code and can be leveraged for arbitrary memory read and | ||
| 18 | write (CVE-2019-9813). | ||
| 19 | references: | ||
| 20 | - https://bugs.mageia.org/show_bug.cgi?id=24549 | ||
| 21 | - https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/ | ||
| 22 | - https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ | ||
| 23 | tmb | 8432 | ID: MGASA-2019-0131 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |