/[advisories]/24864.adv
ViewVC logotype

Contents of /24864.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 8597 - (show annotations) (download)
Mon Jun 10 18:39:55 2019 UTC (4 years, 9 months ago) by tmb
File size: 1701 byte(s)
MGASA-2019-0191: firefox-60.7.0-1.mga6, firefox-l10n-60.7.0-1.mga6
1 type: security
2 subject: Updated firefox packages fix security vulnerabilities
3 CVE:
4 - CVE-2018-18511
5 - CVE-2019-5798
6 - CVE-2019-7317
7 - CVE-2019-9797
8 - CVE-2019-9800
9 - CVE-2019-9816
10 - CVE-2019-9817
11 - CVE-2019-9818
12 - CVE-2019-9819
13 - CVE-2019-9820
14 - CVE-2019-11691
15 - CVE-2019-11692
16 - CVE-2019-11693
17 - CVE-2019-11698
18 src:
19 6:
20 core:
21 - firefox-60.7.0-1.mga6
22 - firefox-l10n-60.7.0-1.mga6
23 description: |
24 Updated firefox packages fix security vulnerabilities.
25
26 Cross-origin theft of images with ImageBitmapRenderingContext.
27 (CVE-2018-18511)
28
29 Out-of-bounds read in Skia. (CVE-2019-5798)
30
31 Use-after-free in png_image_free of libpng library. (CVE-2019-7317)
32
33 Cross-origin theft of images with createImageBitmap. (CVE-2019-9797)
34
35 Memory safety bugs fixed in Firefox 67, Firefox ESR 60.7, and firefox 60.7.
36 (CVE-2019-9800)
37
38 Type confusion with object groups and UnboxedObjects. (CVE-2019-9816)
39
40 Stealing of cross-domain images using canvas. (CVE-2019-9817)
41
42 Use-after-free in crash generation server. (CVE-2019-9818)
43
44 Compartment mismatch with fetch API. (CVE-2019-9819)
45
46 Use-after-free of ChromeEventHandler by DocShell. (CVE-2019-9820)
47
48 Use-after-free in XMLHttpRequest. (CVE-2019-11691)
49
50 Use-after-free removing listeners in the event listener manager.
51 (CVE-2019-11692)
52
53 Buffer overflow in WebGL bufferdata on Linux. (CVE-2019-11693)
54
55 Theft of user history data through drag and drop of hyperlinks to and from
56 bookmarks. (CVE-2019-11698)
57 references:
58 - https://bugs.mageia.org/show_bug.cgi?id=24864
59 - https://www.mozilla.org/en-US/firefox/60.7.0/releasenotes/
60 - https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/
61 ID: MGASA-2019-0191

  ViewVC Help
Powered by ViewVC 1.1.30