RHSA-2019:1763-01 -- Redhat firefoxID: oval:org.secpod.oval:def:503176 | Date: (C)2019-07-17 (M)2024-04-17 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.8.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 * Mozilla: Sandbox escape via installation of malicious language pack * Mozilla: Script injection within domain through inner window reuse * Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * Mozilla: Use-after-free with HTTP/2 cached stream * Mozilla: HTML parsing error can contribute to content XSS * Mozilla: Caret character improperly escaped in origins * Mozilla: Same-origin policy treats all files in a directory as having the same-origin For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |