RHSA-2019:0966-01 -- Redhat firefoxID: oval:org.secpod.oval:def:66423 | Date: (C)2020-10-30 (M)2023-03-20 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.1 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 * Mozilla: Use-after-free when removing in-use DOM elements * Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey * Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script * Mozilla: IonMonkey MArraySlice has incorrect alias information * Mozilla: Ionmonkey type confusion with __proto__ mutations * Mozilla: Improper bounds checks when Spectre mitigations are disabled * Mozilla: Type-confusion in IonMonkey JIT compiler * Mozilla: Use-after-free with SMIL animation controller * Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.