RHSA-2019:3196-01 -- Redhat firefoxID: oval:org.secpod.oval:def:66458 | Date: (C)2020-10-30 (M)2024-04-17 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index updates in IndexedDB * Mozilla: Potentially exploitable crash due to 360 Total Security * Mozilla: Stack buffer overflow in HKDF output * Mozilla: Stack buffer overflow in WebRTC networking * Mozilla: Unintended access to a privileged JSONView object * Mozilla: document.domain-based origin isolation has same-origin-property violation * Mozilla: Incorrect HTML parsing results in XSS bypass technique For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.