Red Hat Security Advisory: firefox security update
🔗 CVE IDs covered (11)
📋 Description
CVE-2017-7762 — Mozilla: address bar username and password spoofing in reader mode CVE-2018-5156 — Mozilla: Media recorder segmentation fault when track type is changed during capture CVE-2018-5188 — Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-6126 — Skia: Heap buffer overflow rasterizing paths in SVG CVE-2018-12359 — Mozilla: Buffer overflow using computed size of canvas element CVE-2018-12360 — Mozilla: Use-after-free using focus() CVE-2018-12362 — Mozilla: Integer overflow in SSSE3 scaler CVE-2018-12363 — Mozilla: Use-after-free when appending DOM nodes CVE-2018-12364 — Mozilla: CSRF attacks through 307 redirects and NPAPI plugins CVE-2018-12365 — Mozilla: Compromised IPC child process can list local filenames CVE-2018-12366 — Mozilla: Invalid data handling during QCMS transformations
🔗 References (15)
- selfhttps://access.redhat.com/errata/RHSA-2018:2112
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-16/
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1584035
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1590493
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595024
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595025
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595027
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595028
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595029
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595030
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595031
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595037
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1595040
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2112.json