MGASA-2018-0248
- Source
- https://advisories.mageia.org/MGASA-2018-0248.html
- Import Source
- https://advisories.mageia.org/MGASA-2018-0248.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2018-0248
- Related
- Published
- 2018-05-17T10:54:59Z
- Modified
- 2018-05-17T10:38:01Z
- Summary
- Updated firefox packages fix security vulnerabilities
- Details
-
Updated firefox packages fix security vulnerabilities:
Mozilla: Memory safety bugs fixed in Firefox ESR 52.8 (CVE-2018-5150).
Mozilla: Backport critical security fixes in Skia (CVE-2018-5183).
Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154).
Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155).
Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157).
Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158).
Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159).
Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168).
Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178).
Rootcerts has been updated to 20180411.
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:6 / firefox
Package
- Name
- firefox
- Purl
- pkg:rpm/mageia/firefox?distro=mageia-6
Mageia:6 / firefox-l10n
Package
- Name
- firefox-l10n
- Purl
- pkg:rpm/mageia/firefox-l10n?distro=mageia-6
Mageia:6 / nss
Package
- Name
- nss
- Purl
- pkg:rpm/mageia/nss?distro=mageia-6
Mageia:6 / rootcerts
Package
- Name
- rootcerts
- Purl
- pkg:rpm/mageia/rootcerts?distro=mageia-6