MGASA-2019-0116
- Source
- https://advisories.mageia.org/MGASA-2019-0116.html
- Import Source
- https://advisories.mageia.org/MGASA-2019-0116.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2019-0116
- Related
- Published
- 2019-03-21T16:36:46Z
- Modified
- 2019-03-21T16:05:13Z
- Summary
- Updated firefox packages fix security vulnerability
- Details
-
Proxy Auto-Configuration file can define localhost access to be proxied (CVE-2018-18506).
Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788).
Use-after-free when removing in-use DOM elements (CVE-2019-9790).
Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791).
IonMonkey leaks JSOPTIMIZEDOUT magic value to script (CVE-2019-9792).
Improper bounds checks when Spectre mitigations are disabled (CVE-2019-9793).
Type-confusion in IonMonkey JIT compiler (CVE-2019-9795).
Use-after-free with SMIL animation controller (CVE-2019-9796).
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:6 / firefox
Package
- Name
- firefox
- Purl
- pkg:rpm/mageia/firefox?distro=mageia-6
Mageia:6 / firefox-l10n
Package
- Name
- firefox-l10n
- Purl
- pkg:rpm/mageia/firefox-l10n?distro=mageia-6
Mageia:6 / nspr
Package
- Name
- nspr
- Purl
- pkg:rpm/mageia/nspr?distro=mageia-6
Mageia:6 / rootcerts
Package
- Name
- rootcerts
- Purl
- pkg:rpm/mageia/rootcerts?distro=mageia-6
Mageia:6 / nss
Package
- Name
- nss
- Purl
- pkg:rpm/mageia/nss?distro=mageia-6