SCIENTIFIC-LINUX-ERRATA Archives

October 2018

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Critical: firefox on SL7.x x86_64
From:
Scott Reid <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Tue, 9 Oct 2018 15:03:35 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (26 lines) 
Synopsis:          Critical: firefox security update

Advisory ID:       SLSA-2018:2884-1

Issue Date:        2018-10-08

CVE Numbers:       CVE-2018-12386

                   CVE-2018-12387

--



This update upgrades Firefox to version 60.2.2 ESR.



Security Fix(es):



* Mozilla: type confusion in JavaScript (CVE-2018-12386)



* Mozilla: stack out-of-bounds read in Array.prototype.push

(CVE-2018-12387)

--



SL7

  x86_64

    firefox-60.2.2-1.el7_5.x86_64.rpm

    firefox-debuginfo-60.2.2-1.el7_5.x86_64.rpm

    firefox-60.2.2-1.el7_5.i686.rpm

    firefox-debuginfo-60.2.2-1.el7_5.i686.rpm



- Scientific Linux Development Team

ATOM RSS1 RSS2