Synopsis:          Critical: firefox security update

Advisory ID:       SLSA-2019:1604-1

Issue Date:        2019-06-26

CVE Numbers:       None

--



Security Fix(es):



* Mozilla: Type confusion in Array.pop (CVE-2019-11707)



* Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708)

--



SL6

  x86_64

    firefox-60.7.2-1.el6_10.x86_64.rpm

    firefox-debuginfo-60.7.2-1.el6_10.x86_64.rpm

    firefox-60.7.2-1.el6_10.i686.rpm

    firefox-debuginfo-60.7.2-1.el6_10.i686.rpm

  i386

    firefox-60.7.2-1.el6_10.i686.rpm

    firefox-debuginfo-60.7.2-1.el6_10.i686.rpm



- Scientific Linux Development Team