Hi, The SL6 x86_64 packages don't seem to be there yet...? (The others seem fine; thank you.) > On 24 Jan 2018, at 15:35, Pat Riehecky <[log in to unmask]> wrote: > > Synopsis: Critical: firefox security update > Advisory ID: SLSA-2018:0122-1 > Issue Date: 2018-01-24 > CVE Numbers: CVE-2018-5089 > CVE-2018-5091 > CVE-2018-5095 > CVE-2018-5096 > CVE-2018-5097 > CVE-2018-5098 > CVE-2018-5099 > CVE-2018-5102 > CVE-2018-5103 > CVE-2018-5104 > CVE-2018-5117 > -- > > This update upgrades Firefox to version 52.6.0 ESR. > > Security Fix(es): > > * Multiple flaws were found in the processing of malformed web content. A > web page containing malicious content could cause Firefox to crash or, > potentially, execute arbitrary code with the privileges of the user > running Firefox. (CVE-2018-5089, CVE-2018-5091, CVE-2018-5095, > CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, > CVE-2018-5103, CVE-2018-5104, CVE-2018-5117) > > * To mitigate timing-based side-channel attacks similar to "Spectre" and > "Meltdown", the resolution of performance.now() has been reduced from 5s > to 20s. > -- > > SL6 > x86_64 > firefox-52.6.0-1.el6_9.x86_64.rpm > firefox-debuginfo-52.6.0-1.el6_9.x86_64.rpm > firefox-52.6.0-1.el6_9.i686.rpm > firefox-debuginfo-52.6.0-1.el6_9.i686.rpm > i386 > firefox-52.6.0-1.el6_9.i686.rpm > firefox-debuginfo-52.6.0-1.el6_9.i686.rpm > SL7 > x86_64 > firefox-52.6.0-1.el7_4.x86_64.rpm > firefox-debuginfo-52.6.0-1.el7_4.x86_64.rpm > firefox-52.6.0-1.el7_4.i686.rpm > firefox-debuginfo-52.6.0-1.el7_4.i686.rpm > > - Scientific Linux Development Team > Chris Cooke, School of Informatics, University of Edinburgh.