LISTSERV 16.5 - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Important: firefox security update
Advisory ID:       SLSA-2020:0520-1
Issue Date:        2020-02-17
CVE Numbers:       None
--

Security Fix(es):

* Mozilla: Missing bounds check on shared memory read in the parent process
(CVE-2020-6796)

* Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
(CVE-2020-6800)

* Mozilla: Incorrect parsing of template tag could result in JavaScript
injection (CVE-2020-6798)
--

SL7
  x86_64
    firefox-68.5.0-2.el7_7.x86_64.rpm
    firefox-debuginfo-68.5.0-2.el7_7.x86_64.rpm
    firefox-68.5.0-2.el7_7.i686.rpm
    firefox-debuginfo-68.5.0-2.el7_7.i686.rpm

- Scientific Linux Development Team