firefox (SL7)

By Scientific Linux Team on January 30, 2019

Synopsis: Critical: firefox security update
Advisory ID: SLSA-2019:0219-1
Issue Date: 2019-01-30
CVE Numbers: CVE-2018-18500
CVE-2018-18501
CVE-2018-18505

This update upgrades Firefox to version 60.5.0 ESR.

Security Fix(es):

* Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500)

* Mozilla: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5
(CVE-2018-18501)

* Mozilla: Privilege escalation through IPC channel messages
(CVE-2018-18505)

SL7
x86_64
firefox-60.5.0-2.el7.x86_64.rpm
firefox-debuginfo-60.5.0-2.el7.x86_64.rpm
firefox-60.5.0-2.el7.i686.rpm
firefox-debuginfo-60.5.0-2.el7.i686.rpm

– Scientific Linux Development Team