SciLinux: SLSA-2020-0085-1 Critical: firefox on SL7.x x86_64
Summary
Critical: firefox security update
Security Fixes
* Mozilla: IonMonkey type confusion with StoreElementHole and
FallibleStoreElement (CVE-2019-17026)
* Mozilla: Bypass of @namespace CSS sanitization during pasting
(CVE-2019-17016)
* Mozilla: Type Confusion in XPCVariant.cpp (CVE-2019-17017)
* Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
(CVE-2019-17024)
* Mozilla: CSS sanitization does not escape HTML tags (CVE-2019-17022)
SL7
x86_64
firefox-68.4.1-1.el7_7.x86_64.rpm
firefox-debuginfo-68.4.1-1.el7_7.x86_64.rpm
firefox-68.4.1-1.el7_7.i686.rpm
firefox-debuginfo-68.4.1-1.el7_7.i686.rpm
- Scientific Linux Development Team