CLD-656 Details
Other IDs this deficiency may be known by:
| CVE ID |
None |
| Other ID(s) |
fixed-in-60.5.0 |
Basic Information:
| Affected Package(s) |
firefox |
| Deficiency Type |
SECURITY |
| Date Created |
2019-02-02 10:40:30 |
| Date Last Modified |
2019-02-19 11:19:58 |
Version Specific Information:
| Cucumber 1.1 i686 |
fixed in firefox-60.5.0esr-i686-1 |
| Cucumber 1.1 x86_64 |
fixed in firefox-60.5.0esr-x86_64-1 |
Details:
This is an upstream update that fixes three security vulnerabilities:
CVE-2018-18500: Use-after-free parsing HTML5 stream
CVE-2018-18505: Privilege escalation through IPC channel messages
CVE-2018-18501: Memory safety bugs fixed in Firefox 65 and Firefox ESR
60.5
For more details see
https://www.mozilla.org/en-US/security/advisories/mfsa2019-02/