Package firefox updated to version 60.0.2-alt0.M80P.1 for branch p8 in task 208584.

Published: 2018-05-29

BDU:2019-04395

Уязвимость библиотеки Skia браузеров Firefox ESR, Firefox, Google Chrome, позволяющая нарушителю записать произвольные файлы в файловую систему устройства

Severity: HIGH (8.8) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

CVE-2018-6126
45098

Published: 2019-01-09
Modified: 2024-11-21

CVE-2018-6126

A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

104309
104309
104411
104411
1041014
1041014
1041046
1041046
RHSA-2018:1815
RHSA-2018:1815
RHSA-2018:2112
RHSA-2018:2112
RHSA-2018:2113
RHSA-2018:2113
https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html
https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html
https://crbug.com/844457
https://crbug.com/844457
GLSA-201810-01
GLSA-201810-01
DSA-4220
DSA-4220
DSA-4237
DSA-4237
45098
45098

Version: 2.1.0

Package firefox update in p8 on 2018-06-22

ALT-PU-2018-1924-1

Closed vulnerabilities

BDU:2019-04395

CVE-2018-6126