firefox-60.6.1-1.0.1.el7.AXS7
エラータID: AXSA:2019-3821:01
Release date:
Friday, April 5, 2019 - 11:02
Subject:
firefox-60.6.1-1.0.1.el7.AXS7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2019-9810, CVE-2019-9813 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
Solution:
パッケージをアップデートしてください。
CVEs:
CVE-2019-9810
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
CVE-2019-9813
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
Additional Info:
N/A
Download:
SRPMS
- firefox-60.6.1-1.0.1.el7.AXS7.src.rpm
MD5: 1616d8fdcd6b3271b4a8e0fa745fe789
SHA-256: afdd2ea177f9a309f069a4a3458cb97cd5c50f3e4984e36501d09edd6c74e38a
Size: 417.10 MB
Asianux Server 7 for x86_64
- firefox-60.6.1-1.0.1.el7.AXS7.x86_64.rpm
MD5: 6edbfbf5136f294a4322ce07720bf006
SHA-256: e366706a0041db43020e7aceb98231b357e16c58608a9717ec9090ae7c22de4a
Size: 90.81 MB - firefox-60.6.1-1.0.1.el7.AXS7.i686.rpm
MD5: 88c12a56ede3225c18a325b50146cdad
SHA-256: 0751926293af1153c6146c33966aa5d73ddece3ead074567ffb8ee81f531b1c9
Size: 92.55 MB