firefox-52.7.2-1.0.1.el7.AXS7
エラータID: AXSA:2018-2627:03
Release date:
Tuesday, March 20, 2018 - 16:17
Subject:
firefox-52.7.2-1.0.1.el7.AXS7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 52.7.2 ESR.
Security Fix(es):
* Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2018-5146
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
Solution:
Update packages.
CVEs:
CVE-2018-5146
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
Additional Info:
N/A
Download:
SRPMS
- firefox-52.7.2-1.0.1.el7.AXS7.src.rpm
MD5: 644689f5d0cf5c952abe3b2e1f64372c
SHA-256: b7c78b819dda7a6527dd2150fd59a7bcdb5a9bcdd4389ebb240fb7a2a9e355ec
Size: 367.67 MB
Asianux Server 7 for x86_64
- firefox-52.7.2-1.0.1.el7.AXS7.x86_64.rpm
MD5: 5c6703f8b8333040ad8ca1f41a900b27
SHA-256: 78be5ada812cd0747c102d4d616a9588d2dc66ff4fa7256f5e660f3f88c1fad2
Size: 83.03 MB - firefox-52.7.2-1.0.1.el7.AXS7.i686.rpm
MD5: 55a3f1371b8b336ef69b97a8c67510bd
SHA-256: abb3af7a0633c7d51cc8e343f9ba479bfc847bb7d7f1a07a975c97da907b3581
Size: 83.28 MB
日本語