firefox-68.5.0-2.0.1.AXS4
エラータID: AXSA:2020-4471:05
リリース日:
2020/02/19 Wednesday - 11:54
題名:
firefox-68.5.0-2.0.1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- firefox にはクラッシュレポート情報に関連する共有メモリを変更することで、メモリ破壊と潜在的にクラッシュを
引き起こす脆弱性があります。(CVE-2020-6796)
- firefox には、selectタグの中でtemplateタグが使われると、
JavaScriptの実行が許されない場面においてもJavaScriptをパースし実行してしまうかもしれない脆弱性があります。
(CVE-2020-6798)
- firefox には、いくつかメモリの安全性に関するバグがあり、任意のコードが実行可能な脆弱性があります。
(CVE-2020-6800)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2020-6796
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2020-6798
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2020-6800
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
追加情報:
N/A
ダウンロード:
SRPMS
- firefox-68.5.0-2.0.1.AXS4.src.rpm
MD5: 0e109084cfea3b85a13e7612f34837a4
SHA-256: 1fc75941b388523f3fc9a85553f009a007622b84d980e50e9d23f8c319214302
Size: 505.98 MB
Asianux Server 4 for x86
- firefox-68.5.0-2.0.1.AXS4.i686.rpm
MD5: 9cf51abf2ac2c2f56c37bdd042ea2f10
SHA-256: db7c11a7028b1645b277fb43ddfa267767673dcf96b09f7565aca9bb532e3efb
Size: 118.32 MB
Asianux Server 4 for x86_64
- firefox-68.5.0-2.0.1.AXS4.x86_64.rpm
MD5: 6d88740b4109872aa34c4dc4b6a16fea
SHA-256: 2bae0a12224c0469ecc6c46c846da18426425e9f18654ae263af44deb14a53a8
Size: 118.41 MB - firefox-68.5.0-2.0.1.AXS4.i686.rpm
MD5: 9cf51abf2ac2c2f56c37bdd042ea2f10
SHA-256: db7c11a7028b1645b277fb43ddfa267767673dcf96b09f7565aca9bb532e3efb
Size: 118.32 MB
English