RHSA-2020:5562-01 -- Redhat firefoxID: oval:org.secpod.oval:def:69577 | Date: (C)2021-03-03 (M)2024-02-19 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.6.0 ESR. Security Fix: * chromium-browser: Uninitialized Use in V8 * Mozilla: Heap buffer overflow in WebGL * Mozilla: CSS Sanitizer performed incorrect sanitization * Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free * Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 * Mozilla: Internal network hosts could have been probed by a malicious webpage * Mozilla: The proxy.onRequest API did not catch view-source URLs For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.