CESA-2018:0527 -- centos 7 firefoxID: oval:org.secpod.oval:def:204770 | Date: (C)2018-03-19 (M)2022-10-10 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.7.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 * Mozilla: Buffer overflow manipulating SVG animatedPathSegList * Mozilla: Out-of-bounds write with malformed IPC messages * Mozilla: Mismatched RTP payload type can trigger memory corruption * Mozilla: Fetch API improperly returns cached copies of no-store/no-cache resources * Mozilla: Integer overflow during Unicode conversion * Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.