RHSA-2019:3281: Critical: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 68.2.0 ESR.Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2019:3281?
RHSA-2019:3281 addresses memory safety bugs in Firefox categorized as moderate severity.
How do I fix RHSA-2019:3281?
To fix RHSA-2019:3281, upgrade Firefox to version 68.2.0 ESR.
What versions of Firefox are affected by RHSA-2019:3281?
RHSA-2019:3281 affects Firefox versions prior to 68.2.0 ESR.
Are there any known exploits for RHSA-2019:3281?
As of the advisory, no public exploits have been specifically noted for RHSA-2019:3281.
What is the main issue addressed by RHSA-2019:3281?
RHSA-2019:3281 primarily addresses memory safety bugs in Firefox that could lead to potential security vulnerabilities.