Advisories ยป MGASA-2019-0131

Updated firefox packages fix security vulnerability

Publication date: 05 Apr 2019
Modification date: 05 Apr 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-9810 , CVE-2019-9813

Description

Incorrect alias information in IonMonkey JIT compiler for
Array.prototype.slice method may lead to missing bounds check and a buffer
overflow (CVE-2019-9810).

Incorrect handling of __proto__ mutations may lead to type confusion in
IonMonkey JIT code and can be leveraged for arbitrary memory read and
write (CVE-2019-9813).
                

References

SRPMS

6/core