Advisories ยป MGASA-2020-0090

Updated firefox packages fix security vulnerabilities

Publication date: 18 Feb 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-6796 , CVE-2020-6798 , CVE-2020-6800


Updated firefox packages fix security vulnerabilities:

Due to a missing bounds check on shared memory read in the parent process, a
content process could have modified shared memory relating to crash reporting
information, crash itself, and cause an out-of-bound write. This could have
caused memory corruption and a potentially exploitable crash (CVE-2020-6796).

If a