Advisories ยป MGASA-2020-0421

Updated firefox and thunderbird packages fix a security vulnerability

Publication date: 13 Nov 2020
Modification date: 13 Nov 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-26950

Description

Write side effects in MCallGetProperty opcode not accounted for.
In certain circumstances, the MCallGetProperty opcode can be emitted with
unmet assumptions resulting in an exploitable use-after-free condition.
(CVE-2020-26950)

Also some bugfix for Thunderbird have been added. See upstream release notes.
                

References

SRPMS

7/core