openSUSE Security Update : MozillaFirefox (openSUSE-2019-248)
Medium Nessus Plugin ID 122492
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for MozillaFirefox to version 60.5.1esr fixes the following issues :
Security vulnerabilities addressed (MFSA-2019-05, boo#1125330) :
- CVE-2018-18356: Fixed a use-after-free vulnerability in the Skia library that could occur when creating a path, leading to a potentially exploitable crash.
- CVE-2019-5785: Fixed an integer overflow vulnerability in the Skia library that could occur after specific transform operations, leading to a potentially exploitable crash.
SolutionUpdate the affected MozillaFirefox packages.