Synopsis
The remote FreeBSD host is missing one or more security-related updates.
Description
Mozilla Foundation reports :
CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS
CVE-2019-9816: Type confusion with object groups and UnboxedObjects
CVE-2019-9817: Stealing of cross-domain images using canvas
CVE-2019-9818: Use-after-free in crash generation server
CVE-2019-9819: Compartment mismatch with fetch API
CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell
CVE-2019-9821: Use-after-free in AssertWorkerThread
CVE-2019-11691: Use-after-free in XMLHttpRequest
CVE-2019-11692: Use-after-free removing listeners in the event listener manager
CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux
CVE-2019-7317: Use-after-free in png_image_free of libpng library
CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox
CVE-2019-11695: Custom cursor can render over user interface outside of web content
CVE-2019-11696: Java web start .JNLP files are not recognized as executable files for download prompts
CVE-2019-11697: Pressing key combinations can bypass installation prompt delays and install extensions
CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks
CVE-2019-11700: res: protocol can be used to open known local files
CVE-2019-11699: Incorrect domain name highlighting during page navigation
CVE-2019-11701: webcal: protocol default handler loads vulnerable web page
CVE-2019-9814: Memory safety bugs fixed in Firefox 67
CVE-2019-9800: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
Solution
Update the affected packages.