Lucene search

K
altlinuxHttps://packages.altlinux.org/en/sisyphus/security/E0EB739A4F4327E3F91A9058B2BD44F8
HistoryMar 21, 2019 - 12:00 a.m.

Security fix for the ALT Linux 10 package thunderbird version 60.6.0-alt1

2019-03-2100:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
12

EPSS

0.205

Percentile

96.4%

March 21, 2019 Andrey Cherepanov 60.6.0-alt1

- New version (60.6.0).
- Fixes:
  + CVE-2019-9790 Use-after-free when removing in-use DOM elements
  + CVE-2019-9791 Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey
  + CVE-2019-9792 IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
  + CVE-2019-9793 Improper bounds checks when Spectre mitigations are disabled
  + CVE-2019-9794 Command line arguments not discarded during execution
  + CVE-2019-9795 Type-confusion in IonMonkey JIT compiler
  + CVE-2019-9796 Use-after-free with SMIL animation controller
  + CVE-2019-9801 Windows programs that are not 'URL Handlers' are exposed to web content
  + CVE-2018-18506 Proxy Auto-Configuration file can define localhost access to be proxied
  + CVE-2019-9788 Memory safety bugs fixed in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6
- Build with Clang.