SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types (Type Confusion)

SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types Type Confusion A bug in IonMonkey leaves type inference information inconsistent, which in turn allows the compilation of JITed functions that cause type confusions between arbitrary objects. Prerequisites In...

SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types (Type Confusion)

A bug in IonMonkey leaves type inference information inconsistent, which in turn allows the compilation of JITed functions that cause type confusions between arbitrary objects. Prerequisites In Spidermonkey, every JavaScript objects is an instance of the JSObject class 1. Plain JavaScript objects...

thunderbird security update

CentOS Errata and Security Advisory CESA-2019:0680 An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

SpiderMonkey IonMonkey Type Confusion

SpiderMonkey: IonMonkey compiled code fails to update inferred property types, leading to type confusions Related CVE Numbers: CVE-2019-9813 A bug in IonMonkey leaves type inference information inconsistent, which in turn allows the compilation of JITed functions that cause type confusions betwee...

Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20190328)

Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 CVE-2019-9788 - Mozilla: Use-after-free when removing in-use DOM elements CVE-2019-9790 - Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey CVE-2019-9791...

Mozilla Thunderbird < 60.6

The version of Thunderbird installed on the remote Windows host is prior to 60.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-11 advisory. - A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR

/ Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement OSR allows the compilation of JITed functions that cause type confusions between...

SpiderMonkey IonMonkey Type Confusion

Spidermonkey: IonMonkey's type inference is incorrect for constructors entered via OSR Related CVE Numbers: CVE-2019-9791. A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement OSR allows the compilation of JITed functions that...

Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR

Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR / A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement OSR allows the compilation of JITed functions that cause type confusions between...

Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR

/ A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement OSR allows the compilation of JITed functions that cause type confusions between arbitrary objects. Prerequisites: 1. Spidermonkey can represent "plain" objects either as...

firefox security update

CentOS Errata and Security Advisory CESA-2019:0622 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

firefox security update

CentOS Errata and Security Advisory CESA-2019:0623 An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Updated firefox packages fix security vulnerability

Proxy Auto-Configuration file can define localhost access to be proxied CVE-2018-18506. Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 CVE-2019-9788. Use-after-free when removing in-use DOM elements CVE-2019-9790. Type inference is incorrect for constructors entered through on-stack...

Scientific Linux Security Update : firefox on SL7.x x86_64 (20190320)

This update upgrades Firefox to version 60.6.0 ESR. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 CVE-2019-9788 - Mozilla: Use-after-free when removing in-use DOM elements CVE-2019-9790 - Mozilla: Type inference is incorrect for constructors entered throu...

Oracle Linux 7 : firefox (ELSA-2019-0622)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-0622 advisory. 60.6.0-3.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 60.6.0-3 - Added Google API keys mozbz1531176 60.6.0-2 -...

Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...