This update to Mozilla Firefox 60.4.0 ESR fixes security issues and bugs.
Security issues fixed as part of the MFSA 2018-30 advisory (boo#1119105):
- CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library
with TextureStorage11
- CVE-2018-18492: Use-after-free with select element
- CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia
- CVE-2018-18494: Same-origin policy violation using location attribute
and performance.getEntries to steal cross-origin URLs
- CVE-2018-18498: Integer overflow when calculating buffer sizes for images
- CVE-2018-12405: Memory safety bugs fixed in Firefox 64 and Firefox ESR
60.4
The following changes are included:
- now requires NSS >= 3.36.6
- Updated list of currency codes to include Unidad Previsional (UYW)