| Errata ID | 450 |
|---|---|
| Date | 2018-08-15 |
| Source package | firefox-esr |
| Fixed in version | 52.9.0esr-1~deb8u1 |
| Description | This update addresses the following issues: * Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150) * Use-after-free with SVG animations and clip paths (CVE-2018-5154) * Use-after-free with SVG animations and text paths (CVE-2018-5155) * Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157) * Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158) * Integer overflow and out-of-bounds write in Skia (CVE-2018-5159) * Lightweight themes can be installed without user interaction (CVE-2018-5168) * Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178) * Backport critical security fixes in Skia (CVE-2018-5183) * Buffer overflow using computed size of canvas element (CVE-2018-12359) * Use-after-free using focus() (CVE-2018-12360) * Integer overflow in SSSE3 scaler (CVE-2018-12362) * Media recorder segmentation fault when track type is changed during capture (CVE-2018-5156) * Use-after-free when appending DOM nodes (CVE-2018-12363) * CSRF attacks through 307 redirects and NPAPI plugins (CVE-2018-12364) * Compromised IPC child process can list local filenames (CVE-2018-12365) * Invalid data handling during QCMS transformations (CVE-2018-12366) * No warning when opening executable SettingContent-ms files (CVE-2018-12368) * Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 (CVE-2018-5188) * Heap buffer overflow rasterizing paths in SVG (CVE-2018-6126) |
| Additional notes | |
| CVE ID | CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178 CVE-2018-5183 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-5156 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-5188 CVE-2018-6126 |
| UCS Bug number | #47536 |
