firefox-esr (60.5.0) vulnerable to 3 CVEs
Current firefox-esr on /community is vulnerable to 3 CVEs (CVE-2018-18356, CVE-2019-5785. CVE-2018-18335). All classified as high impact.
Please upgrade firefox-esr to 60.5.1 or 60.5.2 to have those fixed.
(from redmine: issue id 10075, created on 2019-03-09, closed on 2019-06-19)
- Changesets:
- Revision 85e7f8b3 on 2019-03-10T13:15:22Z:
community/firefox-esr: upgrade to 60.5.2
3 CVEs have been fixed in 60.5.1, 60.5.2 seems to be mostly a bugfix
release. See: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/
Fixes #10075
- Revision e344011d on 2019-03-25T10:47:33Z:
community/firefox-esr: upgrade to 60.5.2
3 CVEs have been fixed in 60.5.1, 60.5.2 seems to be mostly a bugfix
release. See: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/
Fixes #10075
fixes #10059