firefox-esr: Multiple vulnerabilities (CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145, CVE-2018-5147)
CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR
52.7
CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
CVE-2018-5129: Out-of-bounds write with malformed IPC messages
CVE-2018-5130: Mismatched RTP payload type can trigger memory
corruption
CVE-2018-5131: Fetch API improperly returns cached copies of
no-store/no-cache resources
CVE-2018-5144: Integer overflow during Unicode conversion
CVE-2018-5145: Memory safety bugs fixed in Firefox ESR 52.7
Fixed In Version:
Firefox ESR 52.7
Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-07/
CVE-2018-5147: Out of bounds memory write in libtremor
Fixed In Version:
Firefox ESR 52.7.2
Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
(from redmine: issue id 8700, created on 2018-03-21, closed on 2018-04-03)
- Relations:
- duplicates #8818 (closed)
- copied_to #8701 (closed)
- copied_to #8702 (closed)
- child #8701 (closed)
- child #8702 (closed)