firefox-esr: Multiple vulnerabilities (CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, CVE-2018-12379)
CVE-2018-12376: Memory safety bugs
CVE-2018-12377: Use-after-free in refresh driver timers
CVE-2018-12378: Use-after-free in IndexedDB
CVE-2018-12379: Out-of-bounds write with malicious MAR file
Fixed In Version:
firefox ESR 60.2
References:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/
(from redmine: issue id 9401, created on 2018-09-10, closed on 2019-04-15)
- Relations:
- child #9402 (closed)
- child #9403 (closed)