Critical Firefox vulnerability fixed in 59.0.1

Full Article :

Fedora Magazine -

On Friday, Mozilla issued a security advisory for Firefox, the default web browser in Fedora. This advisory centered around two CVEs — both of which allowed an out of bounds memory write while processing Vorbis audio data, leading to arbitrary code execution. CVE-2018-5146 is against the bundled library libvorbis that Firefox ships to process Vorbis audio on most architectures. CVE-2018-5147 is against libtremor, which firefox bundles for the same task on ARM architectures.

At the same time as the security advisory was issued, Mozilla released Firefox 59.0.1 that fixes these issues.

Updating Firefox in Fedora

At the time of writing,

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: