CIRT.GY | Releases Security Updates (February 14, 2019)

Releases Security Updates (February 14, 2019)

Ref# Mozilla | Date: Mar 20th 2019

Description

The Mozilla foundation has released several security vulnerability fixes for Firefox 65.0.1, Thunderbird 60.5.1 and Firefox ESR 60.5.1 on Tuesday and Thursday, February 12 and 14, 2019. These vulnerabilities include 5 high rated impacts.

The vulnerabilities addressed with these security updates are:

High

Use after free in Skia (CVE-2018-18356) https://bugzilla.mozilla.org/show_bug.cgi?id=1525817
Integer overflow in Skia https://bugzilla.mozilla.org/show_bug.cgi?id=1525433
Cross-origin theft of images with Image Bitmap Rendering Content https://bugzilla.mozilla.org/show_bug.cgi?id=1526218
Buffer overflow in Skia with accelerated Canvas 2D https://bugzilla.mozilla.org/show_bug.cgi?id=1525815
S/MIME signature spoofing https://bugzilla.mozilla.org/show_bug.cgi?id=1507218

The Guyana National CIRT recommends that users and administrators review the update and apply them where necessary.

Reference

Mozilla Foundation Security Advisory 2019-04,05,06

https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/

https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/

https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/