Synopsis
Moderate: nss and nspr security, bug fix, and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
An update for nss and nspr is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...
Synopsis
Important: nss, nss-softokn, nss-util security update
Type/Severity
Security Advisory: Important
Topic
An update for nss, nss-softokn, and nss-util is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, cross-site scripting, spoofing, information disclosure, denial of
service or cross-site request forgery
For the oldstable distribution (stretch), these problems have been fixed
in version 6080esr-1~deb9u ...
Multiple security issues have been found in Thunderbird which could
potentially result in the execution of arbitrary code, cross-site
scripting, spoofing, information disclosure, denial of service or
cross-site request forgery
CVE-2019-11719
and CVE-2019-11729 are only addressed for stretch, in
buster Thunderbird uses the system-wide copy of NSS ...
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla nss A remote attacker could trigger this flaw via SRTP encrypt or decrypt operations, to execute arbitrary code with the permissions of the user running the application (compiled with nss) While the attack complexity is high, the impact to confidentiality, integ ...
Several security issues were fixed in NSS ...
Several security issues were fixed in NSS ...
Several security issues were fixed in Thunderbird ...
Firefox could be made to crash or run programs as your login if it
opened a malicious website ...
USN-4054-1 caused some minor regressions in Firefox ...
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used This vulnerability affects Firefox ESR < 608, Firefox < 68, and Thunderbird < 608 (CVE-2019-11729)
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla ...
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla nss A remote attacker could trigger this flaw via SRTP encrypt or decrypt operations, to execute arbitrary code with the permissions of the user running the application (compiled with nss) While the attack complexity is high, the impact to confidentiality, integ ...
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used This vulnerability affects Firefox ESR < 608, Firefox < 68, and Thunderbird < 608 (CVE-2019-11729)
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla ...
Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used This vulnerability affects Firefox ESR < 608, Firefox < 68, and Thunderbird < 608 (CVE-2019-11729)
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla ...
Empty or malformed p256-ECDH public keys may trigger a segmentation fault in Firefox before 680 due values being improperly sanitized before being copied into memory and used ...
Mozilla Foundation Security Advisory 2019-21
Security vulnerabilities fixed in Firefox 68
Announced
July 9, 2019
Impact
critical
Products
Firefox
Fixed in
Firefox 68
...
Mozilla Foundation Security Advisory 2019-28
Security vulnerabilities fixed in Thunderbird 68
Announced
August 27, 2019
Impact
critical
Products
Thunderbird
Fixed in
Thunderbird 68
...
Mozilla Foundation Security Advisory 2019-22
Security vulnerabilities fixed in Firefox ESR 608
Announced
July 9, 2019
Impact
critical
Products
Firefox ESR
Fixed in
Firefox ESR 608
...
Mozilla Foundation Security Advisory 2019-23
Security vulnerabilities fixed in Thunderbird 608
Announced
July 9, 2019
Impact
critical
Products
Thunderbird
Fixed in
Thunderbird 608
...