Title
MGASA-2019-0116 -- обновление безопасности для firefox, firefox-l10n, nspr, rootcerts, nss
Description
Proxy Auto-Configuration file can define localhost access to be proxied
(CVE-2018-18506).
Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6
(CVE-2019-9788).
Use-after-free when removing in-use DOM elements (CVE-2019-9790).
Type inference is incorrect for constructors entered through on-stack
replacement with IonMonkey (CVE-2019-9791).
IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792).
Improper bounds checks when Spectre mitigations are disabled
(CVE-2019-9793).
Type-confusion in IonMonkey JIT compiler (CVE-2019-9795).
Use-after-free with SMIL animation controller (CVE-2019-9796).