Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Fedora 30: FEDORA-2019-1ae01e6688 Critical: Firefox Sandbox Escape

fedora
Calendar Grey June 21, 2019
Dist Fedora Esm H88
The recent update for Firefox on Fedora 30, version 67.0.4, effectively resolves a critical sandbox escape issue.
- New upstream version (67.0.4) - Fixes CVE-2019-11708: sandbox escape using Prompt:Open - Release notes are at https://www.firefox.com/en-US/firefox/67.0.4/releasenotes/?redirect_...

Summary

Mozilla Firefox is an open-source web browser, designed for standards

compliance, performance and portability.

- New upstream version (67.0.4) - Fixes CVE-2019-11708: sandbox escape using

Prompt:Open - Release notes are at https://www.firefox.com/en-US/?redirect_source=mozilla-org

* Thu Jun 20 2019 Martin Stransky - 67.0.4-1

- Updated to 67.0.4

* Tue Jun 18 2019 Martin Stransky - 67.0.3-1

- Updated to 67.0.3

* Tue Jun 11 2019 Martin Stransky - 67.0.2-1

- Updated to 67.0.2 Build 2

* Thu May 23 2019 Martin Stransky - 67.0-4

- Added wayland buffer optimization (mozilla#1553747).

* Fri May 17 2019 Martin Stransky - 67.0-3

- Use %lang() in regular builds.

- Updated to 67.0 Build 2

* Thu May 16 2019 Jan Horak - 67.0-2

- Removed %lang() prefix from langpacks file list due to flatpak

* Wed May 15 2019 Martin Stransky - 67.0-1

- Updated to 67.0

* Wed May 8 2019 Martin Stransky - 66.0.5-1

- Updated to 66.0.5

* Sun May 5 2019 Martin Stransky - 66.0.4-1

- Updated to 66.0.4

* Thu May 2 2019 Martin Stransky - 66.0.3-2

- Removed fix for mozbz#526293 as it's broken and does not

bring any new functionality.

* Thu Apr 11 2019 Martin Stransky - 66.0.3-1

- Updated to 66.0.3 (Build 1)

su -c 'dnf upgrade --advisory FEDORA-2019-1ae01e6688' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory fedora update firefox web browser sandbox escape

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 30
Version: 67.0.4
Release: 1.fc30
URL: https://www.firefox.com/en-US/?redirect_source=mozilla-org
Summary: Mozilla Firefox Web browser

Topics%20covered

Topics Covered

security advisory fedora update firefox web browser sandbox escape

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here