SUSE-SU-2019:1684-1

Description of the patch:

This update for MozillaFirefox fixes the following issues:

• Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872)

• CVE-2019-11708: Fix sandbox escape using Prompt:Open.

  • Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.