USN-4234-1

Details

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy (CSP) restrictions, conduct cross-site scripting (XSS) attacks, or execute arbitrary code.

Affected Packages

Ubuntu:16.04:LTSfirefox

Fixed in:

72.0.1+build1-0ubuntu0.16.04.1

Ubuntu:18.04:LTSfirefox

Fixed in:

72.0.1+build1-0ubuntu0.18.04.1

References

REPORThttps://ubuntu.com/security/CVE-2019-17016 REPORThttps://ubuntu.com/security/CVE-2019-17017 REPORThttps://ubuntu.com/security/CVE-2019-17020 REPORThttps://ubuntu.com/security/CVE-2019-17022 REPORThttps://ubuntu.com/security/CVE-2019-17023 REPORThttps://ubuntu.com/security/CVE-2019-17024 REPORThttps://ubuntu.com/security/CVE-2019-17025 REPORThttps://ubuntu.com/security/CVE-2019-17026 ADVISORYhttps://ubuntu.com/security/notices/USN-4234-1

USN-4234-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline