[3.8] firefox-esr: Heap buffer overflow rasterizing paths in SVG with Skia (CVE-2018-6126)
A heap buffer overflow can occur in the Skia library when rasterizing
paths using a maliciously
crafted SVG file with anti-aliasing turned off. This results in a
potentially exploitable crash.
Fixed in:
Firefox ESR 52.8.1
Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/
(from redmine: issue id 9035, created on 2018-06-26, closed on 2018-07-16)
- Relations:
- copied_to #9034 (closed)
- parent #9034 (closed)
- Changesets:
- Revision 716ebb36 by Natanael Copa on 2018-07-11T13:43:06Z:
community/firefox-esr: security upgrade to 52.8.1 (CVE-2018-6126)
fixes #9035