When a page’s content security policy (CSP) header contains a `sandbox` directive other directives are ignored. This results in the incorrect enforcement of CSP directives. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2017-19/#CVE-2017-7803 Acknowledgements: Name: the Mozilla project Upstream: Rhys Enniks
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Via RHSA-2017:2456 https://access.redhat.com/errata/RHSA-2017:2456
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:2534 https://access.redhat.com/errata/RHSA-2017:2534