An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash. Upstream Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1525433 External References: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2019-5785 https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2019-5785 https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2019-5785
Created firefox tracking bugs for this issue: Affects: fedora-all [bug 1676994] Created thunderbird tracking bugs for this issue: Affects: fedora-all [bug 1676995]
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:0373 https://access.redhat.com/errata/RHSA-2019:0373
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:0374 https://access.redhat.com/errata/RHSA-2019:0374