This update for MozillaFirefox, mozilla-nss fixes the following issues:
Security issue fixed in Mozilla Firefox 60.0.2 ESR:
- CVE-2018-6126: Heap buffer overflow rasterizing paths in SVG with Skia
(MFSA 2018-14, boo#1096449)
The following bugs were fixed:
- In KDE Open with option in download dialog has no effect with
kmozillahelper (boo#1094747)
- Startup crashes on aarch64 (boo#1093059)
Mozilla Firefox now requires NSS 3.36.4 (boo#1096515). The following
changes are included in NSS:
- Fix issues connecting to servers recently upgraded to TLS 1.3
(SSL_RX_MALFORMED_SERVER_HELLO error)
- Fix a rare bug with PKCS#12 files
- Apply additional harding (relro linker option)