Ubuntu Security Notice 3801-2 - USN-3801-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass mixed content warnings, or execute arbitrary code. Multiple security issues were discovered with WebExtensions in Firefox. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit these to bypass domain restrictions, gain additional privileges, or run content scripts in local pages without permission. Various other issues were also addressed.
19adff75e4651cdc2641de4dfbb8e5a60a5f17ff9dd101eda5aab4bf371e654b
Gentoo Linux Security Advisory 201811-10 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which allows remote attackers to execute arbitrary code. Versions less than 70.0.3538.67 are affected.
34e4453a5a067821b9371405bfb3acde3b985fc5d76924eb9eeef98b76a6647a