ASA-201806-5 log generated external raw

[ASA-201806-5] firefox: arbitrary code execution
Arch Linux Security Advisory ASA-201806-5 ========================================= Severity: High Date : 2018-06-08 CVE-ID : CVE-2018-6126 Package : firefox Type : arbitrary code execution Remote : Yes Link : Summary ======= The package firefox before version 60.0.2-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 60.0.2-1. # pacman -Syu "firefox>=60.0.2-1" The problem has been fixed upstream in version 60.0.2. Workaround ========== None. Description =========== A heap-based buffer overflow has been found in the Skia component of the Firefox browser before 60.0.2, when rasterizing paths using a maliciously crafted SVG file with anti-aliasing turned off. Impact ====== A remote attacker can execute arbitrary code via a crafted SVG file. References ==========