ALSA-2022:5777

[ALSA-2022:5777] Important: firefox security update

Type:

security

Severity:

important

Release date:

2022-08-05

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 91.12.0 ESR.
Security Fix(es):
* Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 (CVE-2022-2505)
* Mozilla: Directory indexes for bundled resources reflected URL parameters (CVE-2022-36318)
* Mozilla: Mouse Position spoofing with CSS transforms (CVE-2022-36319)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

ALSA-2022:5777

Updated packages listed below:

Architecture	Package	Checksum
aarch64	firefox-91.12.0-2.el8_6.alma.aarch64.rpm	0eb567661a229953238467b7282b5feac482e3a05dc913ef070a4f720e0720bf
ppc64le	firefox-91.12.0-2.el8_6.alma.ppc64le.rpm	3872ff2fccf77b9dec9d8ecb853dcceb14629b1fd06ac69fea928bec88d1a97c
x86_64	firefox-91.12.0-2.el8_6.alma.x86_64.rpm	d2442510702a5ddf571477830fca94b4c31e96a67d19fd04cec74870e1e244f6

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.