[ALSA-2022:9067] Important: firefox security update
Type:
security
Severity:
important
Release date:
2022-12-16
Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.6.0 ESR. Security Fix(es): * Mozilla: Arbitrary file read from a compromised content process (CVE-2022-46872) * Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6 (CVE-2022-46878) * Mozilla: Use-after-free in WebGL (CVE-2022-46880) * Mozilla: Memory corruption in WebGL (CVE-2022-46881) * Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions (CVE-2022-46874) * Mozilla: Use-after-free in WebGL (CVE-2022-46882) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 firefox-102.6.0-1.el8_7.alma.aarch64.rpm b09c0ebbf21c0ea6e09a1313cce30169c959200623b294a0836ed92797e15e13
ppc64le firefox-102.6.0-1.el8_7.alma.ppc64le.rpm ff4649297e1376419f434ab922fe1f5d33e8911b4acf3e463b6d809716c6af5e
s390x firefox-102.6.0-1.el8_7.alma.s390x.rpm d175ccb80abf17aaa4683f98b20244464322125b023d088caba605c064f98827
x86_64 firefox-102.6.0-1.el8_7.alma.x86_64.rpm 6c784052113f828baca4433bc91063609d4fa667ea013cea4abe756dfc92c34f
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.