[ALSA-2023:4076] Important: firefox security update
Type:
security
Severity:
important
Release date:
2023-07-14
Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.13.0 ESR. Security Fix(es): * Mozilla: Use-after-free in WebRTC certificate generation (CVE-2023-37201) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-37202) * Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 (CVE-2023-37211) * Mozilla: Fullscreen notification obscured (CVE-2023-37207) * Mozilla: Lack of warning when opening Diagcab files (CVE-2023-37208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 firefox-102.13.0-2.el8_8.alma.aarch64.rpm e9cfa8161ce5567d0178bc2dd6f1da13347adbde2344807913c64969b3ca97bf
ppc64le firefox-102.13.0-2.el8_8.alma.ppc64le.rpm 70eb0a317b767809ac584a65136c7d9af178a96285a76dffc2ea84971a0a4476
s390x firefox-102.13.0-2.el8_8.alma.s390x.rpm 32eef713ac4ead9e6dce04ddb139ac98a77875e1b414a9eb453c929ba40488c7
x86_64 firefox-102.13.0-2.el8_8.alma.x86_64.rpm be936a7356e2fcfe0708b8247681b9f7fc852e0434c654ac5c3c31a183834b0e
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.