[ALSA-2023:7508] Important: firefox security update
Release date:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.5.0 ESR. Security Fix(es): * Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204) * Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205) * Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206) * Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207) * Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212) * Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208) * Mozilla: Incorrect parsing of relative URLs starting with "///" (CVE-2023-6209) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 firefox-115.5.0-1.el8_9.alma.1.aarch64.rpm 7ec4864484d062d8e0d72775264a4f03b1035e29bc7924ef54a2af3d0df15f8f
ppc64le firefox-115.5.0-1.el8_9.alma.1.ppc64le.rpm 6dc6af05b35a4f22124446acb07046afde6db0daf08d5352ca1e2e6f61b16c61
s390x firefox-115.5.0-1.el8_9.alma.1.s390x.rpm f7b189f25bd23897da1a31bd9f781ab68707adb9a329288aaa6e9e88dbf3c6be
x86_64 firefox-115.5.0-1.el8_9.alma.1.x86_64.rpm 19e003d9f3000a670d7c868c8503b684f173a80c8c15542f46ef15c973bd20a9
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.