Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.8.0 ESR.
Security Fix(es):
* Mozilla: Out-of-bounds memory read in networking channels (CVE-2024-1546)
* Mozilla: Alert dialog could have been spoofed on another site (CVE-2024-1547)
* Mozilla: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 (CVE-2024-1553)
* Mozilla: Fullscreen Notification could have been hidden by select element (CVE-2024-1548)
* Mozilla: Custom cursor could obscure the permission dialog (CVE-2024-1549)
* Mozilla: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants (CVE-2024-1550)
* Mozilla: Multipart HTTP Responses would accept the Set-Cookie header in response parts (CVE-2024-1551)
* Mozilla: Incorrect code generation on 32-bit ARM devices (CVE-2024-1552)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture |
Package |
Checksum |
aarch64 |
firefox-115.8.0-1.el8_9.alma.aarch64.rpm |
ab240466d272324429c336821774886352332c6d8159ecdd6b920bf9bcfa4430 |
ppc64le |
firefox-115.8.0-1.el8_9.alma.ppc64le.rpm |
338a330de52c065e57100d42757b66de972966b1b48c662428b7e4e113d60f61 |
s390x |
firefox-115.8.0-1.el8_9.alma.s390x.rpm |
6df6ac0879ffa6ec9fc76037ae575745af6158c408be6385948405facc02ba70 |
x86_64 |
firefox-115.8.0-1.el8_9.alma.x86_64.rpm |
8aa78a82682b4e1908d9e8320ec3c2e7748880ff217035c86c59d00a57f89983 |