ALSA-2022:5767

[ALSA-2022:5767] Important: firefox security update

Type:

security

Severity:

important

Release date:

2022-08-05

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 91.12.0 ESR.
Security Fix(es):
* Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 (CVE-2022-2505)
* Mozilla: Directory indexes for bundled resources reflected URL parameters (CVE-2022-36318)
* Mozilla: Mouse Position spoofing with CSS transforms (CVE-2022-36319)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

ALSA-2022:5767

Updated packages listed below:

Architecture	Package	Checksum
aarch64	firefox-91.12.0-2.el9_0.alma.aarch64.rpm	582e93d9976b9d0bbb38a4dcab49913191b8354af2e2cfe59e5ba84dba501ba3
ppc64le	firefox-91.12.0-2.el9_0.alma.ppc64le.rpm	6cc93c180c1ce5126f278f3c9670a035be91bd677df72bc73fde711d1e05bd26
x86_64	firefox-91.12.0-2.el9_0.alma.x86_64.rpm	cd89c3e6a9ead505f3f95fe9a05206040939e7fb0268a8c160016d1117a7069d

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.