[ALSA-2022:9065] Important: firefox security update
Type:
security
Severity:
important
Release date:
2022-12-16
Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.6.0 ESR. Security Fix(es): * Mozilla: Arbitrary file read from a compromised content process (CVE-2022-46872) * Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6 (CVE-2022-46878) * Mozilla: Use-after-free in WebGL (CVE-2022-46880) * Mozilla: Memory corruption in WebGL (CVE-2022-46881) * Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions (CVE-2022-46874) * Mozilla: Use-after-free in WebGL (CVE-2022-46882) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 firefox-102.6.0-1.el9_1.alma.aarch64.rpm bfe2c5b2bdfa87dfe708e6157c4df0ca2068d5af4d3e14327b34e870bd107222
ppc64le firefox-102.6.0-1.el9_1.alma.ppc64le.rpm 58a95d80099ac0bc8856610d83a59f39ec73f6c3636f686b1d28954266f5da39
s390x firefox-102.6.0-1.el9_1.alma.s390x.rpm 3f8b7a8addf5978c95e9eae0f005cf4556496b564e49f1924c89a7d5d40e08b8
x86_64 firefox-102.6.0-1.el9_1.alma.x86_64.rpm f88c30e44c3bfcc5a0d26d91af1291ca5f34e86c3a02bce59525e9a727faddee
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.