Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.3.1 ESR.
Security Fix(es):
* firefox: use-after-free in workers (CVE-2023-3600)
* Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169)
* Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171)
* Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176)
* libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-x11-115.3.1-1.el9_2.alma.1.aarch64.rpm |
14287c0a0aff16d7fce0bc22c27e299b91cdf7e4a05b967f17bba7b5cfbcf6d0 |
| aarch64 |
firefox-115.3.1-1.el9_2.alma.1.aarch64.rpm |
b0b6f6fca6ac622687c95c551ad5c55e20c7f210068a1b902de00401d1f5bd97 |
| ppc64le |
firefox-x11-115.3.1-1.el9_2.alma.1.ppc64le.rpm |
2154d53a2f76d7b1beb22f95a2e085cca6cfc430fab85f129834fba423cd6767 |
| ppc64le |
firefox-115.3.1-1.el9_2.alma.1.ppc64le.rpm |
a4383813bc6a8852a07d900c80f9b0c899005cffd6486ab36c07a3f28f445168 |
| s390x |
firefox-115.3.1-1.el9_2.alma.1.s390x.rpm |
37271f06ed4d98ee29a06f6f38c6891fb6681890785bd1b6041fa6954d4969f5 |
| s390x |
firefox-x11-115.3.1-1.el9_2.alma.1.s390x.rpm |
b5779794122a4d2caae12ca2dc64933af14fa926322d368fd11f17bd129b8db1 |
| x86_64 |
firefox-115.3.1-1.el9_2.alma.1.x86_64.rpm |
2ace722e103c40f18f5db55a4991427785d60079d10d6c1069dbc60fc64bf7e0 |
| x86_64 |
firefox-x11-115.3.1-1.el9_2.alma.1.x86_64.rpm |
d891158d9c1e4983a45a6c3fff0f458cf2e3b1087f936aa2c77ce44f42e5db9b |
