Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.4.0 ESR.
Security Fix(es):
* Mozilla: Queued up rendering could have allowed websites to clickjack (CVE-2023-5721)
* Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4 (CVE-2023-5730)
* libvpx: crash related to VP9 encoding in libvpx (CVE-2023-44488)
* Mozilla: Large WebGL draw could have led to a crash (CVE-2023-5724)
* Mozilla: WebExtensions could open arbitrary URLs (CVE-2023-5725)
* Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash. (CVE-2023-5728)
* Mozilla: Address bar spoofing via bidirectional characters (CVE-2023-5732)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-x11-115.4.0-1.el9_2.alma.1.aarch64.rpm |
bfa457daa847814cc2bd868d3ebc9d9aa8ec1fa7ad418a62aa04b179032f28c8 |
| aarch64 |
firefox-115.4.0-1.el9_2.alma.1.aarch64.rpm |
dd33c1573212cf687dd13b5550aff1be149c9412159156594ff324ea48c5754e |
| ppc64le |
firefox-115.4.0-1.el9_2.alma.1.ppc64le.rpm |
1eab9af0994f43dce15e69df3932551e5691b82b53113f9440c697548e2a22a1 |
| ppc64le |
firefox-x11-115.4.0-1.el9_2.alma.1.ppc64le.rpm |
3f4b9309922794dab79796bf52c025c3302c310d79b8f843c89a8206af514a8f |
| s390x |
firefox-115.4.0-1.el9_2.alma.1.s390x.rpm |
86880ffb7f3aed02ea9b1f3d4a21da0cf4cc5ce42bd3a0695ff1520d2e76431f |
| s390x |
firefox-x11-115.4.0-1.el9_2.alma.1.s390x.rpm |
8c48c2d54df6a972776fa67964a781d32d60d8935a90ba1a1e8a13691cadffbd |
| x86_64 |
firefox-x11-115.4.0-1.el9_2.alma.1.x86_64.rpm |
46f129bf720ad973b78d0e69ad275555eb35be2d3fdde4167b471e0627a3ab6b |
| x86_64 |
firefox-115.4.0-1.el9_2.alma.1.x86_64.rpm |
a476c0403b8f38c269c37653929874d29f6be77a298c8846eb81929f7d17d57f |
