[ALSA-2024:1485] Critical: firefox security update
Release date:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.9.1 ESR. Security Fix(es): * nss: timing attack against RSA decryption (CVE-2023-5388) * Mozilla: Crash in NSS TLS method (CVE-2024-0743) * Mozilla: JIT code failed to save return registers on Armv7-A (CVE-2024-2607) * Mozilla: Integer overflow could have led to out of bounds write (CVE-2024-2608) * Mozilla: Improve handling of out-of-memory conditions in ICU (CVE-2024-2616) * Mozilla: Improper handling of html and body tags enabled CSP nonce leakage (CVE-2024-2610) * Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions (CVE-2024-2611) * Mozilla: Self referencing object could have potentially led to a use-after-free (CVE-2024-2612) * Mozilla: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (CVE-2024-2614) * Mozilla: Privileged JavaScript Execution via Event Handlers (CVE-2024-29944) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 firefox-115.9.1-1.el9_3.alma.1.aarch64.rpm 1d8022b8bae86fd1c6526a2542db8c59615c207347ed1eed7206453fd0318228
aarch64 firefox-x11-115.9.1-1.el9_3.alma.1.aarch64.rpm be993156a53ec90951645958e6e38872f935fcb06dc13a8dc03dee07ba7c41d1
ppc64le firefox-x11-115.9.1-1.el9_3.alma.1.ppc64le.rpm 3c6f6e2cde806be14b0d735b034421fd8fae7f3cc99cf88910c15ef8cf1a4e27
ppc64le firefox-115.9.1-1.el9_3.alma.1.ppc64le.rpm 486332015aae571ca6512ba9f16993d258e22c5b394ad06f03386f10261e025d
s390x firefox-115.9.1-1.el9_3.alma.1.s390x.rpm 65ed78086306493a5253219e7bd069468db50061047abc877ee398e8392b80f2
s390x firefox-x11-115.9.1-1.el9_3.alma.1.s390x.rpm 9149cbc13010775dcda7ed0b87da63b456546ac1d930a2a50c7e1cb2e6f1a08f
x86_64 firefox-x11-115.9.1-1.el9_3.alma.1.x86_64.rpm 15d65c1e0b36d015cb9759f4850011cd164478dcabf92ef9bc8561f403c8f80f
x86_64 firefox-115.9.1-1.el9_3.alma.1.x86_64.rpm dbd848b001a1984085f6e557e7e938c8cd85c8ad09b72c757f90d771356fe597
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.