Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.10.0 ESR.
Security Fix(es):
* GetBoundName in the JIT returned the wrong object (CVE-2024-3852)
* Out-of-bounds-read after mis-optimized switch statement (CVE-2024-3854)
* Incorrect JITting of arguments led to use-after-free during garbage collection (CVE-2024-3857)
* Permission prompt input delay could expire when not in focus (CVE-2024-2609)
* Integer-overflow led to out-of-bounds-read in the OpenType sanitizer (CVE-2024-3859)
* Potential use-after-free due to AlignedBuffer self-move (CVE-2024-3861)
* Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 (CVE-2024-3864)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-x11-115.10.0-1.el9_3.alma.1.aarch64.rpm |
d2d6a070a1f2e77630ad67b8394be09a513ff53725cbaf429d369fc0ef3efb42 |
| aarch64 |
firefox-115.10.0-1.el9_3.alma.1.aarch64.rpm |
e1fbb8763dead661162e3ba9cc0009e00541c79ca5689f9422776ad869927aef |
| ppc64le |
firefox-115.10.0-1.el9_3.alma.1.ppc64le.rpm |
7620beb336d67079bb5bd8f4919d5436fb0f1c7300ba2c87cb833b1b16fee2e2 |
| ppc64le |
firefox-x11-115.10.0-1.el9_3.alma.1.ppc64le.rpm |
d4f0ab1d1eec822d0c04ec0c86d5bbcaaa7a686fdd8582bbca538c972a427f25 |
| s390x |
firefox-x11-115.10.0-1.el9_3.alma.1.s390x.rpm |
10dc0e5d92d932adfd0d393ea361872fbe2b4d028217fa8781128f7b9ee7dcdd |
| s390x |
firefox-115.10.0-1.el9_3.alma.1.s390x.rpm |
717d1e927a78f1eef51bcd8e9247d80709d96ed35e51b73b78987cf73dd5a1d1 |
| x86_64 |
firefox-x11-115.10.0-1.el9_3.alma.1.x86_64.rpm |
6000b689d2563704b6afba12d0f601283a080a01e7feb999b954358c020fd7b9 |
| x86_64 |
firefox-115.10.0-1.el9_3.alma.1.x86_64.rpm |
a053879009114c3919d77b0dc4dd31c4d73e12432917f47f16d77b3fb456f0ed |
