Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 115.12.0 ESR.
Security Fix(es):
* firefox: Use-after-free in networking (CVE-2024-5702)
* firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688)
* firefox: External protocol handlers leaked by timing attack (CVE-2024-5690)
* firefox: Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691)
* firefox: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693)
* firefox: Memory Corruption in Text Fragments (CVE-2024-5696)
* firefox: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-115.12.0-1.el9_4.alma.1.aarch64.rpm |
365154f8a5e70f2fc8fbb8f87758e175ce752d9c1ff05cafbfd5f140c0a3f226 |
| aarch64 |
firefox-x11-115.12.0-1.el9_4.alma.1.aarch64.rpm |
41d90222deb0b9d64067b007de5d9ecf2f1d1304827480784480070d2976b4ad |
| ppc64le |
firefox-115.12.0-1.el9_4.alma.1.ppc64le.rpm |
03ddc9cc961984fa172b4d46d64114e68e12c90fa289ff47c64d1beab7345675 |
| ppc64le |
firefox-x11-115.12.0-1.el9_4.alma.1.ppc64le.rpm |
b02715862967f52235c70cc20a909ebe64bb66058c9408a5a39deac7541ee0e8 |
| s390x |
firefox-x11-115.12.0-1.el9_4.alma.1.s390x.rpm |
c221d213bcaa471a8707f36b92eb5eec8bf850a3a153d82a3e18dd3ed91ae422 |
| s390x |
firefox-115.12.0-1.el9_4.alma.1.s390x.rpm |
cbcd855bccadb5c142ba22048254abc2497a114cc8b40c5c762c5cc974afa82b |
| x86_64 |
firefox-115.12.0-1.el9_4.alma.1.x86_64.rpm |
35821c6a3af859ed66a6549d4ae75be5baa3365cda477f7feb8313dd610c4cbb |
| x86_64 |
firefox-x11-115.12.0-1.el9_4.alma.1.x86_64.rpm |
a7ab7d43a20f8dde50af9bdfd79c32412481a7316ea04779058c9f7662408520 |
