[Security Advisory] ALSA-2023:1786: firefox security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 9 Type: Security Severity: Important Release date: 2023-04-20
Summary:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.10.0 ESR.
Security Fix(es):
* MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp (BZ#2186102) * Mozilla: Fullscreen notification obscured (CVE-2023-29533) * Mozilla: Potential Memory Corruption following Garbage Collector compaction (CVE-2023-29535) * Mozilla: Invalid free from JavaScript code (CVE-2023-29536) * Mozilla: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 (CVE-2023-29550) * Mozilla: Memory Corruption in Safe Browsing Code (CVE-2023-1945) * Mozilla: Content-Disposition filename truncation leads to Reflected File Download (CVE-2023-29539) * Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux (CVE-2023-29541) * Mozilla: Incorrect optimization result on ARM64 (CVE-2023-29548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/9/ALSA-2023-1786.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/. Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards, AlmaLinux Team
participants (1)
-
AlmaLinux Errata Notifications