[RHSA-2023:1786] firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.10.0 ESR.
Security Fix(es):
MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp (BZ#2186102)
Mozilla: Fullscreen notification obscured (CVE-2023-29533)
Mozilla: Potential Memory Corruption following Garbage Collector compaction (CVE-2023-29535)
Mozilla: Invalid free from JavaScript code (CVE-2023-29536)
Mozilla: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 (CVE-2023-29550)
Mozilla: Memory Corruption in Safe Browsing Code (CVE-2023-1945)
Mozilla: Content-Disposition filename truncation leads to Reflected File Download (CVE-2023-29539)
Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux (CVE-2023-29541)
Mozilla: Incorrect optimization result on ARM64 (CVE-2023-29548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/redhat/firefox?arch=x86_64&distro=redhat-9.1 | < 102.10.0-1.el9_1 |
pkg:rpm/redhat/firefox?arch=s390x&distro=redhat-9.1 | < 102.10.0-1.el9_1 |
pkg:rpm/redhat/firefox?arch=ppc64le&distro=redhat-9.1 | < 102.10.0-1.el9_1 |
pkg:rpm/redhat/firefox?arch=aarch64&distro=redhat-9.1 | < 102.10.0-1.el9_1 |
pkg:rpm/redhat/firefox-x11?arch=x86_64&distro=redhat-9.1 | < 102.10.0-1.el9_1 |
pkg:rpm/redhat/firefox-x11?arch=s390x&distro=redhat-9.1 | < 102.10.0-1.el9_1 |
pkg:rpm/redhat/firefox-x11?arch=ppc64le&distro=redhat-9.1 | < 102.10.0-1.el9_1 |
pkg:rpm/redhat/firefox-x11?arch=aarch64&distro=redhat-9.1 | < 102.10.0-1.el9_1 |
- ID
- RHSA-2023:1786
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2023:1786
- Published
-
2023-04-14T00:00:00
(17 months ago) - Modified
-
2023-04-14T00:00:00
(17 months ago) - Rights
- Copyright 2023 Red Hat, Inc.
- Other Advisories
-
- ALAS2-2023-2028
- ALPINE:CVE-2023-1945
- ALPINE:CVE-2023-1999
- ALPINE:CVE-2023-29533
- ALPINE:CVE-2023-29535
- ALPINE:CVE-2023-29536
- ALPINE:CVE-2023-29539
- ALPINE:CVE-2023-29541
- ALPINE:CVE-2023-29548
- ALPINE:CVE-2023-29550
- ALSA-2023:1786
- ALSA-2023:1787
- ALSA-2023:1802
- ALSA-2023:1809
- ALSA-2023:2076
- ALSA-2023:2078
- DSA-5385-1
- DSA-5392-1
- DSA-5408-1
- ELSA-2023-1786
- ELSA-2023-1787
- ELSA-2023-1791
- ELSA-2023-1802
- ELSA-2023-1806
- ELSA-2023-1809
- ELSA-2023-2076
- ELSA-2023-2077
- ELSA-2023-2078
- GLSA-202305-35
- GLSA-202305-36
- GLSA-202309-05
- MFSA-2023-13
- MFSA-2023-14
- MFSA-2023-15
- MS:CVE-2023-1999
- RHSA-2023:1787
- RHSA-2023:1791
- RHSA-2023:1802
- RHSA-2023:1806
- RHSA-2023:1809
- RHSA-2023:2076
- RHSA-2023:2077
- RHSA-2023:2078
- RLSA-2023:1802
- RLSA-2023:1809
- RLSA-2023:2076
- RLSA-2023:2078
- SSA:2023-101-01
- SSA:2023-102-01
- SUSE-SU-2023:1817-1
- SUSE-SU-2023:1819-1
- SUSE-SU-2023:1855-1
- SUSE-SU-2023:2064-1
- SUSE-SU-2023:2467-1
- SUSE-SU-2023:2490-1
- SUSE-SU-2023:2552-1
- USN-6010-1
- USN-6015-1
- USN-6078-1
- USN-6078-2
- USN-6120-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/firefox?arch=x86_64&distro=redhat-9.1 | redhat | firefox | < 102.10.0-1.el9_1 | redhat-9.1 | x86_64 | |
Affected | pkg:rpm/redhat/firefox?arch=s390x&distro=redhat-9.1 | redhat | firefox | < 102.10.0-1.el9_1 | redhat-9.1 | s390x | |
Affected | pkg:rpm/redhat/firefox?arch=ppc64le&distro=redhat-9.1 | redhat | firefox | < 102.10.0-1.el9_1 | redhat-9.1 | ppc64le | |
Affected | pkg:rpm/redhat/firefox?arch=aarch64&distro=redhat-9.1 | redhat | firefox | < 102.10.0-1.el9_1 | redhat-9.1 | aarch64 | |
Affected | pkg:rpm/redhat/firefox-x11?arch=x86_64&distro=redhat-9.1 | redhat | firefox-x11 | < 102.10.0-1.el9_1 | redhat-9.1 | x86_64 | |
Affected | pkg:rpm/redhat/firefox-x11?arch=s390x&distro=redhat-9.1 | redhat | firefox-x11 | < 102.10.0-1.el9_1 | redhat-9.1 | s390x | |
Affected | pkg:rpm/redhat/firefox-x11?arch=ppc64le&distro=redhat-9.1 | redhat | firefox-x11 | < 102.10.0-1.el9_1 | redhat-9.1 | ppc64le | |
Affected | pkg:rpm/redhat/firefox-x11?arch=aarch64&distro=redhat-9.1 | redhat | firefox-x11 | < 102.10.0-1.el9_1 | redhat-9.1 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |