RHSA-2023:4461-01 -- Redhat firefoxID: oval:org.secpod.oval:def:507886 | Date: (C)2023-08-10 (M)2024-02-19 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Security Fix: * Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions * Mozilla: Incorrect value used during WASM compilation * Mozilla: Potential permissions request bypass via clickjacking * Mozilla: Crash in DOMParser due to out-of-memory conditions * Mozilla: Fix potential race conditions when releasing platform objects * Mozilla: Stack buffer overflow in StorageManager * Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 * Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1 * Mozilla: Cookie jar overflow caused unexpected cookie jar state For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |