RHSA-2024:0026 -- Redhat firefoxID: oval:org.secpod.oval:def:508210 | Date: (C)2024-01-16 (M)2024-02-08 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.6.0 ESR. Security Fix: Mozilla: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 Mozilla: Potential exposure of uninitialized data in EncryptingOutputStream Mozilla: Symlinks may resolve to smaller than expected buffers Mozilla: Heap buffer overflow in nsTextFragment Mozilla: Use-after-free in PR_GetIdentitiesLayer Mozilla: Potential sandbox escape due to VideoBridge lack of texture validation Mozilla: Heap buffer overflow affected nsWindow::PickerOpen in headless mode Mozilla: Use-after-free in nsDNSService Mozilla: Clickjacking permission prompts using the popup transition Mozilla: Undefined behavior in ShutdownObserver For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |