SUSE-SU-2023:4213-1 -- SLES MozillaFirefoxID: oval:org.secpod.oval:def:89051016 | Date: (C)2023-11-23 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update for MozillaFirefox fixes the following issues: * Updated to version 115.4.0 ESR . * CVE-2023-5721: Fixed a potential clickjack via queued up rendering. * CVE-2023-5722: Fixed a cross-Origin size and header leakage. * CVE-2023-5723: Fixed unexpected errors when handling invalid cookie characters. * CVE-2023-5724: Fixed a crash due to a large WebGL draw. * CVE-2023-5725: Fixed an issue where WebExtensions could open arbitrary URLs. * CVE-2023-5726: Fixed an issue where fullscreen notifications would be obscured by file the open dialog on macOS. * CVE-2023-5727: Fixed a download protection bypass on on Windows. * CVE-2023-5728: Fixed a crash caused by improper object tracking during GC in the JavaScript engine. * CVE-2023-5729: Fixed an issue where fullscreen notifications would be obscured by WebAuthn prompts. * CVE-2023-5730: Fixed multiple memory safety issues. * CVE-2023-5731: Fixed multiple memory safety issues.
Platform: |
SUSE Linux Enterprise Server 15 SP1 |