RHSA-2024:1912 -- Redhat firefoxID: oval:org.secpod.oval:def:509201 | Date: (C)2024-04-25 (M)2024-05-09 |
Class: PATCH | Family: unix |
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.10.0 ESR. Security Fix: GetBoundName in the JIT returned the wrong object Out-of-bounds-read after mis-optimized switch statement Incorrect JITting of arguments led to use-after-free during garbage collection Permission prompt input delay could expire when not in focus Integer-overflow led to out-of-bounds-read in the OpenType sanitizer Potential use-after-free due to AlignedBuffer self-move Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 8 |