firefox-102.3.0-7.el8.ML.1
エラータID: AXSA:2022-3904:25
Release date:
Thursday, October 20, 2022 - 07:04
Subject:
firefox-102.3.0-7.el8.ML.1
Affected Channels:
Asianux Server 8 for x86_64
Severity:
High
Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.3.0 ESR.
Security Fix(es):
* expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2022-40674
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
Solution:
Update packages.
CVEs:
Additional Info:
N/A
Download:
SRPMS
- firefox-102.3.0-7.el8.ML.1.src.rpm
MD5: 638586b6d9fc8f872b7ebec6f401290f
SHA-256: ad042a1158512705cc6efee88236ea0975d86aa6afe2c947a694caf37dfeb7ae
Size: 589.37 MB
Asianux Server 8 for x86_64
- firefox-102.3.0-7.el8.ML.1.x86_64.rpm
MD5: 795c0c34d803763eecf975e828132753
SHA-256: 55433d6b7e65c0272dc95be039044d4506194155deeb91d958b2d5cc8d97ad02
Size: 108.32 MB