firefox-102.9.0-3.el9.ML.1

エラータID: AXSA:2023-5234:12

Release date: 
Tuesday, April 18, 2023 - 04:51
Subject: 
firefox-102.9.0-3.el9.ML.1
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 102.9.0 ESR.

Security Fix(es):

* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)
* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)
* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)
* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)
* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-25751
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2023-25752
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2023-28162
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2023-28164
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2023-28176
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. firefox-102.9.0-3.el9.ML.1.src.rpm
    MD5: 9d696a2c14bcd060dad06d8248a6dfea
    SHA-256: d5fc299b9513be7f386e03bc1c295f0847d15292ffeef7174bea70014c9e6186
    Size: 594.62 MB

Asianux Server 9 for x86_64
  1. firefox-102.9.0-3.el9.ML.1.x86_64.rpm
    MD5: f17504aa627a784e44b2727e2e127249
    SHA-256: eb89d191c42b5f5db037789352358ff08a7655bd7cf3298b75043c9346a1806d
    Size: 107.05 MB
  2. firefox-x11-102.9.0-3.el9.ML.1.x86_64.rpm
    MD5: a6cf8b77a9137dfac854433d260c6b76
    SHA-256: 105e01fa41875987e4a5a3a94368f8e262d32c716cd5f00cb17965fca1702562
    Size: 14.15 kB