firefox-128.3.1-2.el8_10.ML.1
エラータID: AXSA:2024-8909:35
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
* firefox: Use-after-free in Animation timeline (128.3.1 ESR Chemspill) (CVE-2024-9680)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-9680
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
Update packages.
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
N/A
SRPMS
- firefox-128.3.1-2.el8_10.ML.1.src.rpm
MD5: 9bd1cc008678331f0f936627dd4ecbee
SHA-256: 2ad03a1385dca910c8da07acd8e7605158b16f999e0447020ad97d09a4356e70
Size: 764.85 MB
Asianux Server 8 for x86_64
- firefox-128.3.1-2.el8_10.ML.1.x86_64.rpm
MD5: ff23dfa62a627a561097dd14e0a7d371
SHA-256: b1203e8328d3bd0c9f6e1b2d9716192e91c934981601b8ee13543ccf39bca2ea
Size: 126.44 MB