Updated firefox packages fix security vulnerabilities

🗓️ 08 Dec 2023 10:55:49Reported by Gentoo FoundationType

Updated Firefox packages fix security vulnerabilities. Out-of-bound memory access in WebGL2 blitFramebuffer, Use-after-free in MessagePort::Entangled, Clickjacking permission prompts using the fullscreen transition, and more

Reporter	Title	Published	Views	Family All 472
ATTACKERKB	CVE-2023-6209	21 Nov 202300:00	–	attackerkb
Tenable Nessus	Amazon Linux 2 : thunderbird (ALAS-2024-2379)	9 Jan 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox (ALASFIREFOX-2024-019)	9 Jan 202400:00	–	nessus
Tenable Nessus	CentOS 8 : thunderbird (CESA-2023:7500)	8 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 8 : firefox (CESA-2023:7508)	8 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 7 : thunderbird (RHSA-2023:7505)	22 Dec 202300:00	–	nessus
Tenable Nessus	CentOS 7 : firefox (RHSA-2023:7509)	22 Dec 202300:00	–	nessus
Tenable Nessus	Debian dla-3661 : firefox-esr - security update	23 Nov 202300:00	–	nessus
Tenable Nessus	Debian dla-3674 : thunderbird - security update	30 Nov 202300:00	–	nessus
Tenable Nessus	Debian DSA-5561-1 : firefox-esr - security update	22 Nov 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Mageia	9	any	firefox	115.5.0-3	firefox-115.5.0-3.noarch.rpm
Mageia	9	any	firefox-l10n	115.5.0-1	firefox-l10n-115.5.0-1.noarch.rpm
Mageia	9	any	nss	3.95.0-1	nss-3.95.0-1.noarch.rpm
Mageia	9	any	rootcerts	20231116.00-1	rootcerts-20231116.00-1.noarch.rpm

Source	Link
bugs	www.bugs.mageia.org/show_bug.cgi
mozilla	www.mozilla.org/en-US/firefox/115.5.0/releasenotes/
mozilla	www.mozilla.org/en-US/security/advisories/mfsa2023-50/
firefox-source-docs	www.firefox-source-docs.mozilla.org/security/nss/releases/nss_3_95.html

08 Dec 2023 10:55Current

8.1High risk

Vulners AI Score8.1

CVSS 3.18.8

EPSS0.00428

SSVC