RLSA-2023:1336 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefo...

Rocky Linux 9 : thunderbird (RLSA-2023:1407)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1407 advisory. - Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 - Mozilla: Potential out-of-bounds when accessing throttled streams...

Rocky Linux 8 : thunderbird (RLSA-2023:1403)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1403 advisory. - Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 - Mozilla: Potential out-of-bounds when accessing throttled streams...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Thunderbird vulnerabilities (USN-5972-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5972-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a...

Updated thunderbird packages fix security vulnerability

Incorrect code generation during JIT compilation. CVE-2023-25751 Potential out-of-bounds when accessing throttled streams. CVE-20223-25752 Invalid downcast in Worklets. CVE-2023-28162 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. CVE-2023-28164 Memor...

MGASA-2023-0116 Updated thunderbird packages fix security vulnerability

Incorrect code generation during JIT compilation. CVE-2023-25751 Potential out-of-bounds when accessing throttled streams. CVE-20223-25752 Invalid downcast in Worklets. CVE-2023-28162 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. CVE-2023-28164 Memor...

Exploit for Use After Free in Google Android

Bad Spin: Android Binder LPE Author: Moshe Kol Privilege esc...

Amazon Linux 2 : thunderbird (ALAS-2023-1988)

The version of thunderbird installed on the remote host is prior to 102.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1988 advisory. The Mozilla Foundation describes this issue as follows: Sometimes, when invalidating JIT code while following an...

Oracle Linux 7 : thunderbird (ELSA-2023-1401)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1401 advisory. 102.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.9.0-1 - Update to...

Mozilla: Incorrect code generation during JIT compilation

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Debian dla-3365 : thunderbird - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3365 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3365-1 [email protected]...

Oracle Linux 7 : firefox (ELSA-2023-1333)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1333 advisory. 102.9.0-3.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

Oracle Linux 9 : firefox (ELSA-2023-1337)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1337 advisory. 102.9.0-3.0.1 - Updated homepages to use https Orabug: 34648274 102.9.0-3 - Update to 102.9.0 build2 102.9.0-2 - removed disable-openh264-download...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RHEL 7 : firefox (RHSA-2023:1333)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1333 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefo...

[SECURITY] Fedora 36 Update: pypy3.7-7.3.9-5.3.7.fc36

PyPy's implementation of Python 3.7, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

Denial Of Service (DoS)

firefox-esr is vulnerable to Denial Of Service DoS. The vulnerability exists due to the incorrect code generation during JIT compilation, which allows an attacker to cause an application crash...