Lucene search

Slackware Linux ProjectSSA-2024-247-01

HistorySep 03, 2024 - 9:15 p.m.

[slackware-security] mozilla-firefox

2024-09-0321:15:31

Slackware Linux Project

www.slackware.com

slackware

mozilla-firefox

security fix

package upgrade

cve-2024-8381

cve-2024-8382

cve-2024-8383

cve-2024-8384

ftp hosting

rsync hosting

installation instructions

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

Low

EPSS

0.001

Percentile

44.1%

JSON

New mozilla-firefox packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:

patches/packages/mozilla-firefox-115.15.0esr-i686-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.15.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-41/
https://vulners.com/cve/CVE-2024-8381
https://vulners.com/cve/CVE-2024-8382
https://vulners.com/cve/CVE-2024-8383
https://vulners.com/cve/CVE-2024-8384
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-firefox-115.15.0esr-i686-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-firefox-115.15.0esr-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-128.2.0esr-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-128.2.0esr-x86_64-1.txz

MD5 signatures:

Slackware 15.0 package:
3d1a29eed6f7c60e5bb550fdd10ca16b mozilla-firefox-115.15.0esr-i686-1_slack15.0.txz

Slackware x86_64 15.0 package:
b04f5c98c20a175659230ebdda2a05ff mozilla-firefox-115.15.0esr-x86_64-1_slack15.0.txz

Slackware -current package:
869213a24c8ceafa0721a2682f1fc545 xap/mozilla-firefox-128.2.0esr-i686-1.txz

Slackware x86_64 -current package:
c6fc4edb88056dfe587612a8fa0469f3 xap/mozilla-firefox-128.2.0esr-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg mozilla-firefox-115.15.0esr-i686-1_slack15.0.txz

OSVersionArchitecturePackageVersionFilename
Slackware15.0i686mozilla-firefox< 115.15.0esrmozilla-firefox-115.15.0esr-i686-1_slack15.0.txz
Slackware15.0x86_64mozilla-firefox< 115.15.0esrmozilla-firefox-115.15.0esr-x86_64-1_slack15.0.txz
Slackwarecurrenti686mozilla-firefox< 128.2.0esrmozilla-firefox-128.2.0esr-i686-1.txz
Slackwarecurrentx86_64mozilla-firefox< 128.2.0esrmozilla-firefox-128.2.0esr-x86_64-1.txz

OS	Version	Architecture	Package	Version	Filename
Slackware	15.0	i686	mozilla-firefox	< 115.15.0esr	mozilla-firefox-115.15.0esr-i686-1_slack15.0.txz
Slackware	15.0	x86_64	mozilla-firefox	< 115.15.0esr	mozilla-firefox-115.15.0esr-x86_64-1_slack15.0.txz
Slackware	current	i686	mozilla-firefox	< 128.2.0esr	mozilla-firefox-128.2.0esr-i686-1.txz
Slackware	current	x86_64	mozilla-firefox	< 128.2.0esr	mozilla-firefox-128.2.0esr-x86_64-1.txz