Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia 8: 2022-0207 Moderate Security Update for Firefox and Thunderbird

mageia
Calendar Grey May 25, 2022
Dist Mageia Esm H88
The latest releases of Firefox and Thunderbird address critical security issues, focusing on mitigating risks associated with remote code execution and insecure authentication practices.
Prototype pollution in Top-Level Await implementation

Summary

Prototype pollution in Top-Level Await implementation. (CVE-2022-1802)
Untrusted input used in JavaScript object indexing, leading to prototype pollution. (CVE-2022-1529)

References

- https://bugs.mageia.org/show_bug.cgi?id=30463

- https://www.firefox.com/en-US/firefox/91.9.1/releasenotes/?redirect_source=mozilla-org

- https://www.thunderbird.net/en-US/thunderbird/91.9.1/releasenotes/

- https://www.mozilla.org/en-US/security/advisories/mfsa2022-19/

- https://www.cve.org/CVERecord?id=CVE-2022-1802

- https://www.cve.org/CVERecord?id=CVE-2022-1529

Topics%20covered

Topics Covered

security advisory moderate firefox javascript thunderbird mageia prototype pollution

Resolution

SRPMS

- 8/core/firefox-91.9.1-1.mga8

- 8/core/firefox-l10n-91.9.1-1.mga8

- 8/core/thunderbird-91.9.1-1.mga8

- 8/core/thunderbird-l10n-91.9.1-1.mga8

Publication date: 25 May 2022
URL: https://advisories.mageia.org/MGASA-2022-0207.html
Type: security
CVE: CVE-2022-1802, CVE-2022-1529

Topics%20covered

Topics Covered

security advisory moderate firefox javascript thunderbird mageia prototype pollution

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here