Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia 8: MGASA-2023-0199 Moderate: Firefox Memory Safety Issues

mageia
Calendar Grey June 15, 2023
Dist Mageia Esm H88
Recent updates to the Firefox/NSS packages in Mageia address critical vulnerabilities. Major concerns include memory corruption issues and susceptibility to clickjacking attacks.
Click-jacking certificate exceptions through rendering lag

Summary

Click-jacking certificate exceptions through rendering lag. (CVE-2023-34414)
Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12. (CVE-2023-34416)

References

- https://bugs.mageia.org/show_bug.cgi?id=31995

- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_90.html

- https://firefox-source-docs.mozilla.org/security/nss/releases/index.html

- https://www.firefox.com/en-US/firefox/102.12.0/releasenotes/?redirect_source=mozilla-org

- https://www.mozilla.org/en-US/security/advisories/mfsa2023-19/

- https://www.cve.org/CVERecord?id=CVE-2023-34414

- https://www.cve.org/CVERecord?id=CVE-2023-34416

Topics%20covered

Topics Covered

security advisory moderate security fix Firefox memory safety click-jacking Mageia

Resolution

SRPMS

- 8/core/firefox-102.12.0-1.mga8

- 8/core/firefox-l10n-102.12.0-1.mga8

- 8/core/nss-3.90.0-1.mga8

Publication date: 15 Jun 2023
URL: https://advisories.mageia.org/MGASA-2023-0199.html
Type: security
CVE: CVE-2023-34414, CVE-2023-34416

Topics%20covered

Topics Covered

security advisory moderate security fix Firefox memory safety click-jacking Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here