Mageia 9: MGASA-2025-0045 moderate: Fixes for firefox and nss issues

mageia

February 9, 2025

Use-after-free in XSLT

Summary

Use-after-free in XSLT. (CVE-2025-1009) Use-after-free in Custom Highlight. (CVE-2025-1010) A bug in WebAssembly code generation could result in a crash. (CVE-2025-1011) Use-after-free during concurrent delazification. (CVE-2025-1012) Potential double-free vulnerability in PKCS#7 decryption handling. (CVE-2024-11704) Potential opening of private browsing tabs in normal browsing windows. (CVE-2025-1013) Certificate length was not properly checked. (CVE-2025-1014) Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20, and Thunderbird 128.7. (CVE-2025-1016) Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. (CVE-2025-1017)

References

- https://bugs.mageia.org/show_bug.cgi?id=33983

- https://www.firefox.com/en-US/firefox/128.7.0/releasenotes/?redirect_source=mozilla-org

- https://www.mozilla.org/en-US/security/advisories/mfsa2025-09/

- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_108.html#mozilla-projects-nss-nss-3-108-release-notes

- https://www.cve.org/CVERecord?id=CVE-2025-1009

- https://www.cve.org/CVERecord?id=CVE-2025-1010

- https://www.cve.org/CVERecord?id=CVE-2025-1011

- https://www.cve.org/CVERecord?id=CVE-2025-1012

- https://www.cve.org/CVERecord?id=CVE-2024-11704

- https://www.cve.org/CVERecord?id=CVE-2025-1013

- https://www.cve.org/CVERecord?id=CVE-2025-1014

- https://www.cve.org/CVERecord?id=CVE-2025-1016

- https://www.cve.org/CVERecord?id=CVE-2025-1017

Topics Covered

security advisory security issue update firefox nss root certificates mageia

Resolution

SRPMS

- 9/core/rootcerts-20250130.00-1.mga9

- 9/core/nss-3.108.0-1.mga9

- 9/core/firefox-128.7.0-1.mga9

- 9/core/firefox-l10n-128.7.0-1.mga9

Publication date: 09 Feb 2025

URL: https://advisories.mageia.org/MGASA-2025-0045.html

Type: security

CVE: CVE-2025-1009, CVE-2025-1010, CVE-2025-1011, CVE-2025-1012, CVE-2024-11704, CVE-2025-1013, CVE-2025-1014, CVE-2025-1016, CVE-2025-1017

Topics Covered

security advisory security issue update firefox nss root certificates mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia 9: MGASA-2025-0045 moderate: Fixes for firefox and nss issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Mageia 9: MGASA-2025-0045 moderate: Fixes for firefox and nss issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!