Rocky Linux: RLSA-2023:5184 firefox security update
Summary
An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.1 ESR. Security Fix(es): * libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
RPMs
firefox-0:102.15.1-1.el8_8.aarch64.rpm
firefox-0:102.15.1-1.el8_8.src.rpm
firefox-0:102.15.1-1.el8_8.x86_64.rpm
firefox-debuginfo-0:102.15.1-1.el8_8.aarch64.rpm
firefox-debuginfo-0:102.15.1-1.el8_8.x86_64.rpm
firefox-debugsource-0:102.15.1-1.el8_8.aarch64.rpm
firefox-debugsource-0:102.15.1-1.el8_8.x86_64.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4863
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2238431