Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 20.04 LTS USN-6404-2 Moderate: Firefox Regression Fix

ubuntu
Calendar Grey October 11, 2023
Dist Ubuntu Esm H88
Several minor bugs resolved in Chrome after Ubuntu Security Update USN-6404-2. Upgrade now for enhanced efficiency.
USN-6404-1 caused some minor regressions in Firefox.

Summary

USN-6404-1 caused some minor regressions in Firefox.

Software Description:

- firefox: Mozilla Open Source web browser

Details:

USN-6404-1 fixed vulnerabilities in Firefox. The update introduced

several minor regressions. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were

tricked into opening a specially crafted website, an attacker could

potentially exploit these to cause a denial of service, obtain sensitive

information across domains, or execute arbitrary code. (CVE-2023-5169,

CVE-2023-5170, CVE-2023-5171, CVE-2023-5172, CVE-2023-5175, CVE-2023-5176)

Ronald Crane discovered that Firefox did not properly manage memory when

non-HTTPS Alternate Services (network.http.altsvc.oe) is enabled. An

attacker could potentially exploit this issue to cause a denial of service.

(CVE-2023-5173)

Clément Lecigne discovered that Firefox did n...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  firefox                         118.0.2+build2-0ubuntu0.20.04.1

After a standard system update you need to restart Firefox to make all the
necessary changes.

References

https://ubuntu.com/security/notices/USN-6404-2

https://ubuntu.com/security/notices/USN-6404-1

https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/2038977

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6404-2

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here