RHSA-2021:3159: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.13.0 ESR. Security Fix(es):

• Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980)
• Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984)
• Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986)
• Mozilla: Memory corruption as a result of incorrect style treatment (CVE-2021-29988)
• Mozilla: Memory safety bugs fixed in Thunderbird 78.13 (CVE-2021-29989)
• Mozilla: Use-after-free media channels (CVE-2021-29985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Related CVEs:
• CVE-2021-29980: Mozilla: Uninitialized memory in a canvas object could have led to memory corruption
• CVE-2021-29984: Mozilla: Incorrect instruction reordering during JIT optimization
• CVE-2021-29985: Mozilla: Use-after-free media channels
• CVE-2021-29986: Mozilla: Race condition when resolving DNS names could have led to memory corruption
• CVE-2021-29988: Mozilla: Memory corruption as a result of incorrect style treatment
• CVE-2021-29989: Mozilla: Memory safety bugs fixed in Thunderbird 78.13