Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:5767: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1
  • CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters
  • CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm#firefox#sap

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-08-01

Updated:

2022-08-01

RHSA-2022:5767 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: firefox security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for firefox is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 91.12.0 ESR.

Security Fix(es):

  • Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 (CVE-2022-2505)
  • Mozilla: Directory indexes for bundled resources reflected URL parameters (CVE-2022-36318)
  • Mozilla: Mouse Position spoofing with CSS transforms (CVE-2022-36319)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2111907 - CVE-2022-36319 Mozilla: Mouse Position spoofing with CSS transforms
  • BZ - 2111908 - CVE-2022-36318 Mozilla: Directory indexes for bundled resources reflected URL parameters
  • BZ - 2111910 - CVE-2022-2505 Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1

Red Hat Enterprise Linux for x86_64 9

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

x86_64

firefox-91.12.0-2.el9_0.x86_64.rpm

SHA-256: 9d185dead9bdecc208cbaac2d87ff15b8260f4c897bead1847c00a78a0ab0492

firefox-debuginfo-91.12.0-2.el9_0.x86_64.rpm

SHA-256: b3fa64c15e4de878ab1c8fb9c5823de33a3ae55c9458b005132fd021f220aadf

firefox-debugsource-91.12.0-2.el9_0.x86_64.rpm

SHA-256: 96853771276ec19264a39dd4dd662bf5614229326b4e351581defd4429119fb8

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

x86_64

firefox-91.12.0-2.el9_0.x86_64.rpm

SHA-256: 9d185dead9bdecc208cbaac2d87ff15b8260f4c897bead1847c00a78a0ab0492

firefox-debuginfo-91.12.0-2.el9_0.x86_64.rpm

SHA-256: b3fa64c15e4de878ab1c8fb9c5823de33a3ae55c9458b005132fd021f220aadf

firefox-debugsource-91.12.0-2.el9_0.x86_64.rpm

SHA-256: 96853771276ec19264a39dd4dd662bf5614229326b4e351581defd4429119fb8

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

s390x

firefox-91.12.0-2.el9_0.s390x.rpm

SHA-256: 7fd3cf76df7ed49ff67877dfc2ae7c170d3cc5d87d4d63108d05976cb7b10104

firefox-debuginfo-91.12.0-2.el9_0.s390x.rpm

SHA-256: dc42a93fc6bf2bf1ade5bb4e0a7b593e95e2f76f6c7fe8ddedda447d07ffdc04

firefox-debugsource-91.12.0-2.el9_0.s390x.rpm

SHA-256: d95aab1987ba75f738c11edcf204f8128b1089f2db246f574705297948388046

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

s390x

firefox-91.12.0-2.el9_0.s390x.rpm

SHA-256: 7fd3cf76df7ed49ff67877dfc2ae7c170d3cc5d87d4d63108d05976cb7b10104

firefox-debuginfo-91.12.0-2.el9_0.s390x.rpm

SHA-256: dc42a93fc6bf2bf1ade5bb4e0a7b593e95e2f76f6c7fe8ddedda447d07ffdc04

firefox-debugsource-91.12.0-2.el9_0.s390x.rpm

SHA-256: d95aab1987ba75f738c11edcf204f8128b1089f2db246f574705297948388046

Red Hat Enterprise Linux for Power, little endian 9

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

ppc64le

firefox-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: 63162171dd2875c6e0b7c1cecb2247b060cd14a6c6d6c5846561a3ffcbdb278a

firefox-debuginfo-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: 7005e51f32a3008c460c6380962e13aca8f4bf874c07f31d679ed9e257df4de9

firefox-debugsource-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: ccf41ba57d2f46d4ed1c9ccb5a8c5126a188ca43f8ce7c973701f930510467dd

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

ppc64le

firefox-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: 63162171dd2875c6e0b7c1cecb2247b060cd14a6c6d6c5846561a3ffcbdb278a

firefox-debuginfo-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: 7005e51f32a3008c460c6380962e13aca8f4bf874c07f31d679ed9e257df4de9

firefox-debugsource-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: ccf41ba57d2f46d4ed1c9ccb5a8c5126a188ca43f8ce7c973701f930510467dd

Red Hat Enterprise Linux for ARM 64 9

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

aarch64

firefox-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 42d6e5405438443c9d999b3adadd91705b039ca57051415dfca8703919f20914

firefox-debuginfo-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 225afe741a6a47edc2ffb148a1fb42ab71b9bf9beace56f625793f0ed4479708

firefox-debugsource-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 80bb935c8abe3c02be695891f2b8f8735dab288cae2562243b5503bb92c862a0

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

aarch64

firefox-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 42d6e5405438443c9d999b3adadd91705b039ca57051415dfca8703919f20914

firefox-debuginfo-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 225afe741a6a47edc2ffb148a1fb42ab71b9bf9beace56f625793f0ed4479708

firefox-debugsource-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 80bb935c8abe3c02be695891f2b8f8735dab288cae2562243b5503bb92c862a0

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

ppc64le

firefox-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: 63162171dd2875c6e0b7c1cecb2247b060cd14a6c6d6c5846561a3ffcbdb278a

firefox-debuginfo-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: 7005e51f32a3008c460c6380962e13aca8f4bf874c07f31d679ed9e257df4de9

firefox-debugsource-91.12.0-2.el9_0.ppc64le.rpm

SHA-256: ccf41ba57d2f46d4ed1c9ccb5a8c5126a188ca43f8ce7c973701f930510467dd

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

x86_64

firefox-91.12.0-2.el9_0.x86_64.rpm

SHA-256: 9d185dead9bdecc208cbaac2d87ff15b8260f4c897bead1847c00a78a0ab0492

firefox-debuginfo-91.12.0-2.el9_0.x86_64.rpm

SHA-256: b3fa64c15e4de878ab1c8fb9c5823de33a3ae55c9458b005132fd021f220aadf

firefox-debugsource-91.12.0-2.el9_0.x86_64.rpm

SHA-256: 96853771276ec19264a39dd4dd662bf5614229326b4e351581defd4429119fb8

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

aarch64

firefox-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 42d6e5405438443c9d999b3adadd91705b039ca57051415dfca8703919f20914

firefox-debuginfo-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 225afe741a6a47edc2ffb148a1fb42ab71b9bf9beace56f625793f0ed4479708

firefox-debugsource-91.12.0-2.el9_0.aarch64.rpm

SHA-256: 80bb935c8abe3c02be695891f2b8f8735dab288cae2562243b5503bb92c862a0

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0

SRPM

firefox-91.12.0-2.el9_0.src.rpm

SHA-256: 28445b9dba04028aa09fdeb8816f8cefdc15ca9176abffdc9c3c0a287ec0c469

s390x

firefox-91.12.0-2.el9_0.s390x.rpm

SHA-256: 7fd3cf76df7ed49ff67877dfc2ae7c170d3cc5d87d4d63108d05976cb7b10104

firefox-debuginfo-91.12.0-2.el9_0.s390x.rpm

SHA-256: dc42a93fc6bf2bf1ade5bb4e0a7b593e95e2f76f6c7fe8ddedda447d07ffdc04

firefox-debugsource-91.12.0-2.el9_0.s390x.rpm

SHA-256: d95aab1987ba75f738c11edcf204f8128b1089f2db246f574705297948388046

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

CVE-2022-36316: Security Vulnerabilities fixed in Firefox 103

When using the Performance API, an attacker was able to notice subtle differences between PerformanceEntries and thus learn whether the target URL had been subject to a redirect. This vulnerability affects Firefox < 103.

CVE-2022-36314: Security Vulnerabilities fixed in Firefox ESR 102.1

When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1.

Gentoo Linux Security Advisory 202208-14

Gentoo Linux Security Advisory 202208-14 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 91.12.0 are affected.

Red Hat Security Advisory 2022-5766-01

Red Hat Security Advisory 2022-5766-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.12.0 ESR. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2022-5778-01

Red Hat Security Advisory 2022-5778-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.12.0. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2022-5765-01

Red Hat Security Advisory 2022-5765-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.12.0 ESR. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2022-5770-01

Red Hat Security Advisory 2022-5770-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.12.0. Issues addressed include a spoofing vulnerability.

Red Hat Security Advisory 2022-5767-01

Red Hat Security Advisory 2022-5767-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.12.0 ESR. Issues addressed include a spoofing vulnerability.

RHSA-2022:5776: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5773: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5777: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5774: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5778: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5772: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5769: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5771: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5770: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5770: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5770: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5765: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

RHSA-2022:5766: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2505: Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 * CVE-2022-36318: Mozilla: Directory indexes for bundled resources reflected URL parameters * CVE-2022-36319: Mozilla: Mouse Position spoofing with CSS transforms

Ubuntu Security Notice USN-5536-1

Ubuntu Security Notice 5536-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information, or execute arbitrary code.

Ubuntu Security Notice USN-5536-1

Ubuntu Security Notice 5536-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information, or execute arbitrary code.

Ubuntu Security Notice USN-5536-1

Ubuntu Security Notice 5536-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information, or execute arbitrary code.