In the code that verifies the file size in the ark library, it is possible to manipulate the offset read from the target file due to the wrong use of the data type. An attacker could use this vulnerability to cause a stack buffer overflow and as a result, perform an attack such as remote code execution.

**KISA 인터넷 보호나라&KrCERT**

\[나주본원\] (58324) 전라남도 나주시 진흥길 9 한국인터넷진흥원 대표번호 : 1433-25(수신자 요금 부담)

\[서울청사\] (05717) 서울시 송파구 중대로 135 (가락동) IT벤처타워 \[해킹ㆍ스팸개인정보침해 신고 118\]

Copyright(C) 2021 KISA. All rights reserved.

CVE-2021-26635: KISA 인터넷 보호나라&KrCERT

An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.

**system info**

Ubuntu x86\_64, clang 6.0, swfdump (latest master a9d5082)

**Command line**

./src/swfdump -D @@

**AddressSanitizer output**

\==29246==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61600000ffa0 at pc 0x00000044059d bp 0x7fffffffd270 sp 0x7fffffffd260  
WRITE of size 2 at 0x61600000ffa0 thread T0  
#0 0x44059c in swf\_FontExtract\_DefineTextCallback modules/swftext.c:508  
#1 0x449c46 in swf\_FontExtract\_DefineText modules/swftext.c:532  
#2 0x44a355 in swf\_FontExtract modules/swftext.c:617  
#3 0x40c2dc in fontcallback2 /test/swftools-asan/src/swfdump.c:941  
#4 0x4433c6 in swf\_FontEnumerate modules/swftext.c:133  
#5 0x409208 in main /test/swftools-asan/src/swfdump.c:1296  
#6 0x7ffff68a683f in \_\_libc\_start\_main (/lib/x86\_64-linux-gnu/libc.so.6+0x2083f)  
#7 0x40c168 in \_start (/test/swftools-asan/src/swfdump+0x40c168)

AddressSanitizer can not describe address in more detail (wild memory access suspected).  
SUMMARY: AddressSanitizer: heap-buffer-overflow modules/swftext.c:508 swf\_FontExtract\_DefineTextCallback  
Shadow bytes around the buggy address:  
0x0c2c7fff9fa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
0x0c2c7fff9fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
0x0c2c7fff9fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  
0x0c2c7fff9fd0: 00 00 00 00 00 00 00 00 fa fa fa fa fa fa fa fa  
0x0c2c7fff9fe0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
\=>0x0c2c7fff9ff0: fa fa fa fa\[fa\]fa fa fa fa fa fa fa fa fa fa fa  
0x0c2c7fffa000: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
0x0c2c7fffa010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
0x0c2c7fffa020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
0x0c2c7fffa030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
0x0c2c7fffa040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
Shadow byte legend (one shadow byte represents 8 application bytes):  
Addressable: 00  
Partially addressable: 01 02 03 04 05 06 07  
Heap left redzone: fa  
Heap right redzone: fb  
Freed heap region: fd  
Stack left redzone: f1  
Stack mid redzone: f2  
Stack right redzone: f3  
Stack partial redzone: f4  
Stack after return: f5  
Stack use after scope: f8  
Global redzone: f9  
Global init order: f6  
Poisoned by user: f7  
Container overflow: fc  
Array cookie: ac  
Intra object redzone: bb  
ASan internal: fe  
\==29246==ABORTING  
POC  
swf\_FontExtract\_DefineTextCallback\_poc

CVE-2021-42199: heap-buffer-overflow exists in the function swf_FontExtract_DefineTextCallback  in swftext.c · Issue #173 · matthiaskramm/swftools

ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.

**Heap overflow in get\_charset in ftbench.c**

face->num_glyphs can be zero, as a result, first_index and last_index would be -1. Those variables will be used in get_charset function.

       1244
       1245     if ( first_index >= face->num_glyphs )
       1246       first_index = face->num_glyphs - 1;
     ► 1247     if ( last_index >= face->num_glyphs )
       1248       last_index = face->num_glyphs - 1;
       1249     incr_index = last_index > first_index ? 1 : -1;
       1250

In get_charset, variable i would be assigned -1 and this code would access charset->code[-1] resulting out-of-bound access.

    
    #define FOREACH( i )  for ( i = first_index ;                          \
                                ( first_index <= i && i <= last_index ) || \
                                ( first_index >= i && i >= last_index ) ;  \
                                i += incr_index )
    
    void get_charset(){
        ...
        {
          int  j;
    
    
          /* no charmap, do an identity mapping */
          FOREACH( j )
            charset->code[i++] = (FT_ULong)j;
        }
        ...
    

stack trace:

    =================================================================
    ==2736368==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000000130 at pc 0x00000050005f bp 0x7fff84c241b0 sp 0x7fff84c241a8
    WRITE of size 8 at 0x602000000130 thread T0
        #0 0x50005e in get_charset /targets/struct/freetype/dbg/freetype-demos/src/ftbench.c:820:28
        #1 0x4fcc28 in main /targets/struct/freetype/dbg/freetype-demos/src/ftbench.c:1420:11
        #2 0x7fb18708b0b2 in __libc_start_main /build/glibc-sMfBJT/glibc-2.31/csu/../csu/libc-start.c:308:16
        #3 0x41f6bd in _start (/targets/struct/freetype/dbg/fuzzrun/ftbench+0x41f6bd)
    
    0x602000000131 is located 0 bytes to the right of 1-byte region [0x602000000130,0x602000000131)
    allocated by thread T0 here:
        #0 0x4c4987 in calloc /fuzz/fuzzdeps/llvm-project-11.0.0/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
        #1 0x4ffc36 in get_charset /targets/struct/freetype/dbg/freetype-demos/src/ftbench.c:787:32
        #2 0x4fcc28 in main /targets/struct/freetype/dbg/freetype-demos/src/ftbench.c:1420:11
        #3 0x7fb18708b0b2 in __libc_start_main /build/glibc-sMfBJT/glibc-2.31/csu/../csu/libc-start.c:308:16
    
    SUMMARY: AddressSanitizer: heap-buffer-overflow /targets/struct/freetype/dbg/freetype-demos/src/ftbench.c:820:28 in get_charset
    Shadow bytes around the buggy address:
      0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      0x0c047fff8000: fa fa 04 fa fa fa 00 fa fa fa 00 fa fa fa 00 fa
      0x0c047fff8010: fa fa 00 fa fa fa 00 fa fa fa fd fa fa fa fd fa
    =>0x0c047fff8020: fa fa fd fa fa fa[01]fa fa fa fa fa fa fa fa fa
      0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff8060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      0x0c047fff8070: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
    Shadow byte legend (one shadow byte represents 8 application bytes):
      Addressable:           00
      Partially addressable: 01 02 03 04 05 06 07
      Heap left redzone:       fa
      Freed heap region:       fd
      Stack left redzone:      f1
      Stack mid redzone:       f2
      Stack right redzone:     f3
      Stack after return:      f5
      Stack use after scope:   f8
      Global redzone:          f9
      Global init order:       f6
      Poisoned by user:        f7
      Container overflow:      fc
      Array cookie:            ac
      Intra object redzone:    bb
      ASan internal:           fe
      Left alloca redzone:     ca
      Right alloca redzone:    cb
      Shadow gap:              cc
    ==2736368==ABORTING
    [1]    2736368 abort      ./ftbench -c 1

reproduce steps: ftbench -c 1 ./poc

poc.zip

CVE-2022-31782: Heap overflow in get_charset in ftbench.c (#8) · Issues · FreeType / FreeType Demo Programs · GitLab

This advisory contains mitigations for Protection Mechanism Failure, Forced Browsing, Classic Buffer Overflow, Path Traversal, and OS Command Injection vulnerabilities in Carrier HID Mercury access panels sold by LenlS2.

Carrier LenelS2 HID Mercury access panels

Red Hat Security Advisory 2022-4872-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.10.0 ESR. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:4872-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4872  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-31736 CVE-2022-31737 CVE-2022-31738  
                   CVE-2022-31740 CVE-2022-31741 CVE-2022-31742  
                   CVE-2022-31747  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 91.10.0 ESR.

Security Fix(es):

* Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736)

* Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737)

* Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738)

* Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740)

* Mozilla: Uninitialized variable leads to invalid memory read  
(CVE-2022-31741)

* Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10  
(CVE-2022-31747)

* Mozilla: Querying a WebAuthn token with a large number of allowCredential  
entries may have leaked cross-origin information (CVE-2022-31742)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2092018 - CVE-2022-31736 Mozilla: Cross-Origin resource's length leaked  
2092019 - CVE-2022-31737 Mozilla: Heap buffer overflow in WebGL  
2092021 - CVE-2022-31738 Mozilla: Browser window spoof using fullscreen mode  
2092023 - CVE-2022-31740 Mozilla: Register allocation problem in WASM on arm64  
2092024 - CVE-2022-31741 Mozilla: Uninitialized variable leads to invalid memory read  
2092025 - CVE-2022-31742 Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information  
2092026 - CVE-2022-31747 Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
firefox-91.10.0-1.el8_6.src.rpm

aarch64:  
firefox-91.10.0-1.el8_6.aarch64.rpm  
firefox-debuginfo-91.10.0-1.el8_6.aarch64.rpm  
firefox-debugsource-91.10.0-1.el8_6.aarch64.rpm

ppc64le:  
firefox-91.10.0-1.el8_6.ppc64le.rpm  
firefox-debuginfo-91.10.0-1.el8_6.ppc64le.rpm  
firefox-debugsource-91.10.0-1.el8_6.ppc64le.rpm

s390x:  
firefox-91.10.0-1.el8_6.s390x.rpm  
firefox-debuginfo-91.10.0-1.el8_6.s390x.rpm  
firefox-debugsource-91.10.0-1.el8_6.s390x.rpm

x86_64:  
firefox-91.10.0-1.el8_6.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el8_6.x86_64.rpm  
firefox-debugsource-91.10.0-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-31736  
https://access.redhat.com/security/cve/CVE-2022-31737  
https://access.redhat.com/security/cve/CVE-2022-31738  
https://access.redhat.com/security/cve/CVE-2022-31740  
https://access.redhat.com/security/cve/CVE-2022-31741  
https://access.redhat.com/security/cve/CVE-2022-31742  
https://access.redhat.com/security/cve/CVE-2022-31747  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgd1dzjgjWX9erEAQiwMxAAmZa+buJotqe0AFDVE5ooc1ECPTULONsH  
gB5tT6gtWJ72teJcV9aNmconFkJsQyxUPB41jTcwiBe8pVbbZJnXdtRUhMhEP182  
gxebVvKTOUa8Ce3i2Cw2LkIJzSBbTOocaJX9k7LegXdZa/brbmoDP0G+Ykt63Qh4  
qYoLzpskLRptjqw1RTU7D8qkatn3/9cmVHDgjc+VqT1HCwNxwo87+y4r71j0na9A  
59vB2UbWMpoJ6DNXlQjzgR9D80OSkA4/I5h96O8FrPuqh6pANWs2tHyfK4vhQJnA  
gPGjM0wbWm5doyXP31JGKcld5gnA1+bTrgi9XSKaTGjMiEt5IhWwN99zevnZISAC  
lpD/OO1IG73VIyA5Htj8ZhV2PEPbwIZS1+g8JZml3hiGt2EoSJB5BfPdvilNBtvH  
BsKYd/unfvk5RDC+VzKT1JhhgwZSowjRBrvqoYA1R4UfqnZbJ3wgmuJ/q0g7ggQy  
XupWksXyhQ8txEFnSRrYcYaqCFHW0Y9N5FFhK6K8X7JPALb5KSPDWYgiCU0NPoVN  
xhDWpNha6IKM0vC3582XM5o1K1Zu1HkkppzO2129sHFVBWeLNqelALFApZZUV1nm  
iDgIYH4SZTeyWh0qtiDLwQFxw8BHoA4l5froCMMGWxYw689u1xKc+mNhvKekK1rk  
O8z6gjDLQGA=cQ0/  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4872-01

Red Hat Security Advisory 2022-4875-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.10.0 ESR. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:4875-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4875  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-31736 CVE-2022-31737 CVE-2022-31738  
                   CVE-2022-31740 CVE-2022-31741 CVE-2022-31742  
                   CVE-2022-31747  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.4  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 91.10.0 ESR.

Security Fix(es):

* Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736)

* Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737)

* Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738)

* Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740)

* Mozilla: Uninitialized variable leads to invalid memory read  
(CVE-2022-31741)

* Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10  
(CVE-2022-31747)

* Mozilla: Querying a WebAuthn token with a large number of allowCredential  
entries may have leaked cross-origin information (CVE-2022-31742)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2092018 - CVE-2022-31736 Mozilla: Cross-Origin resource's length leaked  
2092019 - CVE-2022-31737 Mozilla: Heap buffer overflow in WebGL  
2092021 - CVE-2022-31738 Mozilla: Browser window spoof using fullscreen mode  
2092023 - CVE-2022-31740 Mozilla: Register allocation problem in WASM on arm64  
2092024 - CVE-2022-31741 Mozilla: Uninitialized variable leads to invalid memory read  
2092025 - CVE-2022-31742 Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information  
2092026 - CVE-2022-31747 Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:  
firefox-91.10.0-1.el8_4.src.rpm

aarch64:  
firefox-91.10.0-1.el8_4.aarch64.rpm  
firefox-debuginfo-91.10.0-1.el8_4.aarch64.rpm  
firefox-debugsource-91.10.0-1.el8_4.aarch64.rpm

ppc64le:  
firefox-91.10.0-1.el8_4.ppc64le.rpm  
firefox-debuginfo-91.10.0-1.el8_4.ppc64le.rpm  
firefox-debugsource-91.10.0-1.el8_4.ppc64le.rpm

s390x:  
firefox-91.10.0-1.el8_4.s390x.rpm  
firefox-debuginfo-91.10.0-1.el8_4.s390x.rpm  
firefox-debugsource-91.10.0-1.el8_4.s390x.rpm

x86_64:  
firefox-91.10.0-1.el8_4.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el8_4.x86_64.rpm  
firefox-debugsource-91.10.0-1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-31736  
https://access.redhat.com/security/cve/CVE-2022-31737  
https://access.redhat.com/security/cve/CVE-2022-31738  
https://access.redhat.com/security/cve/CVE-2022-31740  
https://access.redhat.com/security/cve/CVE-2022-31741  
https://access.redhat.com/security/cve/CVE-2022-31742  
https://access.redhat.com/security/cve/CVE-2022-31747  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgd4tzjgjWX9erEAQi2ig//cEjyYdU0zxx52YJvfHWfkRVx/G0rG6Ge  
3ogK1IKYRgbXhqB7dCb7fCp+IzfOmOnee4aCadnKolfH6YjsPZe6Ij5CDv/qZPus  
LkvkEU4YJhOCwnn+MhECTd8oOPhJIaXVOpPTpvaEpbcE26+L6bsM+x+Czz21EffF  
+whsiPwG/KnvuXlo2Y91dCl7+FyiGS1DMiHDWbKntgWveRvXntj2UNZd5HcMkOus  
teHrkqNmGVYUeFSI8gZ3GF2kHMzF9G26Zc2zJIG91TB0Hp0VohXFXBR3WHzqYoGN  
oCkTEhStSO5AzW3as9aqJaSGAN7xXqTZfnH9Qa8SRPLz2K7n7FD/MeKsuD3tA8SK  
QGlsTeZz3a/wBhy6gGA/TdR4kLMzu13zkXmOJdknUpnG4abx7A2SpDRaUpd/RFEG  
jl0PvlDRKe7Rk25WZg7p1U6geBD8WhHorEt9Zl16Ty2hbvj9C0+CysOCDhnOlsGY  
ZO/zSdpwoQAX3TGDPVUhnSVqEdOikEUxt9r1oLNVXSmMsxOi//hw2tPRf1gWIUYW  
sTc7UtV2H+55O0qeYjD168wtQsXkOZ+LuuYp1MIiHfvYGDVogXGAxuehuPClTvtG  
GwvPG9bHihK4Ub5WbCFUWd5mtYKWdsMhTaOZrvlINWAjATS1EGDPyhhXWCnLUQSF  
6EG7gSnwA6c=Et91  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4875-01

Red Hat Security Advisory 2022-4871-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.10.0 ESR. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:4871-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4871  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-31736 CVE-2022-31737 CVE-2022-31738  
                   CVE-2022-31740 CVE-2022-31741 CVE-2022-31742  
                   CVE-2022-31747  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.1  
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.1) - ppc64le, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 91.10.0 ESR.

Security Fix(es):

* Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736)

* Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737)

* Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738)

* Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740)

* Mozilla: Uninitialized variable leads to invalid memory read  
(CVE-2022-31741)

* Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10  
(CVE-2022-31747)

* Mozilla: Querying a WebAuthn token with a large number of allowCredential  
entries may have leaked cross-origin information (CVE-2022-31742)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2092018 - CVE-2022-31736 Mozilla: Cross-Origin resource's length leaked  
2092019 - CVE-2022-31737 Mozilla: Heap buffer overflow in WebGL  
2092021 - CVE-2022-31738 Mozilla: Browser window spoof using fullscreen mode  
2092023 - CVE-2022-31740 Mozilla: Register allocation problem in WASM on arm64  
2092024 - CVE-2022-31741 Mozilla: Uninitialized variable leads to invalid memory read  
2092025 - CVE-2022-31742 Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information  
2092026 - CVE-2022-31747 Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.1):

Source:  
firefox-91.10.0-1.el8_1.src.rpm

ppc64le:  
firefox-91.10.0-1.el8_1.ppc64le.rpm  
firefox-debuginfo-91.10.0-1.el8_1.ppc64le.rpm  
firefox-debugsource-91.10.0-1.el8_1.ppc64le.rpm

x86_64:  
firefox-91.10.0-1.el8_1.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el8_1.x86_64.rpm  
firefox-debugsource-91.10.0-1.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-31736  
https://access.redhat.com/security/cve/CVE-2022-31737  
https://access.redhat.com/security/cve/CVE-2022-31738  
https://access.redhat.com/security/cve/CVE-2022-31740  
https://access.redhat.com/security/cve/CVE-2022-31741  
https://access.redhat.com/security/cve/CVE-2022-31742  
https://access.redhat.com/security/cve/CVE-2022-31747  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgd79zjgjWX9erEAQhjcg//VvCubahau29qOg07YlQCdxtIMzSMA+EF  
hUvI9Y7ztwnpyVjhwDtMzCvDc71UlPLKslDYIzGKs+kh7zeV55Puf/et/i+vqS9L  
d0+3cjfMuVKIGLIe+C+2zvRf6a4sA0kDhXOJJS+k4lO+eCNVxC7sPZ9Xu9q6q7S/  
xopwoSXgK2OGMQa0cx+O3UOnoHZewSsNzYpZ5Yk3oGs3gSuR0zwVkRpof1tm0IXQ  
ad7P/+VRMHcpvkDuN9skOfEfMK/GbtzYUd0RuNhWAP2ZkGbjzZkC/uI3yRbqles9  
3gVUnk1kEtylWEFNUSQdIeg0vtxzGSK6UtCwfqZCMDf5xplsL40gHaLFBAZ2+Pt3  
oCJuxJjAx7t6CS5jyd22AzOO0MZlXJ/i8ImMhF/el5BSIlYg47MvSmAdkifuOZSU  
LoY1yd/KIrzG4zcat9Wp/7cNLsJ/T6wU5IZIMkn8kP7t9zONmOYHNb7oUteTK0g2  
shUK29L3yar6mV3e4jF2EnKD7iIea6StDsPsYaXOx609qsFgRVMI8Vd8XXZsv+qw  
5WArFV81iX3Ren7MOhTOkIFTiCnYQfCt3TgPO3N+GtJG4EbH/SeBJmRmfVIAJ5rN  
Qdla0XxWSDjv2EhOHSaAMKQ1udzGgcyY46cJTdXhvlEEMCnTQt7ZfQ6KforixXR9  
Po1w1H4WsyE=+3cB  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4871-01

Red Hat Security Advisory 2022-4870-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.10.0 ESR. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:4870-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4870  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-31736 CVE-2022-31737 CVE-2022-31738  
                   CVE-2022-31740 CVE-2022-31741 CVE-2022-31742  
                   CVE-2022-31747  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64  
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64  
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux Server Optional (v. 7) - x86_64  
Red Hat Enterprise Linux Workstation (v. 7) - x86_64  
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 91.10.0 ESR.

Security Fix(es):

* Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736)

* Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737)

* Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738)

* Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740)

* Mozilla: Uninitialized variable leads to invalid memory read  
(CVE-2022-31741)

* Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10  
(CVE-2022-31747)

* Mozilla: Querying a WebAuthn token with a large number of allowCredential  
entries may have leaked cross-origin information (CVE-2022-31742)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2092018 - CVE-2022-31736 Mozilla: Cross-Origin resource's length leaked  
2092019 - CVE-2022-31737 Mozilla: Heap buffer overflow in WebGL  
2092021 - CVE-2022-31738 Mozilla: Browser window spoof using fullscreen mode  
2092023 - CVE-2022-31740 Mozilla: Register allocation problem in WASM on arm64  
2092024 - CVE-2022-31741 Mozilla: Uninitialized variable leads to invalid memory read  
2092025 - CVE-2022-31742 Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information  
2092026 - CVE-2022-31747 Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:  
firefox-91.10.0-1.el7_9.src.rpm

x86_64:  
firefox-91.10.0-1.el7_9.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:  
firefox-91.10.0-1.el7_9.i686.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:  
firefox-91.10.0-1.el7_9.src.rpm

ppc64:  
firefox-91.10.0-1.el7_9.ppc64.rpm  
firefox-debuginfo-91.10.0-1.el7_9.ppc64.rpm

ppc64le:  
firefox-91.10.0-1.el7_9.ppc64le.rpm  
firefox-debuginfo-91.10.0-1.el7_9.ppc64le.rpm

s390x:  
firefox-91.10.0-1.el7_9.s390x.rpm  
firefox-debuginfo-91.10.0-1.el7_9.s390x.rpm

x86_64:  
firefox-91.10.0-1.el7_9.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

x86_64:  
firefox-91.10.0-1.el7_9.i686.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:  
firefox-91.10.0-1.el7_9.src.rpm

x86_64:  
firefox-91.10.0-1.el7_9.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:  
firefox-91.10.0-1.el7_9.i686.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-31736  
https://access.redhat.com/security/cve/CVE-2022-31737  
https://access.redhat.com/security/cve/CVE-2022-31738  
https://access.redhat.com/security/cve/CVE-2022-31740  
https://access.redhat.com/security/cve/CVE-2022-31741  
https://access.redhat.com/security/cve/CVE-2022-31742  
https://access.redhat.com/security/cve/CVE-2022-31747  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgd29zjgjWX9erEAQjDJw/9GyMoZVw8QM2qWlsNJMu+lOQfiLKV2V5V  
55YeohSIizQMlvRTD3sLt/X787qgsIe8qeD+xdz8Jn4DAaeuw8DBEaZECjlzlCxq  
FQW6EU4E0vy1HP7/xPOTrBhVSop7JMZYBE9bUZ+ker15iVIjRfNbxsI7idMTpRwV  
Fm3eHpA0ua0kKLuLp2O7nOZWCyuKmWt301UXSX2jdJHnf+ok4iE8oJD3BZU75S8f  
Fa6OyoKhjCYQD+wrOqEToQimoNj0sKwrKkf6hKx088/AL5b4m8jW+OSvcmIys4bd  
/sPtrfx6orEoR2wsEo4mfXqa3OZZjGZeCUCPnWpG4+JR/rTkjRhy2AuyfUH8ZLkW  
lcm6gWPApn0Fa7fBTte7usuQyXaPvLFpgKG9oioeP4YWfb6FtTlXlg1uyIUdfI7/  
dp4BBPEkqKzlqLOEsl+vWTUQ/3JI3V7dfrdWt1SHcQ/Tw923KCvNJEhHTklpRuP1  
v8lZuqpOeBQKRAyLnoxyFT9ZzHDOMDsK4C7+eg3/gf2xT94+SshDpsBXnLKl9Ql9  
AKLHNM/BCN04Y9M139Dgdqpciv5c5vKeb33fU0xd0rLEunZPjjwO0hNYEXCJguv+  
ZE0jVVLtcJYqmofw/6SHE7IXP11TTxrSKpT4l9ksG2oSP37+P+V860EzC7VzpI/l  
hzy/DspgZn8=SXox  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4870-01

Red Hat Security Advisory 2022-4873-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.10.0 ESR. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:4873-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4873  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-31736 CVE-2022-31737 CVE-2022-31738  
                   CVE-2022-31740 CVE-2022-31741 CVE-2022-31742  
                   CVE-2022-31747  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 91.10.0 ESR.

Security Fix(es):

* Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736)

* Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737)

* Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738)

* Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740)

* Mozilla: Uninitialized variable leads to invalid memory read  
(CVE-2022-31741)

* Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10  
(CVE-2022-31747)

* Mozilla: Querying a WebAuthn token with a large number of allowCredential  
entries may have leaked cross-origin information (CVE-2022-31742)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2092018 - CVE-2022-31736 Mozilla: Cross-Origin resource's length leaked  
2092019 - CVE-2022-31737 Mozilla: Heap buffer overflow in WebGL  
2092021 - CVE-2022-31738 Mozilla: Browser window spoof using fullscreen mode  
2092023 - CVE-2022-31740 Mozilla: Register allocation problem in WASM on arm64  
2092024 - CVE-2022-31741 Mozilla: Uninitialized variable leads to invalid memory read  
2092025 - CVE-2022-31742 Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information  
2092026 - CVE-2022-31747 Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
firefox-91.10.0-1.el9_0.src.rpm

aarch64:  
firefox-91.10.0-1.el9_0.aarch64.rpm  
firefox-debuginfo-91.10.0-1.el9_0.aarch64.rpm  
firefox-debugsource-91.10.0-1.el9_0.aarch64.rpm

ppc64le:  
firefox-91.10.0-1.el9_0.ppc64le.rpm  
firefox-debuginfo-91.10.0-1.el9_0.ppc64le.rpm  
firefox-debugsource-91.10.0-1.el9_0.ppc64le.rpm

s390x:  
firefox-91.10.0-1.el9_0.s390x.rpm  
firefox-debuginfo-91.10.0-1.el9_0.s390x.rpm  
firefox-debugsource-91.10.0-1.el9_0.s390x.rpm

x86_64:  
firefox-91.10.0-1.el9_0.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el9_0.x86_64.rpm  
firefox-debugsource-91.10.0-1.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-31736  
https://access.redhat.com/security/cve/CVE-2022-31737  
https://access.redhat.com/security/cve/CVE-2022-31738  
https://access.redhat.com/security/cve/CVE-2022-31740  
https://access.redhat.com/security/cve/CVE-2022-31741  
https://access.redhat.com/security/cve/CVE-2022-31742  
https://access.redhat.com/security/cve/CVE-2022-31747  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgdyNzjgjWX9erEAQh2hBAAinhOWMLnEwFBoQ95E02DSTGBuqKypsjO  
3f4R4hfmtUBITBW1Iq1ubHxWgzhPqlp+Q7CYDWOJ6o1B2SvW3JHN6FjpwprvEIr0  
JrzWU5/s4hB0+sf8W/C3TxdvMJUJTXtHdJJLTBrUyYOoVHxNZCS9OprYmYVHfng7  
iuaeMCE4WNqPTrN+gElP9XBqOiwkI846O/v/wpJhHVCwChqqnrp2cao9olUgRWwd  
hmgaht8vx9IXYlrUE1P++wS8PxUbqBxQ/MBpRQ+oaQTx9840AiCf4oCVrtkNwwC1  
L8il9ajRqpWLfjvD9Wl/JX7QUTI4TBnZ7BCKFk+PINK0ufbyvBXUyT4TxnRqGy3E  
cq1DfEi13qLekQVmsI8XcAzMzp2x+Lhd4jhkN3yQkMG3xwDR8m+ZMfxmrDjSxM1B  
7D7rwM6dB8L5IwGuCn8t9fIcqwkh3Wziax6se4JtVrWyo+JCvLYaa6s06ayuH5Rs  
MH3JM2LFMX6PV9RWpS74vCtJaLEkdAqcSCLxJonT9FlNgoevrnMepB1pUJXoJwYm  
EnvLYF2BNvojYQnDOBmo7F/XgK2dPQIbVDxgXy8epv/bKNPRDgPcggRGVJAGB+3e  
FojEykQK6asaD+7DvZtWA8oZEyKuBpZ1HTaejQ2Cj+iVSGkS8MA0Kx3HwJtMPfvp  
KKR5MwWQQJ8=3s/h  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-4873-01

Red Hat Security Advisory 2022-4876-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.10.0 ESR. Issues addressed include a buffer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: firefox security update  
Advisory ID:       RHSA-2022:4876-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:4876  
Issue date:        2022-06-01  
CVE Names:         CVE-2022-31736 CVE-2022-31737 CVE-2022-31738  
                   CVE-2022-31740 CVE-2022-31741 CVE-2022-31742  
                   CVE-2022-31747  
====================================================================  
1. Summary:

An update for firefox is now available for Red Hat Enterprise Linux 8.2  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Firefox is an open-source web browser, designed for standards  
compliance, performance, and portability.

This update upgrades Firefox to version 91.10.0 ESR.

Security Fix(es):

* Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736)

* Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737)

* Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738)

* Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740)

* Mozilla: Uninitialized variable leads to invalid memory read  
(CVE-2022-31741)

* Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10  
(CVE-2022-31747)

* Mozilla: Querying a WebAuthn token with a large number of allowCredential  
entries may have leaked cross-origin information (CVE-2022-31742)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, Firefox must be restarted for the changes to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2092018 - CVE-2022-31736 Mozilla: Cross-Origin resource's length leaked  
2092019 - CVE-2022-31737 Mozilla: Heap buffer overflow in WebGL  
2092021 - CVE-2022-31738 Mozilla: Browser window spoof using fullscreen mode  
2092023 - CVE-2022-31740 Mozilla: Register allocation problem in WASM on arm64  
2092024 - CVE-2022-31741 Mozilla: Uninitialized variable leads to invalid memory read  
2092025 - CVE-2022-31742 Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information  
2092026 - CVE-2022-31747 Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v. 8.2):

Source:  
firefox-91.10.0-1.el8_2.src.rpm

aarch64:  
firefox-91.10.0-1.el8_2.aarch64.rpm  
firefox-debuginfo-91.10.0-1.el8_2.aarch64.rpm  
firefox-debugsource-91.10.0-1.el8_2.aarch64.rpm

ppc64le:  
firefox-91.10.0-1.el8_2.ppc64le.rpm  
firefox-debuginfo-91.10.0-1.el8_2.ppc64le.rpm  
firefox-debugsource-91.10.0-1.el8_2.ppc64le.rpm

s390x:  
firefox-91.10.0-1.el8_2.s390x.rpm  
firefox-debuginfo-91.10.0-1.el8_2.s390x.rpm  
firefox-debugsource-91.10.0-1.el8_2.s390x.rpm

x86_64:  
firefox-91.10.0-1.el8_2.x86_64.rpm  
firefox-debuginfo-91.10.0-1.el8_2.x86_64.rpm  
firefox-debugsource-91.10.0-1.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-31736  
https://access.redhat.com/security/cve/CVE-2022-31737  
https://access.redhat.com/security/cve/CVE-2022-31738  
https://access.redhat.com/security/cve/CVE-2022-31740  
https://access.redhat.com/security/cve/CVE-2022-31741  
https://access.redhat.com/security/cve/CVE-2022-31742  
https://access.redhat.com/security/cve/CVE-2022-31747  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYpgd6NzjgjWX9erEAQgFMxAAk0movkCsstZElr0z8k7ToSZ+zXdNlDk6  
TjToRQhtuxCUKhk2Hvyki262VakFfUN3rV7W2Qwo6hGff9vRwy2ZjFGvMEHnFppY  
3EnfJEyz1HWIlVS+X48Z8XYvP7JJAtSv6nfuNW+eyZhu+IfkwgvdJmVTEU5pEmoU  
gfMVepQaCS/1tJHl3hfz3Ll8Bg3VjFwnc3DhBPMIsGyydvwqimGXydqhxp2OeVqG  
MfhbZPMQAdMKWtJ1cAUlMK53VlGaFI8CF+PHdONuyQvzZH6gw2IWwfyue8MI6Yvg  
IzQZdErZtT6jBaLgqFytbZqNXJfNGaI0APCf0Iqd11PH9+j49mT7/Rispa5ton6t  
Esez4Tp1UQ61uKqk4kWXs0IQb2dSUBFiqeBdlhjWI4xVu1L2WWCCNU2/wt2couwc  
TZVeWoV0hbRvOduDFBaDQ8d4lgcI8lg5M44Qm7H/NG2JNg/kZkqToNZr6eu4KoUc  
fGU8/EHf9hrI97modSJbQbxxbF/ydUCqXS+smkPkDdpylx0MNJOvnqbyz3hJ0veh  
WIOnxfeBPyqOt0l/yC8fztgWDkailtu3ptny8QA7/eX23FQcEnf7zwiQQnJVXhTD  
1ydY3LqGyn3tskQm3jAVl0eI4/JMmmZ92IRWg9JR859eZY3oR4sgFk+G9b4prn9R  
5ne6O7jZOIU=k1cX  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#buffer_overflow