Mozilla sent Firefox Version 123.0 to the release channel. Firefox ESR was updated to Version 115.7.
The update includes twelve security updates of which four (4) are rated high, six (6) are rated moderate, and two (2) are rated low.
High
#
#CVE-2024-1546: Out-of-bounds memory read in networking channels
#CVE-2024-1547: Alert dialog could have been spoofed on another site
#CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
#CVE-2024-1557: Memory safety bugs fixed in Firefox 123
Moderate
#CVE-2024-1554: fetch could be used to effect cache poisoning
#CVE-2024-1548: Fullscreen Notification could have been hidden by select element
#CVE-2024-1549: Custom cursor could obscure the permission dialog
#CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants
#CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie header in response parts
#CVE-2024-1555: SameSite cookies were not properly respected when opening a website from an external browser
Low
#CVE-2024-1556: Invalid memory access in the built-in profiler
#CVE-2024-1552: Incorrect code generation on 32-bit ARM devices
New
Fixed
Changed
Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox." Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.
References
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment