First published: Thu Sep 19 2024(Updated: )
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Security Fix(es):<br><li> mozilla: Type confusion when looking up a property name in a &quot;with&quot; block (CVE-2024-8381)</li> <li> mozilla: Internal event interfaces were exposed to web content when browser</li> EventHandler listener callbacks ran (CVE-2024-8382)<br><li> mozilla: Firefox did not ask before openings news: links in an external</li> application (CVE-2024-8383)<br><li> mozilla: Garbage collection could mis-color cross-compartment objects in OOM</li> conditions (CVE-2024-8384)<br><li> mozilla: WASM type confusion involving ArrayTypes (CVE-2024-8385)</li> <li> mozilla: SelectElements could be shown over another site if popups are allowed (CVE-2024-8386)</li> <li> mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and</li> Thunderbird 128.2 (CVE-2024-8387)<br><li> mozilla: Type Confusion in Async Generators in Javascript Engine</li> (CVE-2024-7652)<br>For more details about the security issue(s), including the impact, a CVSS<br>score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/firefox | <128.2.0-1.el7_9 | 128.2.0-1.el7_9 |
redhat/firefox | <128.2.0-1.el7_9 | 128.2.0-1.el7_9 |
redhat/firefox-debuginfo | <128.2.0-1.el7_9 | 128.2.0-1.el7_9 |
redhat/firefox-debuginfo | <128.2.0-1.el7_9 | 128.2.0-1.el7_9 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian | ||
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian | ||
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | ||
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
RHSA-2024:6838 has been classified with an important severity level.
To address RHSA-2024:6838, update the affected Firefox package to version 128.2.0-1.el7_9.
RHSA-2024:6838 affects Red Hat Enterprise Linux Server with Extended Life Cycle Support for IBM Power and IBM z Systems.
RHSA-2024:6838 includes updates for the firefox and firefox-debuginfo packages.
RHSA-2024:6838 applies to both big endian and little endian versions of the affected products.