Synopsis: Important: firefox security update
Advisory ID: SLSA-2021:0992-1
Issue Date: 2021-03-25
CVE Numbers: CVE-2021-23981
CVE-2021-23982
CVE-2021-23984
CVE-2021-23987
—
This update upgrades Firefox to version 78.9.0 ESR.
Security Fix(es):
* Mozilla: Texture upload into an unbound backing buffer resulted in an
out-of-bound read (CVE-2021-23981)
* Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
(CVE-2021-23987)
* Mozilla: Internal network hosts could have been probed by a malicious
webpage (CVE-2021-23982)
* Mozilla: Malicious extensions could have spoofed popup information
(CVE-2021-23984)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
—
– Scientific Linux Development Team
