Updated firefox/nss packages fix security vulnerability
Publication date: 15 Jun 2023Modification date: 15 Jun 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-34414 , CVE-2023-34416
Description
Click-jacking certificate exceptions through rendering lag.
(CVE-2023-34414)
Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12.
(CVE-2023-34416)
References
- https://bugs.mageia.org/show_bug.cgi?id=31995
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_90.html
- https://firefox-source-docs.mozilla.org/security/nss/releases/index.html
- https://www.mozilla.org/en-US/firefox/102.12.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2023-19/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34414
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34416
SRPMS
8/core
- firefox-102.12.0-1.mga8
- firefox-l10n-102.12.0-1.mga8
- nss-3.90.0-1.mga8