ALSA-2024:5391

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

• Firefox: 115.14/128.1 ESR ()
• mozilla: Fullscreen notification dialog can be obscured by document content (CVE-2024-7518)
• mozilla: Out of bounds memory access in graphics shared memory handling (CVE-2024-7519)
• mozilla: Type confusion in WebAssembly (CVE-2024-7520)
• mozilla: Incomplete WebAssembly exception handing (CVE-2024-7521)
• mozilla: Out of bounds read in editor component (CVE-2024-7522)
• mozilla: CSP strict-dynamic bypass using web-compatibility shims (CVE-2024-7524)
• mozilla: Missing permission check when creating a StreamFilter (CVE-2024-7525)
• mozilla: Uninitialized memory used by WebGL (CVE-2024-7526)
• mozilla: Use-after-free in JavaScript garbage collection (CVE-2024-7527)
• mozilla: Use-after-free in IndexedDB (CVE-2024-7528)
• mozilla: Document content could partially obscure security prompts (CVE-2024-7529)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.