Mageia 2024-0325: rootcerts nss firefox firefox-l10n Security Advisory Updates
Summary
The current versions have reached EOL and several security vulnerabilities
were fixed by Mozilla.
We are having some issues that are delaying the build for some
architectures, so for the moment we are releasing this update just for
x86_64
References
- https://bugs.mageia.org/show_bug.cgi?id=33501
- https://www.mozilla.org/en-US/firefox/115.14.0/releasenotes/
- https://www.mozilla.org/en-US/firefox/128.1.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_103.html#mozilla-projects-nss-nss-3-103-release-notes
- https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_104.html#mozilla-projects-nss-nss-3-104-release-notes
- https://www.mozilla.org/en-US/firefox/128.2.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-40/
- https://www.mozilla.org/en-US/firefox/128.3.0/releasenotes/
- https://www.mozilla.org/fr/security/advisories/mfsa2024-47/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7519
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7520
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7521
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7522
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7524
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7525
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7526
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7527
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7528
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7529
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7531
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8385
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8381
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8382
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8383
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8384
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8386
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8387
Resolution
MGASA-2024-0325 - Updated rootcerts nss firefox firefox-l10n packages fix security vulnerabilities
SRPMS
- 9/core/rootcerts-20240823.00-1.mga9
- 9/core/nss-3.105.0-1.mga9
- 9/core/firefox-128.3.0-1.mga9
- 9/core/firefox-l10n-128.3.0-1.mga9