Firefox

  • Updated Mozilla Firefox to 115.7 ESR
  • Fixes for mfsa2024-02, also known as:
    CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0755.
  • Fixes for mfsa2023-54, also known as:
    CVE-2023-6856, CVE-2023-6865, CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6860, CVE-2023-6867, CVE-2023-6861, CVE-2023-6862, CVE-2023-6863, CVE-2023-6864.
  • Fixes for mfsa2023-50, also known as:
    CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207, CVE-2023-6208, CVE-2023-6209, CVE-2023-6212.

Base system

  • Updated ca-certificates to version 20240203.
  • Fixed a privilege escalation in setup_cmd utility.
  • Fixed bluez security issue CVE-2023-45866.
  • Fixed pam security issue CVE-2024-22365.
  • Fixed xorg-server security issues CVE-2024-21886, CVE-2024-21885, CVE-2024-0409, CVE-2024-0408, CVE-2024-0229 and CVE-2023-6816.
  • Fixed gnutls28 security issues CVE-2024-0567 and CVE-2024-0553.
  • Fixed openldap security issue CVE-2023-2953.
  • Fixed openssl security issues CVE-2024-0727, CVE-2023-6237, CVE-2023-6129 and CVE-2023-5678.
  • Fixed xerces-c security issues CVE-2023-37536 and CVE-2018-1311.
  • Fixed mysql-8.0 security issues CVE-2024-20985, CVE-2024-20984, CVE-2024-20983, CVE-2024-20982, CVE-2024-20981, CVE-2024-20978, CVE-2024-20977, CVE-2024-20976, CVE-2024-20974, CVE-2024-20973, CVE-2024-20972, CVE-2024-20971, CVE-2024-20970, CVE-2024-20969, CVE-2024-20967, CVE-2024-20966, CVE-2024-20965, CVE-2024-20964, CVE-2024-20963, CVE-2024-20962, CVE-2024-20961 and CVE-2024-20960.
  • Fixed paramiko security issue CVE-2023-48795.
  • Fixed pillow security issues CVE-2023-50447 and CVE-2023-44271.
  • Fixed pycryptodome security issue CVE-2023-52323.
  • Fixed qtbase-opensource-src security issue CVE-2023-51714.
  • Fixed qemu security issues CVE-2023-6693 and CVE-2023-6683.
  • Fixed zulu17-ca security issues CVE-2024-20932, CVE-2024-20926, CVE-2024-20925, CVE-2024-20923, CVE-2024-20922, CVE-2024-20918, CVE-2024-20952, CVE-2024-20945, CVE-2024-20921 and CVE-2024-20919.
  • Fixed curl security issue CVE-2024-0853.
  • Fixed expat security issues CVE-2023-52426 and CVE-2023-52425.
  • Fixed webkit2gtk security issues CVE-2024-23222, CVE-2024-23213, CVE-2024-23206, CVE-2023-42833, CVE-2023-40414 and CVE-2014-1745.
  • Fixed libde265 security issues CVE-2022-43253, CVE-2022-43252, CVE-2022-43248, CVE-2022-43243, CVE-2022-43242, CVE-2022-43241, CVE-2022-43240, CVE-2022-43239, CVE-2022-43238, CVE-2022-43237, CVE-2022-43236, CVE-2022-43235, CVE-2022-1253, CVE-2021-36411, CVE-2021-36410, CVE-2021-36409, CVE-2021-36408 and CVE-2021-35452.
  • Fixed gst-plugins-bad1.0 security issues CVE-2024-0444, CVE-2023-44446, CVE-2023-44429, CVE-2023-40476, CVE-2023-40475 and CVE-2023-40474.
  • Fixed bind9 security issues CVE-2023-5679, CVE-2023-5517, CVE-2023-50868, CVE-2023-50387 and CVE-2023-4408.
  • Fixed shadow security issue CVE-2023-4641.
  • Fixed qtbase-opensource-src security issue CVE-2024-25580.
  • Fixed libde265 security issues CVE-2023-25221, CVE-2023-24758, CVE-2023-24757, CVE-2023-24756, CVE-2023-24755, CVE-2023-24754, CVE-2023-24752, CVE-2023-24751, CVE-2022-47665, CVE-2022-43250, CVE-2022-43249, CVE-2022-43245 and CVE-2022-43244.
  • Fixed libpq5 security issue CVE-2024-0985.
  • Fixed libtiff5 security issues CVE-2023-6228, CVE-2023-6277 and CVE-2023-52356.
  • Fixed dnsmasq security issues CVE-2023-50868 and CVE-2023-50387.
  • Fixed python-cryptography security issue CVE-2023-50782.
  • Fixed less security issue CVE-2022-48624.
  • Fixed libuv1 security issue CVE-2024-24806.
  • Fixed libssh1.1 security issues 2023-3446 and CVE-2023-3817.