Ubuntu alert USN-5411-1 (firefox)
| From: | Chris Coulson <chris.coulson@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-5411-1] Firefox vulnerabilities | |
| Date: | Wed, 11 May 2022 15:11:50 +0100 | |
| Message-ID: | <82f50087-6a28-6002-31f3-366edf88fcb1@canonical.com> |
========================================================================== Ubuntu Security Notice USN-5411-1 May 11, 2022 firefox vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Firefox could be made to crash or run programs as your login if it opened a malicious website. Software Description: - firefox: Mozilla Open Source web browser Details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass permission prompts, obtain sensitive information, bypass security restrictions, or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: firefox 100.0+build2-0ubuntu0.21.10.1 Ubuntu 20.04 LTS: firefox 100.0+build2-0ubuntu0.20.04.1 Ubuntu 18.04 LTS: firefox 100.0+build2-0ubuntu0.18.04.1 After a standard system update you need to restart Firefox to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5411-1 CVE-2022-29909, CVE-2022-29911, CVE-2022-29912, CVE-2022-29914, CVE-2022-29915, CVE-2022-29916, CVE-2022-29917, CVE-2022-29918 Package Information: https://launchpad.net/ubuntu/+source/firefox/100.0+build2... https://launchpad.net/ubuntu/+source/firefox/100.0+build2... https://launchpad.net/ubuntu/+source/firefox/100.0+build2...