USN-6143-3: Firefox regressions

Read Time:39 Second

USN-6143-1 fixed vulnerabilities and USN-6143-2 fixed minor regressions in
Firefox. The update introduced several minor regressions. This update fixes
the problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2023-34414,
CVE-2023-34416, CVE-2023-34417)

Jun Kokatsu discovered that Firefox did not properly validate site-isolated
process for a document loaded from a data: URL that was the result of a
redirect, leading to an open redirect attack. An attacker could possibly
use this issue to perform phishing attacks. (CVE-2023-34415)

Gift Card Fraud

U.S. Army Soldier Arrested in AT&T, Verizon Extortions

Salt Typhoon’s Reach Continues to Grow

Majority of UK SMEs Lack Cybersecurity Policy

Happy 15th Anniversary, KrebsOnSecurity!

CISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration

Casino Players Using Hidden Cameras for Cheating

Friday Squid Blogging: Squid on Pizza

Scams Based on Fake Google Emails

gimp-2.10.38-12.fc40

Multiple vulnerabilities in CTFd versions <= 3.7.4

IBMi Navigator / CVE-2024-51464 / HTTP Security Token Bypass

IBMi Navigator / CVE-2024-51463 / Server Side Request Forgery (SSRF)

PAN-OS Firewall Denial of Service (DoS) Vulnerability

golang-github-git-5-5.13.0-1.fc42