Fedora Linux 8783 Published by

A firefox security update has been released for Fedora 37.



[SECURITY] Fedora 37 Update: firefox-118.0.1-7.fc37


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-09ec498a2a
2023-10-10 01:32:45.619525
--------------------------------------------------------------------------------

Name : firefox
Product : Fedora 37
Version : 118.0.1
Release : 7.fc37
URL : https://www.mozilla.org/firefox/
Summary : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

--------------------------------------------------------------------------------
Update Information:

This update is intended to fix all the issues with broken launchers and KDE
crashes that were caused by changes to the .desktop files in recent Firefox
updates. Please report any remaining issues. ---- This update provides the
latest release of Firefox, with an important security fix. We highly recommend
you install this update immediately and restart all Firefox instances.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 6 2023 Alessandro Astone [ales.astone@gmail.com] - 118.0.1-7
- Don't include -x11 and -wayland desktop files in the main package (rhbz#2242523)
* Fri Oct 6 2023 Martin Stransky [stransky@redhat.com]- 118.0.1-6
- Removed DBusActivatable flag from desktop file as it crashes KDE (rhbz#2242454).
* Thu Oct 5 2023 Kalev Lember [klember@redhat.com] - 118.0.1-5
- Fix flatpak build
* Mon Oct 2 2023 Martin Stransky [stransky@redhat.com]- 118.0.1-4
- Updated man page
* Mon Oct 2 2023 Martin Stransky [stransky@redhat.com]- 118.0.1-3
- Avoid to launch Firefox by gnome-shell search
* Fri Sep 29 2023 Martin Stransky [stransky@redhat.com]- 118.0.1-2
- Use firefox.desktop again
* Fri Sep 29 2023 Martin Stransky [stransky@redhat.com]- 118.0.1-1
- Updated to 118.0.1
* Wed Sep 27 2023 Neal Gompa [ngompa@fedoraproject.org] - 118.0.1-1
- Use system libraries for AV1, VP8, VP9, and WebP
* Wed Sep 27 2023 Martin Stransky [stransky@redhat.com]- 118.0-2
- Fixed Gnome search provider
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2241122 - CVE-2023-5129 firefox: libwebp: out-of-bounds write with a specially crafted WebP lossless file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2241122
[ 2 ] Bug #2242454 - DBusActivatable is not implemented correctly
https://bugzilla.redhat.com/show_bug.cgi?id=2242454
[ 3 ] Bug #2242523 - Too many firefox launchers are preinstalled
https://bugzilla.redhat.com/show_bug.cgi?id=2242523
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-09ec498a2a' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------