Synopsis: Important: firefox security update Advisory ID: SLSA-2023:4079-1 Issue Date: 2023-07-13 CVE Numbers: CVE-2023-37201 CVE-2023-37202 CVE-2023-37207 CVE-2023-37208 CVE-2023-37211 -- This update upgrades Firefox to version 102.13.0 ESR. Security Fix(es): * Mozilla: Use-after-free in WebRTC certificate generation (CVE-2023-37201) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-37202) * Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 (CVE-2023-37211) * Mozilla: Fullscreen notification obscured (CVE-2023-37207) * Mozilla: Lack of warning when opening Diagcab files (CVE-2023-37208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE -- SL7 x86_64 firefox-102.13.0-2.el7_9.x86_64.rpm firefox-debuginfo-102.13.0-2.el7_9.x86_64.rpm firefox-102.13.0-2.el7_9.i686.rpm firefox-debuginfo-102.13.0-2.el7_9.i686.rpm - Scientific Linux Development Team