View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000197 | AlmaLinux-8 | firefox | public | 2022-03-07 19:04 | 2022-03-10 22:05 |
| Reporter | repulsive-gravity | Assigned To | |||
| Priority | urgent | Severity | major | Reproducibility | have not tried |
| Status | new | Resolution | open | ||
| Platform | el8 | OS Version | 8.5 ArcticSphinx | ||
| Summary | 0000197: CVE-2022-26485 and CVE-2022-26486 Use-After-Free memory exploits; | ||||
| Description | I'm relatively new to Linux, I hope I've brought this to the proper place. I'm sure everyone is aware of this; but, I am wondering if Alma is working on adding these patches to the official repository? Those being : Firefox 91.6.1 esr ; Firefox 97.0.2 Currently, dnf thinks Firefox 91.6.0 is up to date. CVE-2022-26485 and CVE-2022-26486 are the use-after-free memory exploits. Cheers | ||||
| Tags | cve-2022-26485, cve-2022-26486, firefox, zeroday | ||||
| abrt_hash | |||||
| URL | |||||
|
|
Hello! As AlmaLinux is 1:1 compatible with RHEL, we release updates after Red Hat. For now, there's not such an update yet. |
|
|
Hello. firefox-91.7.0-3.el8_5.alma was just released with the following vulnerabilities closed: CVE-2022-25235 CVE-2022-25236 CVE-2022-25315 CVE-2022-26381 CVE-2022-26383 CVE-2022-26384 CVE-2022-26386 CVE-2022-26387 CVE-2022-26485 CVE-2022-26486 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2022-03-07 19:04 | repulsive-gravity | New Issue | |
| 2022-03-07 19:04 | repulsive-gravity | Tag Attached: cve-2022-26485 | |
| 2022-03-07 19:04 | repulsive-gravity | Tag Attached: cve-2022-26486 | |
| 2022-03-07 19:04 | repulsive-gravity | Tag Attached: firefox | |
| 2022-03-07 19:04 | repulsive-gravity | Tag Attached: zeroday | |
| 2022-03-09 10:28 | sboldyreva | Note Added: 0000505 | |
| 2022-03-10 22:05 | alukoshko | Note Added: 0000513 |
