These vulnerabilities were addressed in
- Mozilla Firefox versions prior to 109
- Firefox ESR versions prior to 102.7
If you are a datajar.mobi Fully Managed or Hybrid customer, this update has been released via our Auto-Update framework and macOS devices within scope should receive this patch within 30 minutes of coming online.
If you are an Auto-Update for Jamf customer and you are deploying Mozilla Firefox via Auto-Update for Jamf, we suggest you flush any policies to trigger the update when macOS devices next check-in.
If you have any problems, concerns or questions, please let us know.
More information on these updates can be found here:
Mozilla:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-01/
https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/
CVE:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23597
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23598
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23599
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23600
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23604
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23606