USN-5047-1: Firefox vulnerability
19 August 2021
Firefox could be made to incorrectly accept newlines in HTTP/3 response headers.
- firefox - Mozilla Open Source web browser
It was discovered that Firefox could be made to incorrectly accept
newlines in HTTP/3 response headers. If a user were tricked into
opening a specially crafted website, an attacker could exploit this
to conduct header splitting attacks.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart Firefox to make
all the necessary changes.