Opened 7 years ago
Closed 7 years ago
#10323 closed enhancement (fixed)
firefox-58.0.1
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | high | Milestone: | 8.2 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
Fixes CVE-2018-5124, Arbitrary code execution through unsanitized browser UI
According to The Register, potential remote code execution after opening a malicious document or link.
Change History (4)
comment:1 by , 7 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 7 years ago
comment:3 by , 7 years ago
I tried ac_add_options --disable-optimize but no backtrace.
I don't have any other recent desktops with a 7.3 version of g++. Retrying on the same machine with a build from December.
comment:4 by , 7 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
swears - the build finished, but then it exited before installing. That is the sort of problem I had with rustc-1.23.0, but this is 1.22.1.
I should note that the machine with the segfault has had problems in the past - I suspect it lacks sufficient voltage for the RAM, with no option to change that - but it has been reliable since I started dropping the caches in an initscript. Maybe it will work on gcc-7.3.0 if I reduce the number of available CPUs with taskset : I'm trying that, it has now got past the compile of style, so possibly a local problem.
It built on my fast machine with 8 cores, but when I used a slower 4-core machine to check if the build was slower than before, it failed to compile the style cargo.
Retrying with --verbose it still fails, but reports a segmentation fault, invalid memory reference. That is with gcc-7.3 (which managed to build 58.0.
Possibly similar to https://github.com/rust-lang/rust/issues/45403 - what a heap of fetid dingo's kidneys