Opened 4 years ago

Closed 4 years ago

#12548 closed enhancement (fixed)


Reported by: Douglas R. Reno Owned by: ken@…
Priority: normal Milestone: 9.1
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version

Change History (2)

comment:1 by ken@…, 4 years ago

Owner: changed from blfs-book to ken@…
Status: newassigned

Fixed external programs launching in the background when clicking a link from inside Firefox to launch them (bug 1570845)

Usability improvements to the Add-ons Manager for users with screen readers (bug 1567600)

Fixed the Captive Portal notification bar not being dismissable in some situations after login is complete (bug 1578633)

Fixed the maximum size of fonts in Reader Mode when zoomed (bug 1578454)

Fixed missing stacks in the Developer Tools Performance section (bug 1578354)

Security Fix:

CVE-2019-11754: Pointer Lock is enabled with no user notification


Johann Hofmann




When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. References

Bug 1580506

As you would expect, that bug is not currently available to normal users and the CVE is not yet detailed. From The vulnerability allows a remote attacker to perform spoofing attacks. Apparently applies to all versions from 66.0.2.

comment:2 by ken@…, 4 years ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.