Opened 15 months ago

Closed 15 months ago

Last modified 11 months ago

#14840 closed enhancement (fixed)

seamonkey-2.53.7

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: high Milestone: 11.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Change History (6)

comment:1 by Douglas R. Reno, 15 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by ken@…, 15 months ago

Release note is at https://www.seamonkey-project.org/releases/seamonkey2.53.7/

 SeaMonkey 2.53.7 contains (among other changes) the following major changes relative to SeaMonkey 2.53.6:

    Remove Flash and NPAPI support bug 1688415.
    Switch packaged extensions to be global bug 1659298.
    Add Insert Forms to Composer bug 1684611.
    Fix an issue with copying to IMAP sent folder and some reference count leaks in mailnews bug 1689890.
    Tailing to delay tracker requests and enhance performance has been enabled bug 1358060.
    Fix an issue with favorite and recent folders not showing in macOS bug 1695869.
    Various security and general platform fixes.
    The ChatZilla source has been integrated into SeaMonkey and no longer needs to be checked out separately if you build your own release bug 1551033.

From reading a diff against 2.53.6 I noticed a change to the docs re runnng PGO - that now says to use mach instead of the old client.mk file. The diff also implies that --disable-elf-hack has been removed from the old-configure files: fortunately, it is still accepted in both methods of building, and works (without it, a DESTDIR failed as with 2.53.6 and current binutils).

Timings for the builds continue to vary, but no obvious difference in times between the old and new methods, and the sizes match.

comment:3 by ken@…, 15 months ago

I tried a PGO build just over 8 hours ago - after about 30 minutes for the initial build it opened a blank seamonkey to run the profiling, and that is still open - I suspect it probably will not finish (supposed to complete and then rebuild). But looking as 'ps aux' it seems to me that './mach build' actually invokes 'make -f client.mk'.

comment:4 by Douglas R. Reno, 15 months ago

Priority: normalhigh

Unfortunately, it looks like it's time to promote this one to High.

This contains the same fixes as 78.6.1, 78.7.0, and 78.8.0 in Firefox land.

Note the Critical rating and the fact that it's protocol based in 78.6.1

78.6.1

Mozilla Foundation Security Advisory 2021-01
Security Vulnerabilities fixed in Firefox 84.0.2, Firefox for Android 84.1.3, and Firefox ESR 78.6.1

Announced
    January 6, 2021
Impact
    critical
Products
    Firefox, Firefox ESR, Firefox for Android
Fixed in

        Firefox 84.0.2
        Firefox ESR 78.6.1
        Firefox for Android 84.1.3

#CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk

Reporter
    Ned Williamson
Impact
    critical

Description

A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run arbitrary code.
References

    Bug 1683964

78.7.0

Mozilla Foundation Security Advisory 2021-04
Security Vulnerabilities fixed in Firefox ESR 78.7

Announced
    January 26, 2021
Impact
    high
Products
    Firefox ESR
Fixed in

        Firefox ESR 78.7

#CVE-2021-23953: Cross-origin information leakage via redirected PDF requests

Reporter
    Rob Wu
Impact
    high

Description

If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data.
References

    Bug 1683940

#CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements

Reporter
    Gary Kwong
Impact
    high

Description

Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash.
References

    Bug 1684020

#CVE-2020-26976: HTTPS pages could have been intercepted by a registered service worker when they should not have been

Reporter
    Andrew Sutherland
Impact
    moderate

Description

When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing.
References

    Bug 1674343

#CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC

Reporter
    Irvan Kurniawan
Impact
    moderate

Description

Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash.
References

    Bug 1675755

#CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7

Reporter
    Mozilla developers and community
Impact
    high

Description

Mozilla developers Alexis Beingessner, Christian Holler, Andrew McCreight, Tyson Smith, Jon Coppeard, André Bargull, Jason Kratzer, Jesse Schwartzentruber, Steve Fink, Byron Campen reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7

78.7.1

Mozilla Foundation Security Advisory 2021-06
Security Vulnerabilities fixed in Firefox 85.0.1 and Firefox ESR 78.7.1

Announced
    February 5, 2021
Impact
    critical
Products
    Firefox, Firefox ESR
Fixed in

        Firefox 85.0.1
        Firefox ESR 78.7.1

#CVE-2020-16048: Buffer overflow in depth pitch calculations for compressed textures

Reporter
    Abraruddin Khan and Omair working with Trend Micro Zero Day Initiative
Impact
    critical

Description

In the Angle graphics library, depth pitch computations did not take into account the block size and simply multiplied the row pitch with the pixel height. This caused the load functions to use a very high depth pitch, reading past the end of the user-supplied buffer.
Note: This issue only affected Windows operating systems. Other operating systems are unaffected.
References

    Bug 1676636

78.8.0

Mozilla Foundation Security Advisory 2021-08
Security Vulnerabilities fixed in Firefox ESR 78.8

Announced
    February 23, 2021
Impact
    high
Products
    Firefox ESR
Fixed in

        Firefox ESR 78.8

#CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect

Reporter
    Masato Kinugawa
Impact
    high

Description

As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin.
References

    Bug 1542194

#CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect

Reporter
    Ademar Nowasky Junior
Impact
    high

Description

If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs.
References

    Bug 1687342

#CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources

Reporter
    Andreas Pehrson
Impact
    low

Description

When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource.
References

    Bug 1690976

#CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8

Reporter
    Mozilla developers
Impact
    high

Description

Mozilla developers Alexis Beingessner, Tyson Smith, Nika Layzell, and Mats Palmgren reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8

comment:5 by Douglas R. Reno, 15 months ago

Resolution: fixed
Status: assignedclosed

Fixed at r24423

comment:6 by Bruce Dubbs, 11 months ago

Milestone: 10.211.0

Milestone renamed

Note: See TracTickets for help on using tickets.