#14840 closed enhancement (fixed)
seamonkey-2.53.7
| Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 11.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version
Change History (6)
comment:1 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 3 years ago
comment:3 by , 3 years ago
I tried a PGO build just over 8 hours ago - after about 30 minutes for the initial build it opened a blank seamonkey to run the profiling, and that is still open - I suspect it probably will not finish (supposed to complete and then rebuild). But looking as 'ps aux' it seems to me that './mach build' actually invokes 'make -f client.mk'.
comment:4 by , 3 years ago
| Priority: | normal → high |
|---|
Unfortunately, it looks like it's time to promote this one to High.
This contains the same fixes as 78.6.1, 78.7.0, and 78.8.0 in Firefox land.
Note the Critical rating and the fact that it's protocol based in 78.6.1
78.6.1
Mozilla Foundation Security Advisory 2021-01
Security Vulnerabilities fixed in Firefox 84.0.2, Firefox for Android 84.1.3, and Firefox ESR 78.6.1
Announced
January 6, 2021
Impact
critical
Products
Firefox, Firefox ESR, Firefox for Android
Fixed in
Firefox 84.0.2
Firefox ESR 78.6.1
Firefox for Android 84.1.3
#CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
Reporter
Ned Williamson
Impact
critical
Description
A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run arbitrary code.
References
Bug 1683964
78.7.0
Mozilla Foundation Security Advisory 2021-04
Security Vulnerabilities fixed in Firefox ESR 78.7
Announced
January 26, 2021
Impact
high
Products
Firefox ESR
Fixed in
Firefox ESR 78.7
#CVE-2021-23953: Cross-origin information leakage via redirected PDF requests
Reporter
Rob Wu
Impact
high
Description
If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data.
References
Bug 1683940
#CVE-2021-23954: Type confusion when using logical assignment operators in JavaScript switch statements
Reporter
Gary Kwong
Impact
high
Description
Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash.
References
Bug 1684020
#CVE-2020-26976: HTTPS pages could have been intercepted by a registered service worker when they should not have been
Reporter
Andrew Sutherland
Impact
moderate
Description
When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing.
References
Bug 1674343
#CVE-2021-23960: Use-after-poison for incorrectly redeclared JavaScript variables during GC
Reporter
Irvan Kurniawan
Impact
moderate
Description
Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash.
References
Bug 1675755
#CVE-2021-23964: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
Reporter
Mozilla developers and community
Impact
high
Description
Mozilla developers Alexis Beingessner, Christian Holler, Andrew McCreight, Tyson Smith, Jon Coppeard, André Bargull, Jason Kratzer, Jesse Schwartzentruber, Steve Fink, Byron Campen reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
References
Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
78.7.1
Mozilla Foundation Security Advisory 2021-06
Security Vulnerabilities fixed in Firefox 85.0.1 and Firefox ESR 78.7.1
Announced
February 5, 2021
Impact
critical
Products
Firefox, Firefox ESR
Fixed in
Firefox 85.0.1
Firefox ESR 78.7.1
#CVE-2020-16048: Buffer overflow in depth pitch calculations for compressed textures
Reporter
Abraruddin Khan and Omair working with Trend Micro Zero Day Initiative
Impact
critical
Description
In the Angle graphics library, depth pitch computations did not take into account the block size and simply multiplied the row pitch with the pixel height. This caused the load functions to use a very high depth pitch, reading past the end of the user-supplied buffer.
Note: This issue only affected Windows operating systems. Other operating systems are unaffected.
References
Bug 1676636
78.8.0
Mozilla Foundation Security Advisory 2021-08
Security Vulnerabilities fixed in Firefox ESR 78.8
Announced
February 23, 2021
Impact
high
Products
Firefox ESR
Fixed in
Firefox ESR 78.8
#CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect
Reporter
Masato Kinugawa
Impact
high
Description
As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avoid unintentional leakage." Under certain types of redirects, Firefox incorrectly set the source file to be the destination of the redirects. This was fixed to be the redirect destination's origin.
References
Bug 1542194
#CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect
Reporter
Ademar Nowasky Junior
Impact
high
Description
If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs.
References
Bug 1687342
#CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources
Reporter
Andreas Pehrson
Impact
low
Description
When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource.
References
Bug 1690976
#CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
Reporter
Mozilla developers
Impact
high
Description
Mozilla developers Alexis Beingessner, Tyson Smith, Nika Layzell, and Mats Palmgren reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
References
Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
Note:
See TracTickets
for help on using tickets.
Release note is at https://www.seamonkey-project.org/releases/seamonkey2.53.7/
SeaMonkey 2.53.7 contains (among other changes) the following major changes relative to SeaMonkey 2.53.6: Remove Flash and NPAPI support bug 1688415. Switch packaged extensions to be global bug 1659298. Add Insert Forms to Composer bug 1684611. Fix an issue with copying to IMAP sent folder and some reference count leaks in mailnews bug 1689890. Tailing to delay tracker requests and enhance performance has been enabled bug 1358060. Fix an issue with favorite and recent folders not showing in macOS bug 1695869. Various security and general platform fixes. The ChatZilla source has been integrated into SeaMonkey and no longer needs to be checked out separately if you build your own release bug 1551033.From reading a diff against 2.53.6 I noticed a change to the docs re runnng PGO - that now says to use mach instead of the old client.mk file. The diff also implies that --disable-elf-hack has been removed from the old-configure files: fortunately, it is still accepted in both methods of building, and works (without it, a DESTDIR failed as with 2.53.6 and current binutils).
Timings for the builds continue to vary, but no obvious difference in times between the old and new methods, and the sizes match.