Opened 3 years ago
Closed 3 years ago
#15411 closed enhancement (fixed)
firefox-91.0.1
| Reported by: | Bruce Dubbs | Owned by: | |
|---|---|---|---|
| Priority: | elevated | Milestone: | 11.0 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version. We should be able to get this into 11.0
Change History (4)
follow-up: 2 comment:1 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Priority: | normal → elevated |
| Status: | new → assigned |
follow-up: 3 comment:2 by , 3 years ago
Replying to ken@…:
Fixed an issue causing buttons on the tab bar to be resized when loading certain websites (bug 1704404) Fixed an issue which caused tabs from private windows to be visible in non-private windows when viewing switch-to-tab results in the address bar panel (bug 1720369) Various stability fixesand https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/
Firefox 91.0.1 #CVE-2021-29991: Header Splitting possible with HTTP/3 Responses Reporter Neal Poole Impact high Description Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. References Bug 1724896For those unfamiliar with HTTP/3 wikipedia says it has been supported by Chrome since April 2020 and Firefox since May 2021, so in firefox it is still quite new and not supported in 78esr.
Never heard of it before, just checked the wikipedia page. According to them, "according to W3Techs, 21% of the top 10 million websites support it" Strange, because later on, neither nginx nor apache supports it yet. So I guess, that's again more marketing than reality. Anyway, what exactly is a "top 10 million website" ?
comment:3 by , 3 years ago
Never heard of it before, just checked the wikipedia page. According to them, "according to W3Techs, 21% of the top 10 million websites support it" Strange, because later on, neither nginx nor apache supports it yet. So I guess, that's again more marketing than reality. Anyway, what exactly is a "top 10 million website" ?
Via the link 3 at the bottom of the wikipedia page I got to https://w3techs.com/technologies - seems to be a commercial offering, with links to the commercial providers they use. Reading their text, if one subdomain at a location uses it, that "website" supports it, e.g. on their methodology wordpress.com is a website (if I've understood what they are saying).
From the wikipedia page, probably served by LiteSpeed or nginx with the patch from Cloudflare. Seems to be intended for very high volume websites.
comment:4 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed in @a4f2fb6a8428abb51efe1086b0300a9a6b96d590 10.1-820
Security Advisory SA 10.1-095
NB the fix is in the rust neqo code, so at least that library of the rust libraries listed by wikipedia as supporting HTTP/3 is affected.
and https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/
Firefox 91.0.1 #CVE-2021-29991: Header Splitting possible with HTTP/3 Responses Reporter Neal Poole Impact high Description Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. This allowed for a header splitting attack against servers using HTTP/3. References Bug 1724896For those unfamiliar with HTTP/3 wikipedia says it has been supported by Chrome since April 2020 and Firefox since May 2021, so in firefox it is still quite new and not supported in 78esr.