#17394 closed enhancement (fixed)

firefox-102.6.0 and JS-102.6.0

Reported by: ken@… Owned by: ken@…
Priority: normal Milestone: 11.3
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

Now available, release notes expected tomorrow.

Matches the candidate, which built with the current instructions (i.e. the grep and xargs sed is still needed with python-3.11-series).

In the main JS tests I grepped the log and got: 119 UNEXPECTED (failures), 6179 TEST-KNOWN failurs and 43910 TEST-PASS - that is a total of 50111 so now more than 50,000 tests.

For anyone like me who updates their certs when updating firefox-esr, the current certs include Mozilla's removal of the Trustcor root cert (at last!). Note that python-3.11.1's pip seems to still include that ('certifi' was updated after 3.11.1), but the envvar solves the problem.

Release notes expected tomorrow.

Change History (2)

comment:1 by ken@…, 22 months ago

Release note now available. AFAICS there are no obvious security fixes in JS91 although there are changes in the js module loader (which might be security related) and also in the js wasm code.

Both contain TZ updates to 2022g.

Upstream advisory for firefox-102.6.0 is at https://www.mozilla.org/en-US/security/advisories/mfsa2022-52/

Security Vulnerabilities fixed in Firefox ESR 102.6

Announced
    December 13, 2022
Impact
    high
Products
    Firefox ESR
Fixed in

        Firefox ESR 102.6

#CVE-2022-46880: Use-after-free in WebGL

Reporter
    Atte Kettunen
Impact
    high

Description

A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.
References

    Bug 1749292

#CVE-2022-46872: Arbitrary file read from a compromised content process

Reporter
    Nika Layzell
Impact
    high

Description

An attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC messages.
This bug only affects Firefox for Linux. Other operating systems are unaffected.
References

    Bug 1799156

#CVE-2022-46881: Memory corruption in WebGL 


Reporter
    Karl and an Anonymous ASAN Nightly User
Impact
    high

Description

An optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash.
References

    Bug 1770930

     

#CVE-2022-46874: Drag and Dropped Filenames could have been truncated to malicious extensions

Reporter
    Matthias Zoellner
Impact
    moderate

Description

A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.
References

    Bug 1746139

#CVE-2022-46882: Use-after-free in WebGL

Reporter
    Irvan Kurniawan
Impact
    moderate

Description

A use-after-free in WebGL extensions could have led to a potentially exploitable crash.
References

    Bug 1789371

CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6

Reporter
    Mozilla developers
Impact
    high

Description

Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 107 and Firefox ESR 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6

There was also a macOS-specific CVE.

comment:2 by ken@…, 22 months ago

Resolution: fixed
Status: assignedclosed

Fixed in 8d219de89c638279ca1d1fab8b5ce6191de214c2 11.2-554

Advisory SA 11.2-052.

Note: See TracTickets for help on using tickets.