Context Navigation

← Previous Ticket
Next Ticket →

#19174 closed enhancement (fixed)

firefox-115.7.0

Reported by:	Bruce Dubbs	Owned by:	ken@…
Priority:	normal	Milestone:	12.1
Component:	BOOK	Version:	git
Severity:	normal	Keywords:
Cc:

Description

New minor version.

Change History (4)

comment:1 by ken@…, 3 months ago

Owner:	changed from blfs-book to ken@…
Status:	new → assigned

Builds ok with our current instructions.

comment:2 by ken@…, 3 months ago

Current fixed vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2024-02/

 CVE-2024-0741: Out of bounds write in ANGLE, High.

Based on the previous Angle vulnerability reported in
https://www.mozilla.org/en-US/security/advisories/mfsa2021-06/
this probably only applies to MS Windows: according to wikipedia,
firefox and thunderbird use Angle as an OpenGL backend for Windows.

An out of bounds write in ANGLE could have allowed an attacker
to corrupt memory leading to a potentially exploitable crash.

 CVE-2024-0742: Failure to update user input timestamp: High

It was possible for certain browser prompts and dialogs to be
activated or dismissed unintentionally by the user due to an
incorrect timestamp used to prevent input after page load.
References

 CVE-2024-0746: Crash when listing printers on Linux, Medium.

A Linux user opening the print preview dialog could have
caused the browser to crash.

 CVE-2024-0747: Bypass of Content Security Policy when directive
 unsafe-inline was set: Medium

When a parent page loaded a child in an iframe with unsafe-inline,
the parent Content Security Policy could have overridden the child
Content Security Policy.

 CVE-2024-0749: Phishing site popup could show local origin
 in address bar. Medium

A phishing site could have repurposed an about: dialog to show
phishing content with an incorrect origin in the address bar.

 CVE-2024-0750: Potential permissions request bypass via
 clickjacking. Medium

A bug in popup notifications delay calculation could have made
it possible for an attacker to trick a user into granting permissions.

 CVE-2024-0751: Privilege escalation through devtools. Medium

A malicious devtools extension could have been used to escalate
privileges.

 CVE-2024-0753: HSTS policy on subdomain could bypass policy
 of upper domain. Medium

In specific HSTS configurations an attacker could have bypassed
HSTS on a subdomain.

 CVE-2024-0755: Memory safety bugs fixed in Firefox 122, Firefox
 ESR 115.7, and Thunderbird 115.7. Medium

Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and
Thunderbird 115.6. Some of these bugs showed evidence of memory
corruption and we presume that with enough effort some of these
could have been exploited to run arbitrary code.

I note that they now describe the memory safety bugs fixed in this version as having moderate impact (Medium severity in BLFS terms).

Last edited 3 months ago by ken@… (previous) (diff)

comment:3 by ken@…, 3 months ago

Book updated, sha:r12.0-1322-g20b69968858b

comment:4 by ken@…, 3 months ago

Resolution:	→ fixed
Status:	assigned → closed

Security Advisory SA 12.0-079.

Note: See TracTickets for help on using tickets.

Download in other formats: