Opened 3 months ago

Closed 3 months ago

#20871 closed enhancement (fixed)

js-128.6.0 firefox-128.6.0

Reported by: Joe Locash Owned by: Douglas R. Reno
Priority: elevated Milestone: 12.3
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

Release notes not available yet. Patch for building with python 3.13.1/3.12.8 no longer needed.

Change History (4)

comment:1 by Douglas R. Reno, 3 months ago

Summary: firefox-128.6.0esrjs-128.6.0 firefox-128.6.0

comment:2 by Joe Locash, 3 months ago

Priority: normalelevated

Mozilla Foundation Security Advisory 2025-02 https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/

  • CVE-2025-0237: WebChannel APIs susceptible to confused deputy attack (moderate)
  • CVE-2025-0238: Use-after-free when breaking lines in text (moderate)
  • CVE-2025-0239: Alt-Svc ALPN validation failure when redirected (moderate)
  • CVE-2025-0240: Compartment mismatch when parsing JavaScript JSON module (moderate)
  • CVE-2025-0241: Memory corruption when using JavaScript Text Segmentation (moderate)
  • CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 (high)
  • CVE-2025-0243: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 (moderate)

comment:3 by Douglas R. Reno, 3 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:4 by Douglas R. Reno, 3 months ago

Resolution: fixed
Status: assignedclosed

Fixed at 297ad6f8388808e38251f8b5770cbe6b96962419

SA-12.2-061 issued for Spidermonkey

SA-12.2-062 issued for Firefox

Note: See TracTickets for help on using tickets.