Opened 9 months ago

Closed 9 months ago

Last modified 9 months ago

#21509 closed enhancement (fixed)

js-128.10.0 (spidermonkey) and firefox-128.10.0

Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: elevated Milestone: 12.4
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (5)

comment:1 by Bruce Dubbs, 9 months ago

Summary: js-128.10.0 (spidermonkey)js-128.10.0 (spidermonkey) and firefox-128.10.0

comment:2 by Joe Locash, 9 months ago

Priority: normalelevated

Mozilla Foundation Security Advisory 2025-29 https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/

  • CVE-2025-2817: Privilege escalation in Firefox Updater (high)
  • CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS (high)
  • CVE-2025-4083: Process isolation bypass using "javascript:" URI links in cross-origin frames (high)
  • CVE-2025-4084: Potential local code execution in "copy as cURL" command (moderate)
  • CVE-2025-4087: Unsafe attribute access during XPath parsing (moderate)
  • CVE-2025-4091: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 (moderate)
  • CVE-2025-4093: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10 (high)

comment:3 by Douglas R. Reno, 9 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:4 by Douglas R. Reno, 9 months ago

Resolution: fixed
Status: assignedclosed

Fixed at 2d1d4ca9c810a3d11ed116a36af050f7924f94fe

SA added to my TODO list. There are a couple of other issues I want to resolve and then I will release the recent ones in a bunch.

comment:5 by Douglas R. Reno, 9 months ago

SA-12.3-034 issued

Note: See TracTickets for help on using tickets.