Opened 6 months ago
Closed 6 months ago
#21990 closed enhancement (fixed)
firefox-140.2.0esr (and js)
| Reported by: | zeckma | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 12.4 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New minor version. Release notes are still being worked on, so I don't know if there are any security fixes. Since Firefox hasn't been tagged in BLFS yet, I'm putting this up as 12.4 for now.
Change History (11)
follow-ups: 2 3 comment:1 by , 6 months ago
comment:2 by , 6 months ago
Replying to Bruce Dubbs:
Actually FF is not affected by package freeze. It is an 'end' package because nothing depends on it.
Thanks for letting me know!
comment:3 by , 6 months ago
Replying to Bruce Dubbs:
Actually FF is not affected by package freeze. It is an 'end' package because nothing depends on it.
This I disagree with a little bit. We currently have Firefox tied directly into Spidermonkey, where changing the version for Firefox also means that Spidermonkey gets updated. That means that at least gjs has to get retested it again if it's already tagged.
Something like Thunderbird though is for sure an end package, but Firefox feels like a little bit of a gray area. Still safe to update for now though :)
comment:4 by , 6 months ago
Regarding Spidermonkey: the ln command for ProfilingCategoryList.h is no longer needed, but the sed for XP_UNIX is still needed.
comment:5 by , 6 months ago
| Summary: | firefox-140.2.0esr → firefox-140.2.0esr (and spidermonkey) |
|---|
comment:6 by , 6 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:7 by , 6 months ago
| Priority: | normal → high |
|---|
comment:8 by , 6 months ago
- CVE-2025-9179: Sandbox escape due to invalid pointer in the Audio/Video: GMP component (High). Description: "An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process."
- CVE-2025-9180: Same-origin policy bypass in the Graphics: Canvas2D component (High)
- CVE-2025-9181: Uninitialized memory in the JavaScript Engine component (Moderate)
- CVE-2025-9182: Denial-of-service due to out-of-memory in the Graphics: WebRender component (Low)
- CVE-2025-9183: Spoofing issue in the Address Bar component (Low)
- CVE-2025-9184: Memory safety bugs fixed in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (High). Description: "Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code."
- CVE-2025-9185: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (High). Description: "Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code."
comment:10 by , 6 months ago
| Summary: | firefox-140.2.0esr (and spidermonkey) → firefox-140.2.0esr (and js) |
|---|
comment:11 by , 6 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at c73dc9db5c508eff40fd59300b6ab3f1ea147822
SA-12.3-095 issued for Firefox, and 12.3-097 for SpiderMonkey.
Actually FF is not affected by package freeze. It is an 'end' package because nothing depends on it.