643834 – =www-client/firefox-52.6: spectre vulnerability mitigation (future bump/stable req)

Bug 643834 - =www-client/firefox-52.6: spectre vulnerability mitigation (future bump/stable req)

Summary: =www-client/firefox-52.6: spectre vulnerability mitigation (future bump/stabl...

Status:	RESOLVED DUPLICATE of bug 645510

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Stabilization (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2018-01-07 22:44 UTC by pva
Modified:	2018-01-26 18:33 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description pva 2018-01-07 22:44:10 UTC

Firefox 52.6 is scheduled to be released on January 23, 2018. Reporting this bug to track spectre mitigation inclusion progress. 

In accordance with https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

Firefox 52 ESR does not support SharedArrayBuffer and is less at risk; the performance.now() mitigations will be included in the regularly scheduled Firefox 52.6 ESR release on January 23, 2018.

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2018-01-26 18:33:01 UTC

Moved into bug 645510.

*** This bug has been marked as a duplicate of bug 645510 ***