831039 – <www-client/firefox{-bin,}-{91.5.0, 96.0}: multiple vulnerabilities

Bug 831039 - <www-client/firefox{-bin,}-{91.5.0, 96.0}: multiple vulnerabilities

Summary: <www-client/firefox{-bin,}-{91.5.0, 96.0}: multiple vulnerabilities

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal major
Assignee:	Gentoo Security

URL:
Whiteboard:	A2 [glsa]
Keywords:

Depends on:	831060
Blocks:	CVE-2021-43540 CVE-2021-4140, CVE-2022-22737, CVE-2022-22738, CVE-2022-22739, CVE-2022-22740, CVE-2022-22741, CVE-2022-22742, CVE-2022-22743, CVE-2022-22745, CVE-2022-22747, CVE-2022-22748, CVE-2022-22751
	Show dependency tree

Reported:	2022-01-11 21:33 UTC by John Helmert III
Modified:	2022-02-21 23:05 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2022-01-11 21:33:29 UTC

See tracker for details. Please bump www-client/firefox-bin and stabilize firefox-91.5.0 if ready.

Comment 1 Sam James archtester

2022-01-13 08:26:17 UTC

Please cleanup, thanks!

Comment 2 Larry the Git Cow gentoo-dev

2022-01-13 08:31:20 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=88a6ed5cebe4b6046db6155b4bd24207a3a60ae9

commit 88a6ed5cebe4b6046db6155b4bd24207a3a60ae9
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2022-01-13 08:30:26 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2022-01-13 08:30:26 +0000

    www-client/firefox-bin: drop 91.4.0, 95.0.1 (security cleanup)
    
    Bug: https://bugs.gentoo.org/831039
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 www-client/firefox-bin/Manifest                  | 194 ------------
 www-client/firefox-bin/firefox-bin-91.4.0.ebuild | 387 -----------------------
 www-client/firefox-bin/firefox-bin-95.0.1.ebuild | 387 -----------------------
 3 files changed, 968 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d3fb561f29670ce5e49ea9a55220dba1ae67e62a

commit d3fb561f29670ce5e49ea9a55220dba1ae67e62a
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2022-01-13 08:29:44 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2022-01-13 08:29:44 +0000

    www-client/firefox: drop 91.4.0-r1, 95.0.1-r1 (security cleanup)
    
    Bug: https://bugs.gentoo.org/831039
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 www-client/firefox/Manifest                 |  198 -----
 www-client/firefox/firefox-91.4.0-r1.ebuild | 1235 --------------------------
 www-client/firefox/firefox-95.0.1-r1.ebuild | 1240 ---------------------------
 3 files changed, 2673 deletions(-)

Comment 3 Larry the Git Cow gentoo-dev

2022-02-21 23:03:15 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=57effa1a78ecfa61900fdedbc9401d0948141e99

commit 57effa1a78ecfa61900fdedbc9401d0948141e99
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2022-02-21 22:59:29 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-02-21 22:59:29 +0000

    [ GLSA 202202-03 ] Mozilla Firefox: Multiple vulnerabilities
    
    Bug: https://bugs.gentoo.org/802768
    Bug: https://bugs.gentoo.org/807947
    Bug: https://bugs.gentoo.org/813498
    Bug: https://bugs.gentoo.org/821385
    Bug: https://bugs.gentoo.org/828538
    Bug: https://bugs.gentoo.org/831039
    Bug: https://bugs.gentoo.org/832992
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202202-03.xml | 141 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 141 insertions(+)

Comment 4 John Helmert III archtester

2022-02-21 23:05:37 UTC

GLSA released, all done!