Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 905889 (CVE-2023-29537, CVE-2023-29538, CVE-2023-29540, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29549, CVE-2023-29551) - <www-client/firefox{-bin,}-{102.10.0,112.0}: multiple vulnerabilities
Summary: <www-client/firefox{-bin,}-{102.10.0,112.0}: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2023-29537, CVE-2023-29538, CVE-2023-29540, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29549, CVE-2023-29551
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa+]
Keywords:
Depends on:
Blocks: CVE-2023-1945, CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29539, CVE-2023-29541, CVE-2023-29548, CVE-2023-29550
  Show dependency tree
 
Reported: 2023-05-07 18:02 UTC by John Helmert III
Modified: 2023-05-30 03:07 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 sanomiad 2023-05-25 04:40:47 UTC 
Versions 102.10.0 & 112.0 have been patched for awhile now. 

https://packages.gentoo.org/packages/www-client/firefox
https://packages.gentoo.org/packages/www-client/firefox-bin
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-29 04:31:32 UTC 
GLSA request filed
Comment 3 Larry the Git Cow gentoo-dev 2023-05-30 03:05:49 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=c47c1d9a78a0be89569e143d6743048b6744e0fa

commit c47c1d9a78a0be89569e143d6743048b6744e0fa
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2023-05-30 03:02:42 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2023-05-30 03:05:03 +0000

    [ GLSA 202305-35 ] Mozilla Firefox: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/895962
    Bug: https://bugs.gentoo.org/903618
    Bug: https://bugs.gentoo.org/905889
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202305-35.xml | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 115 insertions(+)
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-30 03:07:40 UTC 
GLSA released, all done!