CVE-2025-0247: Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Please refer to the tracker for the full list of CVEs that affect all Mozilla products.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=cb42a7ed090c84fc9d7a1f98f0115e73a73b6da6 commit cb42a7ed090c84fc9d7a1f98f0115e73a73b6da6 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2025-01-23 07:24:25 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2025-01-23 07:24:37 +0000 [ GLSA 202501-10 ] Mozilla Firefox: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/942469 Bug: https://bugs.gentoo.org/945050 Bug: https://bugs.gentoo.org/948113 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202501-10.xml | 104 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=65ab3bbd4ca0a76102c910c2990713236e83fc77 commit 65ab3bbd4ca0a76102c910c2990713236e83fc77 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2025-02-08 07:57:44 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2025-02-08 07:57:44 +0000 www-client/firefox: drop versions Bug: https://bugs.gentoo.org/948113 Signed-off-by: Joonas Niilola <juippis@gentoo.org> www-client/firefox/Manifest | 712 --------------- www-client/firefox/firefox-128.5.0.ebuild | 1369 ---------------------------- www-client/firefox/firefox-128.5.1.ebuild | 1369 ---------------------------- www-client/firefox/firefox-128.6.0.ebuild | 1376 ----------------------------- www-client/firefox/firefox-133.0.3.ebuild | 1371 ---------------------------- www-client/firefox/firefox-134.0.1.ebuild | 1371 ---------------------------- www-client/firefox/firefox-134.0.2.ebuild | 1371 ---------------------------- www-client/firefox/firefox-134.0.ebuild | 1371 ---------------------------- 8 files changed, 10310 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4ee393eec2531931b7437f95d4b80c07ffd22327 commit 4ee393eec2531931b7437f95d4b80c07ffd22327 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2025-02-08 07:57:11 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2025-02-08 07:57:11 +0000 www-client/firefox-bin: drop versions Bug: https://bugs.gentoo.org/948113 Signed-off-by: Joonas Niilola <juippis@gentoo.org> www-client/firefox-bin/Manifest | 594 ---------------------- www-client/firefox-bin/firefox-bin-128.5.2.ebuild | 364 ------------- www-client/firefox-bin/firefox-bin-128.6.0.ebuild | 364 ------------- www-client/firefox-bin/firefox-bin-133.0.3.ebuild | 364 ------------- www-client/firefox-bin/firefox-bin-134.0.1.ebuild | 364 ------------- www-client/firefox-bin/firefox-bin-134.0.2.ebuild | 364 ------------- www-client/firefox-bin/firefox-bin-134.0.ebuild | 364 ------------- 7 files changed, 2778 deletions(-)
