Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 834804 (CVE-2022-0843, CVE-2022-26382, CVE-2022-26385)

Summary: <www-client/firefox{-bin,}-{91.7.0,98.0}: multiple vulnerabilities
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: mozilla
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 834827    
Bug Blocks: 835019    

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-09 01:36:07 UTC 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-11/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-10/

Please bump the release branch to 98, and stable 91.7 when ready.
Comment 1 Joonas Niilola gentoo-dev 2022-03-09 06:59:14 UTC 
Seriously? *sighs*

This is getting ridiculous :)
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-12 22:20:13 UTC 
Thanks, please cleanup!
Comment 3 Larry the Git Cow gentoo-dev 2022-03-23 13:05:07 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=14c687d515fd373731c83d0689739796605fdfea

commit 14c687d515fd373731c83d0689739796605fdfea
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2022-03-23 13:02:00 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2022-03-23 13:05:03 +0000

    www-client/firefox: drop 97.0.2, 98.0, 98.0.1
    
    Bug: https://bugs.gentoo.org/834804
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 www-client/firefox/Manifest              |  296 -------
 www-client/firefox/firefox-97.0.2.ebuild | 1247 -----------------------------
 www-client/firefox/firefox-98.0.1.ebuild | 1248 ------------------------------
 www-client/firefox/firefox-98.0.ebuild   | 1248 ------------------------------
 4 files changed, 4039 deletions(-)
Comment 4 Larry the Git Cow gentoo-dev 2022-08-10 04:18:49 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=28683764d95cb78c056bdf67f3245ad0eb5c6bbe

commit 28683764d95cb78c056bdf67f3245ad0eb5c6bbe
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-10 04:06:48 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-08-10 04:17:28 +0000

    [ GLSA 202208-08 ] Mozilla Firefox: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/834631
    Bug: https://bugs.gentoo.org/834804
    Bug: https://bugs.gentoo.org/836866
    Bug: https://bugs.gentoo.org/842438
    Bug: https://bugs.gentoo.org/846593
    Bug: https://bugs.gentoo.org/849044
    Bug: https://bugs.gentoo.org/857045
    Bug: https://bugs.gentoo.org/861515
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202208-08.xml | 147 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 147 insertions(+)
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-10 04:27:36 UTC 
GLSA released, all done!