659432 – (CVE-2018-12358, CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12367, CVE-2018-12368, CVE-2018-12369, CVE-2018-12370, CVE-2018-12371, CVE-2018-5156, CVE-2018-5186, CVE-2018-5187, CVE-2018-5188) <www-client/firefox{,-bin}-60.1.0: multiple vulnerabilities (MFSA-2018-{15,16,17})

Bug 659432 (CVE-2018-12358, CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12367, CVE-2018-12368, CVE-2018-12369, CVE-2018-12370, CVE-2018-12371, CVE-2018-5156, CVE-2018-5186, CVE-2018-5187, CVE-2018-5188) - <www-client/firefox{,-bin}-60.1.0: multiple vulnerabilities (MFSA-2018-{15,16,17})

Summary: <www-client/firefox{,-bin}-60.1.0: multiple vulnerabilities (MFSA-2018-{15,16...

Status:	RESOLVED FIXED

Alias:	CVE-2018-12358, CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12367, CVE-2018-12368, CVE-2018-12369, CVE-2018-12370, CVE-2018-12371, CVE-2018-5156, CVE-2018-5186, CVE-2018-5187, CVE-2018-5188

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All All

Importance:	Normal normal
Assignee:	Gentoo Security

URL:	https://www.mozilla.org/en-US/securit...
Whiteboard:	B2 [glsa+ cve]
Keywords:

Depends on:
Blocks:

Reported:	2018-06-27 20:21 UTC by Vlad K.
Modified:	2018-10-02 22:25 UTC (History)
CC List:	5 users (show)

See Also:
Package list:	www-client/firefox-60.1.0 www-client/firefox-52.9.0 dev-libs/nspr-4.19 dev-libs/nss-3.37.3
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vlad K. 2018-06-27 20:21:22 UTC

Multiple vulnerabilities have been found and fixed in Firefox, versions 60.1.0
(ESR) and 61.0.


Security vulnerabilities fixed in Firefox ESR 60.1
==================================================

https://www.mozilla.org/en-US/security/advisories/mfsa2018-16/


* CVE-2018-5187

    Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
    Impact: critical


* CVE-2018-5188

    Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR
    52.9
    Impact: critical


* CVE-2018-12359

    Buffer overflow using computed size of canvas element
    Impact: critical


* CVE-2018-12360

    Use-after-free when using focus()
    Impact: critical


* CVE-2018-12361

    Integer overflow in SwizzleData
    Impact: critical


* CVE-2018-12362

    Integer overflow in SSSE3 scaler
    Impact: high


* CVE-2018-5156

    Media recorder segmentation fault when track type is changed during
    capture
    Impact: high


* CVE-2018-12363

    Use-after-free when appending DOM nodes
    Impact: high


* CVE-2018-12364

    CSRF attacks through 307 redirects and NPAPI plugins
    Impact: high


* CVE-2018-12365

    Compromised IPC child process can list local filenames
    Impact: moderate


* CVE-2018-12371

    Integer overflow in Skia library during edge builder allocation
    Impact: moderate


* CVE-2018-12366

    Invalid data handling during QCMS transformations
    Impact: moderate


* CVE-2018-12367

    Timing attack mitigation of PerformanceNavigationTiming
    Impact: moderate


* CVE-2018-12368

    No warning when opening executable SettingContent-ms files
    Impact: moderate


* CVE-2018-12369

    WebExtension security permission checks bypassed by embedded experiments
    Impact: moderate


Security vulnerabilities fixed in Firefox 61
============================================

https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/

(listing only vulnerabilities not already mentioned above)


* CVE-2018-5186

    Memory safety bugs fixed in Firefox 61
    Impact: critical


* CVE-2018-12358

    Same-origin bypass using service worker and redirection
    Impact: high


* CVE-2018-12370

    SameSite cookie protections bypassed when exiting Reader View
    Impact: low 


--

Gentoo Security Scout
Vladimir Krstulja

Comment 1 Vlad K. 2018-06-27 20:54:45 UTC

Vulnerabilities specific to 52 ESR (Fixed in 52.9)
==================================================

https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/

* CVE-2018-12359
* CVE-2018-12360
* CVE-2018-12362
* CVE-2018-12363
* CVE-2018-12364
* CVE-2018-12365
* CVE-2018-12366
* CVE-2018-12368
* CVE-2018-5156
* CVE-2018-5188

Comment 2 Jory A. Pratt gentoo-dev

2018-06-28 15:51:15 UTC

firefox-60.1.0 can be marked stable, Whissi are you okay with -bin same version being marked stable?

Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev

2018-06-28 16:09:44 UTC

(In reply to Jory A. Pratt from comment #2)
> firefox-60.1.0 can be marked stable, Whissi are you okay with -bin same
> version being marked stable?

Yes, -bin is already done.

Comment 4 devsk 2018-06-28 22:41:28 UTC

firefox-60.1 is failing to apply this patch:

/var/tmp/portage/www-client/firefox-60.1.0/work/firefox/2005_ffmpeg4.patch

Is there a bug tracking this?

Comment 5 Jory A. Pratt gentoo-dev

2018-06-29 00:49:12 UTC

(In reply to devsk from comment #4)
> firefox-60.1 is failing to apply this patch:
> 
> /var/tmp/portage/www-client/firefox-60.1.0/work/firefox/2005_ffmpeg4.patch
> 
> Is there a bug tracking this?

Your tree is out of date, I have already addressed the issue.

Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev

2018-09-08 13:46:13 UTC

Superseded by bug 665496.

Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev

2018-10-02 09:04:41 UTC

Added to an existing GLSA request.

Comment 8 GLSAMaker/CVETool Bot gentoo-dev

2018-10-02 22:25:31 UTC

This issue was resolved and addressed in
 GLSA 201810-01 at https://security.gentoo.org/glsa/201810-01
by GLSA coordinator Thomas Deutschmann (whissi).