ESR (68.8) advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17 76 advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/ * CVE-2020-12387 Description: "A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash." Affects: 68.7 (ESR), 75 * CVE-2020-6831 Description: "A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash." Affects: 68.7 (ESR), 75 * CVE-2020-12391 Description: "Documents formed using data: URLs in an object element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin." Affects: 75 * CVE-2020-12392 Description: "The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files." Affects: 68.7 (ESR), 75 * CVE-2020-12394 Description: "A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element." Affects: 75 * CVE-2020-12395 Description: "Mozilla developers and community members Alexandru Michis, Jason Kratzer, philipp, Ted Campbell, Bas Schouten, André Bargull, and Karl Tomlinson reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code." Affects: 68.87(ESR), 75 * CVE-2020-12396 Description: "Mozilla developers and community members Frederik Braun, Andrew McCreight, C.M.Chang, and Dan Minor reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code." Affects: 75
@maintainer(s), please advise if ready for stabilisation, or call yourself
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e7a256c5c808b69349c3f7342c65500b8e6febeb commit e7a256c5c808b69349c3f7342c65500b8e6febeb Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-05-06 12:35:22 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-05-06 12:38:41 +0000 www-client/firefox: amd64 & x86 stable Bug: https://bugs.gentoo.org/721090 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> www-client/firefox/firefox-68.8.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
amd64 & x86 stable
arm64 stable. @maintainer(s), please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1dc2a20dc0ee5ae3905b6fbbc6f47383c4a13fb4 commit 1dc2a20dc0ee5ae3905b6fbbc6f47383c4a13fb4 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-05-12 23:39:36 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-05-12 23:39:45 +0000 www-client/firefox-bin: security cleanup Bug: https://bugs.gentoo.org/721090 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> www-client/firefox-bin/Manifest | 186 -------------- www-client/firefox-bin/firefox-bin-68.7.0.ebuild | 280 --------------------- www-client/firefox-bin/firefox-bin-75.0.ebuild | 296 ----------------------- 3 files changed, 762 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=27ffae6590944a4015bfac825bd31ccaa4dbb7a4 commit 27ffae6590944a4015bfac825bd31ccaa4dbb7a4 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-05-12 23:39:01 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-05-12 23:39:44 +0000 www-client/firefox: security cleanup Bug: https://bugs.gentoo.org/721090 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> www-client/firefox/Manifest | 186 ------ www-client/firefox/firefox-68.7.0-r1.ebuild | 920 --------------------------- www-client/firefox/firefox-75.0-r3.ebuild | 934 ---------------------------- 3 files changed, 2040 deletions(-)
This issue was resolved and addressed in GLSA 202005-04 at https://security.gentoo.org/glsa/202005-04 by GLSA coordinator Thomas Deutschmann (whissi).
