Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 935552 - <dev-lang/spidermonkey-115.12.0: Multiple vulnerabilities
Summary: <dev-lang/spidermonkey-115.12.0: Multiple vulnerabilities
Status: CONFIRMED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard: A3 [glsa+ cleanup]
Keywords:
Depends on:
Blocks: CVE-2024-5693, CVE-2024-5696, CVE-2024-5700, MFSA-2024-25, MFSA-2024-26, MFSA-2024-28
  Show dependency tree
 
Reported: 2024-07-05 13:44 UTC by Christopher Fore
Modified: 2024-12-08 08:38 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christopher Fore 2024-07-05 13:44:08 UTC
https://www.mozilla.org/en-US/security/advisories/mfsa2024-26/


CVE-2024-5702:

Memory corruption in the networking stack could have led to a potentially exploitable crash.


Please refer to the tracker for the CVEs that affect all Mozilla products.
Comment 1 Larry the Git Cow gentoo-dev 2024-12-08 08:38:04 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=1d924bf2ce696d3bced1206436edce45727db8d9

commit 1d924bf2ce696d3bced1206436edce45727db8d9
Author:     Hans de Graaff <graaff@gentoo.org>
AuthorDate: 2024-12-08 08:37:14 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-12-08 08:37:14 +0000

    [ GLSA 202412-13 ] Spidermonkey: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/935552
    Bug: https://bugs.gentoo.org/936217
    Bug: https://bugs.gentoo.org/937469
    Bug: https://bugs.gentoo.org/941176
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202412-13.xml | 88 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 88 insertions(+)