Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 941169 - <www-client/firefox{-bin,}-{115.16.0,128.3.0,131.0}: multiple vulnerabilities
Summary: <www-client/firefox{-bin,}-{115.16.0,128.3.0,131.0}: multiple vulnerabilities
Status: CONFIRMED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://www.mozilla.org/en-US/securit...
Whiteboard: A3 [glsa]
Keywords:
Depends on: 940714
Blocks: CV, CVE-2024-8900, CVE-2024-9391, CVE-2024-9392, CVE-2024-9395, CVE-2024-9396, CVE-2024-9397, CVE-2024-9399, CVE-2024-9400, CVE-2024-9401, CVE-2024-9402, CVE-2024-9403, E-2024-9398, MFSA2024-46, MFSA2024-47, MFSA2024-48, MFSA2024-49, MFSA2024-50
  Show dependency tree
 
Reported: 2024-10-08 18:42 UTC by Christopher Fore
Modified: 2024-11-11 08:51 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christopher Fore 2024-10-08 18:42:40 UTC 
**No CVEs for solely these Mozilla products**

Please refer to the tracker for the full list of CVEs that affect all Mozilla products.
Comment 1 Larry the Git Cow gentoo-dev 2024-10-09 07:15:56 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0fe7666a61fdb7f93d5d48dff3e36e66d629d28f

commit 0fe7666a61fdb7f93d5d48dff3e36e66d629d28f
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2024-10-09 07:15:20 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2024-10-09 07:15:54 +0000

    www-client/firefox: drop 115.15.0, 128.2.0, 130.0.1
    
    Bug: https://bugs.gentoo.org/941169
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 www-client/firefox/Manifest                |  303 ------
 www-client/firefox/firefox-115.15.0.ebuild | 1393 ----------------------------
 www-client/firefox/firefox-128.2.0.ebuild  | 1368 ---------------------------
 www-client/firefox/firefox-130.0.1.ebuild  | 1370 ---------------------------
 4 files changed, 4434 deletions(-)
Comment 2 Joonas Niilola gentoo-dev 2024-10-09 07:16:09 UTC 
Tree is clean for these versions.
Comment 3 nvaert1986 2024-10-10 09:17:47 UTC 
Not sure if this is the correct place but a critical was fixed in 131.0.2: https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
Comment 4 Joonas Niilola gentoo-dev 2024-10-10 11:57:31 UTC 
(In reply to nvaert1986 from comment #3)
> Not sure if this is the correct place but a critical was fixed in 131.0.2:
> https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/

There's bug 941224 for that.