Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 716098 (CVE-2020-6819, CVE-2020-6820, MFSA-2020-11) - <www-client/firefox{-bin}-{68.6.1,74.0.1}: Multiple vulnerabilities (MFSA-2020-11)
Summary: <www-client/firefox{-bin}-{68.6.1,74.0.1}: Multiple vulnerabilities (MFSA-202...
Status: RESOLVED FIXED
Alias: CVE-2020-6819, CVE-2020-6820, MFSA-2020-11
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.mozilla.org/en-US/securit...
Whiteboard: A2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-04 07:12 UTC by Sam James
Modified: 2020-04-05 15:12 UTC (History)
4 users (show)

See Also:
Package list:
www-client/firefox-68.6.1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2020-04-04 07:12:53 UTC
1) CVE-2020-6819

Description:
"Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw."

Bug (restricted): https://bugzilla.mozilla.org/show_bug.cgi?id=1620818

2) CVE-2020-6820

Description:
"Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw."

Bug (restricted): https://bugzilla.mozilla.org/show_bug.cgi?id=1626728

---
Both bugs are fixed in 74.0.1, 68.6.1.
Comment 1 Larry the Git Cow gentoo-dev 2020-04-04 10:53:00 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d43bf3b3a985e4abe8742f909a4b30fbc9de42a2

commit d43bf3b3a985e4abe8742f909a4b30fbc9de42a2
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-04 10:40:31 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-04 10:52:49 +0000

    www-client/firefox: bump to v74.0.1
    
    Bug: https://bugs.gentoo.org/716098
    Package-Manager: Portage-2.3.96, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 www-client/firefox/Manifest              |  92 +++
 www-client/firefox/firefox-74.0.1.ebuild | 927 +++++++++++++++++++++++++++++++
 2 files changed, 1019 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=98af9c50c8ce90657c3f9d6eac4cc6f4891c3019

commit 98af9c50c8ce90657c3f9d6eac4cc6f4891c3019
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-04 10:38:42 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-04 10:52:48 +0000

    www-client/firefox: bump to v68.6.1
    
    Bug: https://bugs.gentoo.org/716098
    Package-Manager: Portage-2.3.96, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 www-client/firefox/Manifest              |  92 ++++
 www-client/firefox/firefox-68.6.1.ebuild | 910 +++++++++++++++++++++++++++++++
 2 files changed, 1002 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c50696d8c31b793d5d8b1555f822f45c16be0c89

commit c50696d8c31b793d5d8b1555f822f45c16be0c89
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-04 10:34:10 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-04 10:52:47 +0000

    www-client/firefox-bin: bump to v74.0.1
    
    Bug: https://bugs.gentoo.org/716098
    Package-Manager: Portage-2.3.96, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 www-client/firefox-bin/Manifest                  |  93 +++++++
 www-client/firefox-bin/firefox-bin-74.0.1.ebuild | 296 +++++++++++++++++++++++
 2 files changed, 389 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2936f91bc9851cfebcb4c0847c9566f482091d3e

commit 2936f91bc9851cfebcb4c0847c9566f482091d3e
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-04 10:30:58 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-04 10:52:47 +0000

    www-client/firefox-bin: bump to v68.6.1
    
    Bug: https://bugs.gentoo.org/716098
    Package-Manager: Portage-2.3.96, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 www-client/firefox-bin/Manifest                  |  93 ++++++++
 www-client/firefox-bin/firefox-bin-68.6.1.ebuild | 280 +++++++++++++++++++++++
 2 files changed, 373 insertions(+)
Comment 2 Thomas Deutschmann gentoo-dev Security 2020-04-04 10:55:35 UTC
New GLSA request filed.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2020-04-04 11:06:13 UTC
This issue was resolved and addressed in
 GLSA 202004-07 at https://security.gentoo.org/glsa/202004-07
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 4 Thomas Deutschmann gentoo-dev Security 2020-04-04 11:06:56 UTC
Re-opening for remaining architectures.
Comment 5 Larry the Git Cow gentoo-dev 2020-04-04 11:50:00 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1da500bdb0fe6106b421c697e79a33ca49a6dbc

commit e1da500bdb0fe6106b421c697e79a33ca49a6dbc
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-04 11:49:40 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-04 11:49:52 +0000

    www-client/firefox: amd64 & x86 stable (bug #716098)
    
    Bug: https://bugs.gentoo.org/716098
    Package-Manager: Portage-2.3.96, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 www-client/firefox/firefox-68.6.1.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 6 Thomas Deutschmann gentoo-dev Security 2020-04-04 11:50:42 UTC
amd64 & x86 stable
Comment 7 Mart Raudsepp gentoo-dev 2020-04-05 09:35:43 UTC
arm64 stable
Comment 8 Larry the Git Cow gentoo-dev 2020-04-05 15:12:22 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9c2dce974f4448159a4c69c2a74436f83b54598b

commit 9c2dce974f4448159a4c69c2a74436f83b54598b
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-05 15:12:08 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-05 15:12:08 +0000

    www-client/firefox-bin: security cleanup
    
    Bug: https://bugs.gentoo.org/716098
    Package-Manager: Portage-2.3.96, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 www-client/firefox-bin/Manifest                    | 186 -------------
 .../firefox-bin/firefox-bin-68.6.0-r2.ebuild       | 280 -------------------
 www-client/firefox-bin/firefox-bin-74.0-r2.ebuild  | 296 ---------------------
 3 files changed, 762 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=29810e5eedcee66c46e8fa28d3a733e74e37e573

commit 29810e5eedcee66c46e8fa28d3a733e74e37e573
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-04-05 15:11:28 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-04-05 15:11:28 +0000

    www-client/firefox: security cleanup
    
    Bug: https://bugs.gentoo.org/716098
    Package-Manager: Portage-2.3.96, Repoman-2.3.22
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 www-client/firefox/Manifest                 | 185 ------
 www-client/firefox/firefox-68.6.0-r4.ebuild | 910 ---------------------------
 www-client/firefox/firefox-74.0-r3.ebuild   | 927 ----------------------------
 3 files changed, 2022 deletions(-)
Comment 9 Thomas Deutschmann gentoo-dev Security 2020-04-05 15:12:52 UTC
All done, repository is clean!