834804 – (CVE-2022-0843, CVE-2022-26382, CVE-2022-26385) <www-client/firefox{-bin,}-{91.7.0,98.0}: multiple vulnerabilities

Bug 834804 (CVE-2022-0843, CVE-2022-26382, CVE-2022-26385) - <www-client/firefox{-bin,}-{91.7.0,98.0}: multiple vulnerabilities

Summary: <www-client/firefox{-bin,}-{91.7.0,98.0}: multiple vulnerabilities

Status:	RESOLVED FIXED

Alias:	CVE-2022-0843, CVE-2022-26382, CVE-2022-26385

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:
Whiteboard:	B2 [glsa+]
Keywords:

Depends on:	834827
Blocks:	CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26386, CVE-2022-26387
	Show dependency tree

Reported:	2022-03-09 01:36 UTC by John Helmert III
Modified:	2022-08-10 04:27 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2022-03-09 01:36:07 UTC

https://www.mozilla.org/en-US/security/advisories/mfsa2022-11/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-10/

Please bump the release branch to 98, and stable 91.7 when ready.

Comment 1 Joonas Niilola gentoo-dev

2022-03-09 06:59:14 UTC

Seriously? *sighs*

This is getting ridiculous :)

Comment 2 John Helmert III archtester

2022-03-12 22:20:13 UTC

Thanks, please cleanup!

Comment 3 Larry the Git Cow gentoo-dev

2022-03-23 13:05:07 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=14c687d515fd373731c83d0689739796605fdfea

commit 14c687d515fd373731c83d0689739796605fdfea
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2022-03-23 13:02:00 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2022-03-23 13:05:03 +0000

    www-client/firefox: drop 97.0.2, 98.0, 98.0.1
    
    Bug: https://bugs.gentoo.org/834804
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 www-client/firefox/Manifest              |  296 -------
 www-client/firefox/firefox-97.0.2.ebuild | 1247 -----------------------------
 www-client/firefox/firefox-98.0.1.ebuild | 1248 ------------------------------
 www-client/firefox/firefox-98.0.ebuild   | 1248 ------------------------------
 4 files changed, 4039 deletions(-)

Comment 4 Larry the Git Cow gentoo-dev

2022-08-10 04:18:49 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=28683764d95cb78c056bdf67f3245ad0eb5c6bbe

commit 28683764d95cb78c056bdf67f3245ad0eb5c6bbe
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-08-10 04:06:48 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-08-10 04:17:28 +0000

    [ GLSA 202208-08 ] Mozilla Firefox: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/834631
    Bug: https://bugs.gentoo.org/834804
    Bug: https://bugs.gentoo.org/836866
    Bug: https://bugs.gentoo.org/842438
    Bug: https://bugs.gentoo.org/846593
    Bug: https://bugs.gentoo.org/849044
    Bug: https://bugs.gentoo.org/857045
    Bug: https://bugs.gentoo.org/861515
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202208-08.xml | 147 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 147 insertions(+)

Comment 5 John Helmert III archtester

2022-08-10 04:27:36 UTC

GLSA released, all done!