Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 821385 (MOZ-2021-0004, MOZ-2021-0005, MOZ-2021-0006) - <www-client/firefox{-bin,}-{91.3.0,94}: multiple vulnerabilities
Summary: <www-client/firefox{-bin,}-{91.3.0,94}: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: MOZ-2021-0004, MOZ-2021-0005, MOZ-2021-0006
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa]
Keywords:
Depends on: 821679
Blocks: CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, CVE-2021-38509, MOZ-2021-0007, MOZ-2021-0008
  Show dependency tree
 
Reported: 2021-11-02 23:21 UTC by John Helmert III
Modified: 2022-02-21 23:05 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-11-02 23:21:23 UTC
See tracker for details. Currently waiting on ESR bump
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-11-03 15:19:44 UTC
Please remember to tag security bugs when bumping!

Please stabilize 91.3.0.
Comment 2 Larry the Git Cow gentoo-dev 2021-11-04 08:41:17 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=28cc0d41f016e412b5e9410e6c8b7f0e04a83a0b

commit 28cc0d41f016e412b5e9410e6c8b7f0e04a83a0b
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2021-11-04 08:39:50 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2021-11-04 08:39:50 +0000

    www-client/firefox: stabilize 91.3.0 for amd64
    
    Bug: https://bugs.gentoo.org/821385
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 www-client/firefox/firefox-91.3.0.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=54e673915f1e51b62414f329b9d970eb546ed1a9

commit 54e673915f1e51b62414f329b9d970eb546ed1a9
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2021-11-04 08:39:23 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2021-11-04 08:39:23 +0000

    dev-libs/nss: stabilize 3.70 for amd64
    
    Bug: https://bugs.gentoo.org/821385
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 dev-libs/nss/nss-3.70.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9b97b64b6c8628a3d692b1d7b11c4379f9d066a

commit d9b97b64b6c8628a3d692b1d7b11c4379f9d066a
Author:     Joonas Niilola <juippis@gentoo.org>
AuthorDate: 2021-11-04 08:38:51 +0000
Commit:     Joonas Niilola <juippis@gentoo.org>
CommitDate: 2021-11-04 08:38:51 +0000

    dev-libs/nspr: stabilize 4.32 for amd64
    
    Bug: https://bugs.gentoo.org/821385
    Signed-off-by: Joonas Niilola <juippis@gentoo.org>

 dev-libs/nspr/nspr-4.32.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-12-14 10:37:43 UTC
Please cleanup, thanks.
Comment 4 Joonas Niilola gentoo-dev 2021-12-14 13:15:19 UTC
Done.
Comment 5 Larry the Git Cow gentoo-dev 2022-02-21 23:03:20 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=57effa1a78ecfa61900fdedbc9401d0948141e99

commit 57effa1a78ecfa61900fdedbc9401d0948141e99
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2022-02-21 22:59:29 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-02-21 22:59:29 +0000

    [ GLSA 202202-03 ] Mozilla Firefox: Multiple vulnerabilities
    
    Bug: https://bugs.gentoo.org/802768
    Bug: https://bugs.gentoo.org/807947
    Bug: https://bugs.gentoo.org/813498
    Bug: https://bugs.gentoo.org/821385
    Bug: https://bugs.gentoo.org/828538
    Bug: https://bugs.gentoo.org/831039
    Bug: https://bugs.gentoo.org/832992
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202202-03.xml | 141 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 141 insertions(+)
Comment 6 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-02-21 23:05:39 UTC
GLSA released, all done!