| Summary: | Firefox 68.10 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | andrewsfarm, fri, joselp, sysadmin-bugs, wrw105 |
| Version: | 7 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | mga7-64-ok | ||
| Source RPM: | nspr, rootcerts, nss, firefox | CVE: | |
| Status comment: | |||
| Bug Depends on: | |||
| Bug Blocks: | 26828, 26891 | ||
|
Description
David Walser
2020-07-02 21:38:28 CEST
David Walser
2020-07-02 21:44:11 CEST
Blocks:
(none) =>
26891 Combined advisory for 68.9 and 68.10. Advisory: ======================== Updated nss and firefox packages fix security vulnerabilities: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys (CVE-2020-12399). Side channel vulnerabilities during RSA key generation in NSS (CVE-2020-12402). When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash due to a use-after-free (CVE-2020-12405). Mozilla developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash due to type confusion with NativeTypes. We presume that with enough effort that it could be exploited to run arbitrary code (CVE-2020-12406). Mozilla developers Tom Tung and Karl Tomlinson reported memory safety bugs present in Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2020-12410). Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript (CVE-2020-12418). When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free in nsGlobalWindowInner. This could have led to memory corruption and a potentially exploitable crash (CVE-2020-12419). When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash (CVE-2020-12420). When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user (CVE-2020-12421). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12402 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12418 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12419 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12420 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12421 https://groups.google.com/forum/#!topic/mozilla.dev.tech.nspr/YDlWqMPNR9Y https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes https://www.mozilla.org/en-US/security/advisories/mfsa2020-21/ https://www.mozilla.org/en-US/security/advisories/mfsa2020-25/ https://www.debian.org/lts/security/2020/dla-2266
David Walser
2020-07-03 00:14:06 CEST
Assignee:
bugsquad =>
qa-bugs Tested mga7-64 General browsing, jetstream, youtube video, all OK. Whiteboard:
(none) =>
mga7-64-ok Tested in Vbox mga7-64 All ok. Why don't we go directly to Firefox ESR 78?? And so we will have all the improvements of Firefox in the ESR version? Greetings. CC:
(none) =>
joselp Because we have to do open heart surgery on the distribution to update to 78. Also it doesn't even build. Installed the US English version on my 64-bit Plasma system, visited several sites, played a Youtube video, opened multiple tabs, visited Facebook, looked at my morning newspaper. All OK. Validating. Best advisory in Comment 2. Let's hope we can push this one before 68.11 comes out. Problem is that TMB used to keep track of pushing the validated updates, and those who have tried to take up the slack haven't yet developed the habit of regular check in. I'm sure it will get better. I was wondering why 26891 hadn't been sent to QA yet, but I see it's still in the "being built" stage. I will be watching for it. Keywords:
(none) =>
validated_update OK 64 bit plasma, nvidia-proprietary, intel i7 Swedish localisation, resumes ~200 tabs from previous version, plays videos from svtplay.se and youtu.be, adobe flash test, three banking sites, surfing for a while... CC:
(none) =>
fri An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0274.html Resolution:
(none) =>
FIXED RedHat has issued an advisory for this on July 6: https://access.redhat.com/errata/RHSA-2020:2827 |