Bug 30765

Summary: Firefox 91.13
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: andrewsfarm, davidwhodgins, fri, sysadmin-bugs, thierry.vignaud
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: nspr, nss, firefox CVE:
Status comment:
Bug Depends on:    
Bug Blocks: 30766    

Description David Walser 2022-08-23 17:45:07 CEST 
Mozilla has released Firefox 91.13.0 today (August 23):
https://www.mozilla.org/en-US/firefox/91.13.0/releasenotes/

Security issues fixed:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-35/

There are also nspr and nss updates:
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/oOKOnyGPMQQ
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/uceBXfAG1pM
https://firefox-source-docs.mozilla.org/security/nss/releases/index.html
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_82.html

Package list should be as follows.

Updated packages in core/updates_testing:
========================================
libnspr4-4.34.1-1.mga8
libnspr-devel-4.34.1-1.mga8
nss-3.82.0-1.mga8
nss-doc-3.82.0-1.mga8
libnss3-3.82.0-1.mga8
libnss-devel-3.82.0-1.mga8
libnss-static-devel-3.82.0-1.mga8
firefox-91.13.0-1.mga8
firefox-ru-91.13.0-1.mga8
firefox-uk-91.13.0-1.mga8
firefox-be-91.13.0-1.mga8
firefox-el-91.13.0-1.mga8
firefox-kk-91.13.0-1.mga8
firefox-th-91.13.0-1.mga8
firefox-pa_IN-91.13.0-1.mga8
firefox-ka-91.13.0-1.mga8
firefox-ja-91.13.0-1.mga8
firefox-bg-91.13.0-1.mga8
firefox-sr-91.13.0-1.mga8
firefox-hy_AM-91.13.0-1.mga8
firefox-ko-91.13.0-1.mga8
firefox-zh_TW-91.13.0-1.mga8
firefox-vi-91.13.0-1.mga8
firefox-zh_CN-91.13.0-1.mga8
firefox-hu-91.13.0-1.mga8
firefox-bn-91.13.0-1.mga8
firefox-hi_IN-91.13.0-1.mga8
firefox-ar-91.13.0-1.mga8
firefox-sk-91.13.0-1.mga8
firefox-cs-91.13.0-1.mga8
firefox-ur-91.13.0-1.mga8
firefox-hsb-91.13.0-1.mga8
firefox-lt-91.13.0-1.mga8
firefox-te-91.13.0-1.mga8
firefox-fr-91.13.0-1.mga8
firefox-he-91.13.0-1.mga8
firefox-pl-91.13.0-1.mga8
firefox-sq-91.13.0-1.mga8
firefox-fa-91.13.0-1.mga8
firefox-de-91.13.0-1.mga8
firefox-oc-91.13.0-1.mga8
firefox-tr-91.13.0-1.mga8
firefox-kab-91.13.0-1.mga8
firefox-es_MX-91.13.0-1.mga8
firefox-es_AR-91.13.0-1.mga8
firefox-es_CL-91.13.0-1.mga8
firefox-pt_PT-91.13.0-1.mga8
firefox-fy_NL-91.13.0-1.mga8
firefox-pt_BR-91.13.0-1.mga8
firefox-gl-91.13.0-1.mga8
firefox-cy-91.13.0-1.mga8
firefox-sv_SE-91.13.0-1.mga8
firefox-gd-91.13.0-1.mga8
firefox-km-91.13.0-1.mga8
firefox-ro-91.13.0-1.mga8
firefox-mr-91.13.0-1.mga8
firefox-gu_IN-91.13.0-1.mga8
firefox-hr-91.13.0-1.mga8
firefox-sl-91.13.0-1.mga8
firefox-nl-91.13.0-1.mga8
firefox-es_ES-91.13.0-1.mga8
firefox-eo-91.13.0-1.mga8
firefox-ca-91.13.0-1.mga8
firefox-da-91.13.0-1.mga8
firefox-fi-91.13.0-1.mga8
firefox-eu-91.13.0-1.mga8
firefox-ia-91.13.0-1.mga8
firefox-nn_NO-91.13.0-1.mga8
firefox-nb_NO-91.13.0-1.mga8
firefox-br-91.13.0-1.mga8
firefox-id-91.13.0-1.mga8
firefox-tl-91.13.0-1.mga8
firefox-my-91.13.0-1.mga8
firefox-ta-91.13.0-1.mga8
firefox-en_GB-91.13.0-1.mga8
firefox-szl-91.13.0-1.mga8
firefox-en_CA-91.13.0-1.mga8
firefox-an-91.13.0-1.mga8
firefox-ast-91.13.0-1.mga8
firefox-kn-91.13.0-1.mga8
firefox-az-91.13.0-1.mga8
firefox-si-91.13.0-1.mga8
firefox-en_US-91.13.0-1.mga8
firefox-et-91.13.0-1.mga8
firefox-ff-91.13.0-1.mga8
firefox-lij-91.13.0-1.mga8
firefox-uz-91.13.0-1.mga8
firefox-is-91.13.0-1.mga8nss-3.82.0-1.mga8
nss-doc-3.82.0-1.mga8
libnss3-3.82.0-1.mga8
libnss-devel-3.82.0-1.mga8
libnss-static-devel-3.82.0-1.mga8
firefox-91.13.0-1.mga8
firefox-ru-91.13.0-1.mga8
firefox-uk-91.13.0-1.mga8
firefox-be-91.13.0-1.mga8
firefox-el-91.13.0-1.mga8
firefox-kk-91.13.0-1.mga8
firefox-th-91.13.0-1.mga8
firefox-pa_IN-91.13.0-1.mga8
firefox-ka-91.13.0-1.mga8
firefox-ja-91.13.0-1.mga8
firefox-bg-91.13.0-1.mga8
firefox-sr-91.13.0-1.mga8
firefox-hy_AM-91.13.0-1.mga8
firefox-ko-91.13.0-1.mga8
firefox-zh_TW-91.13.0-1.mga8
firefox-vi-91.13.0-1.mga8
firefox-zh_CN-91.13.0-1.mga8
firefox-hu-91.13.0-1.mga8
firefox-bn-91.13.0-1.mga8
firefox-hi_IN-91.13.0-1.mga8
firefox-ar-91.13.0-1.mga8
firefox-sk-91.13.0-1.mga8
firefox-cs-91.13.0-1.mga8
firefox-ur-91.13.0-1.mga8
firefox-hsb-91.13.0-1.mga8
firefox-lt-91.13.0-1.mga8
firefox-te-91.13.0-1.mga8
firefox-fr-91.13.0-1.mga8
firefox-he-91.13.0-1.mga8
firefox-pl-91.13.0-1.mga8
firefox-sq-91.13.0-1.mga8
firefox-fa-91.13.0-1.mga8
firefox-de-91.13.0-1.mga8
firefox-oc-91.13.0-1.mga8
firefox-tr-91.13.0-1.mga8
firefox-kab-91.13.0-1.mga8
firefox-es_MX-91.13.0-1.mga8
firefox-es_AR-91.13.0-1.mga8
firefox-es_CL-91.13.0-1.mga8
firefox-pt_PT-91.13.0-1.mga8
firefox-fy_NL-91.13.0-1.mga8
firefox-pt_BR-91.13.0-1.mga8
firefox-gl-91.13.0-1.mga8
firefox-cy-91.13.0-1.mga8
firefox-sv_SE-91.13.0-1.mga8
firefox-gd-91.13.0-1.mga8
firefox-km-91.13.0-1.mga8
firefox-ro-91.13.0-1.mga8
firefox-mr-91.13.0-1.mga8
firefox-gu_IN-91.13.0-1.mga8
firefox-hr-91.13.0-1.mga8
firefox-sl-91.13.0-1.mga8
firefox-nl-91.13.0-1.mga8
firefox-es_ES-91.13.0-1.mga8
firefox-eo-91.13.0-1.mga8
firefox-ca-91.13.0-1.mga8
firefox-da-91.13.0-1.mga8
firefox-fi-91.13.0-1.mga8
firefox-eu-91.13.0-1.mga8
firefox-ia-91.13.0-1.mga8
firefox-nn_NO-91.13.0-1.mga8
firefox-nb_NO-91.13.0-1.mga8
firefox-br-91.13.0-1.mga8
firefox-id-91.13.0-1.mga8
firefox-tl-91.13.0-1.mga8
firefox-my-91.13.0-1.mga8
firefox-ta-91.13.0-1.mga8
firefox-en_GB-91.13.0-1.mga8
firefox-szl-91.13.0-1.mga8
firefox-en_CA-91.13.0-1.mga8
firefox-an-91.13.0-1.mga8
firefox-ast-91.13.0-1.mga8
firefox-kn-91.13.0-1.mga8
firefox-az-91.13.0-1.mga8
firefox-si-91.13.0-1.mga8
firefox-en_US-91.13.0-1.mga8
firefox-et-91.13.0-1.mga8
firefox-ff-91.13.0-1.mga8
firefox-lij-91.13.0-1.mga8
firefox-uz-91.13.0-1.mga8
firefox-is-91.13.0-1.mga8
firefox-mk-91.13.0-1.mga8
firefox-lv-91.13.0-1.mga8
firefox-bs-91.13.0-1.mga8
firefox-ga_IE-91.13.0-1.mga8
firefox-it-91.13.0-1.mga8
firefox-ms-91.13.0-1.mga8
firefox-xh-91.13.0-1.mga8
firefox-af-91.13.0-1.mga8

from SRPMS:
nspr-4.34.1-1.mga8.src.rpm
nss-3.82.0-1.mga8.src.rpm
firefox-91.13.0-1.mga8.src.rpm
firefox-l10n-91.13.0-1.mga8.src.rpm
Comment 1 David Walser 2022-08-23 17:47:24 CEST 
Advisory:
========================

Updated firefox packages fix security vulnerabilities:

An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin (CVE-2022-38472).

A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access) (CVE-2022-38473).

Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2022-38478).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38473
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38478
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/oOKOnyGPMQQ
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/uceBXfAG1pM
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_82.html
https://www.mozilla.org/en-US/security/advisories/mfsa2022-35/
David Walser 2022-08-23 18:05:32 CEST

Blocks: (none) => 30766

Comment 2 David Walser 2022-08-23 18:09:52 CEST 
After this update eventually gets pushed, we'll need to do an internal build of 102.2 (not for release) to start the process of moving to the 102 branch, so we can have 102.3 ready to go shortly after its release.  Moving Cauldron to 102.x took a *lot* of commits by Thierry, so I'll need him to help out with that.

Blocks: 30766 => (none)

David Walser 2022-08-23 18:10:03 CEST

Blocks: (none) => 30766

Comment 3 David Walser 2022-08-23 20:16:40 CEST 
Packages are building and should be available in a few hours.

Thierry, see Comment 2 (also please update 102.x in Cauldron).

CC: (none) => thierry.vignaud
Assignee: luigiwalser => qa-bugs

Comment 4 Thomas Andrews 2022-08-23 23:36:13 CEST 
Is there a reason why most, if not all packages in Comment 0 are listed twice? Also, the line just before the second nss-doc has two package names that are run together.

It was that way for the last Firefox update, as well.

CC: (none) => andrewsfarm

Comment 5 David Walser 2022-08-24 00:17:50 CEST 
Haha, copy paste error.
Comment 6 David Walser 2022-08-24 21:28:36 CEST 
RedHat has issued an advisory for this today (August 24):
https://access.redhat.com/errata/RHSA-2022:6174
Comment 7 Dave Hodgins 2022-08-24 22:32:33 CEST 
No regressions in my usage. Waiting for a non English user to test before validating.

CC: (none) => davidwhodgins

Comment 8 Dave Hodgins 2022-08-24 23:46:31 CEST 
Tested with "LANG=fr.UTF-8 firefox". Menus are in French. Validating.
Advisory committed to svn.

Keywords: (none) => advisory, validated_update
Whiteboard: (none) => MGA8-64-OK
CC: (none) => sysadmin-bugs

Comment 9 Morgan Leijström 2022-08-25 10:01:11 CEST 
mga8-64 OK for me
Plasma, nvidia-current, swedish locale
settings and tabs preserved
video, banking, shops

CC: (none) => fri

Comment 10 Mageia Robot 2022-08-25 23:23:24 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0309.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED