Mozilla has released Firefox 78.13.0 today (August 9): https://www.mozilla.org/en-US/firefox/78.13.0/releasenotes/ The release notes for 78.13.0 are not available yet as of this posting. NSS 3.69 is also out: https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/PsqVK-ngKHM https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.69_release_notes Update in progress. Package list should be as follows. Updated packages in core/updates_testing: ======================================== nss-3.69.0-1.mga8 nss-doc-3.69.0-1.mga8 libnss3-3.69.0-1.mga8 libnss-devel-3.69.0-1.mga8 libnss-static-devel-3.69.0-1.mga8 firefox-78.13.0-1.mga8 firefox-devel-78.13.0-1.mga8 firefox-af-78.13.0-1.mga8 firefox-an-78.13.0-1.mga8 firefox-ar-78.13.0-1.mga8 firefox-ast-78.13.0-1.mga8 firefox-az-78.13.0-1.mga8 firefox-be-78.13.0-1.mga8 firefox-bg-78.13.0-1.mga8 firefox-bn-78.13.0-1.mga8 firefox-br-78.13.0-1.mga8 firefox-bs-78.13.0-1.mga8 firefox-ca-78.13.0-1.mga8 firefox-cs-78.13.0-1.mga8 firefox-cy-78.13.0-1.mga8 firefox-da-78.13.0-1.mga8 firefox-de-78.13.0-1.mga8 firefox-el-78.13.0-1.mga8 firefox-en_CA-78.13.0-1.mga8 firefox-en_GB-78.13.0-1.mga8 firefox-en_US-78.13.0-1.mga8 firefox-eo-78.13.0-1.mga8 firefox-es_AR-78.13.0-1.mga8 firefox-es_CL-78.13.0-1.mga8 firefox-es_ES-78.13.0-1.mga8 firefox-es_MX-78.13.0-1.mga8 firefox-et-78.13.0-1.mga8 firefox-eu-78.13.0-1.mga8 firefox-fa-78.13.0-1.mga8 firefox-ff-78.13.0-1.mga8 firefox-fi-78.13.0-1.mga8 firefox-fr-78.13.0-1.mga8 firefox-fy_NL-78.13.0-1.mga8 firefox-ga_IE-78.13.0-1.mga8 firefox-gd-78.13.0-1.mga8 firefox-gl-78.13.0-1.mga8 firefox-gu_IN-78.13.0-1.mga8 firefox-he-78.13.0-1.mga8 firefox-hi_IN-78.13.0-1.mga8 firefox-hr-78.13.0-1.mga8 firefox-hsb-78.13.0-1.mga8 firefox-hu-78.13.0-1.mga8 firefox-hy_AM-78.13.0-1.mga8 firefox-ia-78.13.0-1.mga8 firefox-id-78.13.0-1.mga8 firefox-is-78.13.0-1.mga8 firefox-it-78.13.0-1.mga8 firefox-ja-78.13.0-1.mga8 firefox-ka-78.13.0-1.mga8 firefox-kab-78.13.0-1.mga8 firefox-kk-78.13.0-1.mga8 firefox-km-78.13.0-1.mga8 firefox-kn-78.13.0-1.mga8 firefox-ko-78.13.0-1.mga8 firefox-lij-78.13.0-1.mga8 firefox-lt-78.13.0-1.mga8 firefox-lv-78.13.0-1.mga8 firefox-mk-78.13.0-1.mga8 firefox-mr-78.13.0-1.mga8 firefox-ms-78.13.0-1.mga8 firefox-my-78.13.0-1.mga8 firefox-nb_NO-78.13.0-1.mga8 firefox-nl-78.13.0-1.mga8 firefox-nn_NO-78.13.0-1.mga8 firefox-oc-78.13.0-1.mga8 firefox-pa_IN-78.13.0-1.mga8 firefox-pl-78.13.0-1.mga8 firefox-pt_BR-78.13.0-1.mga8 firefox-pt_PT-78.13.0-1.mga8 firefox-ro-78.13.0-1.mga8 firefox-ru-78.13.0-1.mga8 firefox-si-78.13.0-1.mga8 firefox-sk-78.13.0-1.mga8 firefox-sl-78.13.0-1.mga8 firefox-sq-78.13.0-1.mga8 firefox-sr-78.13.0-1.mga8 firefox-sv_SE-78.13.0-1.mga8 firefox-ta-78.13.0-1.mga8 firefox-te-78.13.0-1.mga8 firefox-th-78.13.0-1.mga8 firefox-tl-78.13.0-1.mga8 firefox-tr-78.13.0-1.mga8 firefox-uk-78.13.0-1.mga8 firefox-ur-78.13.0-1.mga8 firefox-uz-78.13.0-1.mga8 firefox-vi-78.13.0-1.mga8 firefox-xh-78.13.0-1.mga8 firefox-zh_CN-78.13.0-1.mga8 firefox-zh_TW-78.13.0-1.mga8 from SRPMS: nss-3.69.0-1.mga8.src.rpm firefox-78.13.0-1.mga8.src.rpm firefox-l10n-78.13.0-1.mga8.src.rpm
Assignee: bugsquad => qa-bugs
Package list in Comment 0, should be showing up on your mirrors now. Working fine for me on Mageia 8 x86_64.
OK here mga8 x86_64, Plasma, Swedish, Nvidia current, 4 k screen Resumed a hundred tabs from previous session, Video on internet, three banking sites, ...
CC: (none) => fri
MGA8-64 Plasma in Dutch on Lenovo B50 No installation issues. Used my usual newspaper site to test on text, images, video and sound, all OK. My favorite Manamana on youtube as well.
CC: (none) => herman.viaene
Advisory: ======================== Updated firefox packages fix security vulnerabilities: Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash (CVE-2021-29980). Instruction reordering during JIT optimization resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash (CVE-2021-29984). A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash (CVE-2021-29985). A suspected race condition when calling getaddrinfo while resolving DNS names could have led to memory corruption and a potentially exploitable crash (CVE-2021-29986). Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash (CVE-2021-29988). Mozilla developers Christoph Kerschbaumer, Simon Giesecke, Sandor Molnar, and Olli Pettay reported memory safety bugs present in Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2021-29989). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29980 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29984 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29985 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29986 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29988 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29989 https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/PsqVK-ngKHM https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.69_release_notes https://www.mozilla.org/en-US/security/advisories/mfsa2021-34/
Blocks: (none) => 29355
MGA8-Plasma The following 8 packages are going to be installed: - firefox-78.13.0-1.mga8.x86_64 - firefox-en_CA-78.13.0-1.mga8.noarch - firefox-en_GB-78.13.0-1.mga8.noarch - firefox-en_US-78.13.0-1.mga8.noarch - glibc-2.32-18.mga8.x86_64 - glibc-devel-2.32-18.mga8.x86_64 - lib64nss3-3.69.0-1.mga8.x86_64 - nss-3.69.0-1.mga8.x86_64 I've been using it a few hours with no issues.
CC: (none) => brtians1
MGA8, x86_64, Mate, nvidia BBC weather, logged in to Mageia Bugzilla and the NAS drive on the LAN, checked Lothian Bus Tracker, played DUST scifi video on Youtube, tried a couple of NASA sites and APOD and viewed TTF fonts by linking to local Downloads directory and invoking Mate Font Viewer. Examined gmail Inbox. All OK here.
CC: (none) => tarazed25
Whiteboard: (none) => MGA8-64-OKKeywords: (none) => advisory, validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0403.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED
RedHat has issued an advisory for this today (August 16): https://access.redhat.com/errata/RHSA-2021:3154
Proper URL for NSS 3.69 release notes is now: https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_69.html