30367 – Firefox 91.9

Bug 30367 - Firefox 91.9

Summary: Firefox 91.9

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	8
Hardware:	All Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA8-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:	30374
	Show dependency tree / graph

Reported:	2022-05-03 17:07 CEST by David Walser
Modified:	2022-05-06 22:18 CEST (History)
CC List:	7 users (show)

See Also:
Source RPM:	nss, firefox
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2022-05-03 17:07:57 CEST

Mozilla has released Firefox 91.9.0 today (May 3):
https://www.mozilla.org/en-US/firefox/91.9.0/releasenotes/

Security issues fixed:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-17/

There is also an nss update:
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/hQUjX_jwbEk
https://firefox-source-docs.mozilla.org/security/nss/releases/index.html
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_78.html

Package list should be as follows.

Updated packages in core/updates_testing:
========================================
nss-3.78.0-1.mga8
nss-doc-3.78.0-1.mga8
libnss3-3.78.0-1.mga8
libnss-devel-3.78.0-1.mga8
libnss-static-devel-3.78.0-1.mga8
firefox-91.9.0-1.mga8
firefox-ru-91.9.0-1.mga8
firefox-uk-91.9.0-1.mga8
firefox-be-91.9.0-1.mga8
firefox-el-91.9.0-1.mga8
firefox-kk-91.9.0-1.mga8
firefox-th-91.9.0-1.mga8
firefox-pa_IN-91.9.0-1.mga8
firefox-ka-91.9.0-1.mga8
firefox-ja-91.9.0-1.mga8
firefox-bg-91.9.0-1.mga8
firefox-sr-91.9.0-1.mga8
firefox-hy_AM-91.9.0-1.mga8
firefox-ko-91.9.0-1.mga8
firefox-zh_TW-91.9.0-1.mga8
firefox-vi-91.9.0-1.mga8
firefox-zh_CN-91.9.0-1.mga8
firefox-hu-91.9.0-1.mga8
firefox-bn-91.9.0-1.mga8
firefox-hi_IN-91.9.0-1.mga8
firefox-ar-91.9.0-1.mga8
firefox-sk-91.9.0-1.mga8
firefox-cs-91.9.0-1.mga8
firefox-ur-91.9.0-1.mga8
firefox-hsb-91.9.0-1.mga8
firefox-lt-91.9.0-1.mga8
firefox-te-91.9.0-1.mga8
firefox-fr-91.9.0-1.mga8
firefox-he-91.9.0-1.mga8
firefox-pl-91.9.0-1.mga8
firefox-sq-91.9.0-1.mga8
firefox-fa-91.9.0-1.mga8
firefox-de-91.9.0-1.mga8
firefox-oc-91.9.0-1.mga8
firefox-tr-91.9.0-1.mga8
firefox-kab-91.9.0-1.mga8
firefox-es_MX-91.9.0-1.mga8
firefox-es_AR-91.9.0-1.mga8
firefox-es_CL-91.9.0-1.mga8
firefox-pt_PT-91.9.0-1.mga8
firefox-fy_NL-91.9.0-1.mga8
firefox-pt_BR-91.9.0-1.mga8
firefox-gl-91.9.0-1.mga8
firefox-cy-91.9.0-1.mga8
firefox-sv_SE-91.9.0-1.mga8
firefox-gd-91.9.0-1.mga8
firefox-km-91.9.0-1.mga8
firefox-ro-91.9.0-1.mga8
firefox-mr-91.9.0-1.mga8
firefox-gu_IN-91.9.0-1.mga8
firefox-hr-91.9.0-1.mga8
firefox-sl-91.9.0-1.mga8
firefox-nl-91.9.0-1.mga8
firefox-es_ES-91.9.0-1.mga8
firefox-eo-91.9.0-1.mga8
firefox-ca-91.9.0-1.mga8
firefox-da-91.9.0-1.mga8
firefox-fi-91.9.0-1.mga8
firefox-eu-91.9.0-1.mga8
firefox-ia-91.9.0-1.mga8
firefox-nn_NO-91.9.0-1.mga8
firefox-nb_NO-91.9.0-1.mga8
firefox-br-91.9.0-1.mga8
firefox-id-91.9.0-1.mga8
firefox-tl-91.9.0-1.mga8
firefox-my-91.9.0-1.mga8
firefox-ta-91.9.0-1.mga8
firefox-en_GB-91.9.0-1.mga8
firefox-szl-91.9.0-1.mga8
firefox-en_CA-91.9.0-1.mga8
firefox-an-91.9.0-1.mga8
firefox-ast-91.9.0-1.mga8
firefox-kn-91.9.0-1.mga8
firefox-az-91.9.0-1.mga8
firefox-si-91.9.0-1.mga8
firefox-en_US-91.9.0-1.mga8
firefox-et-91.9.0-1.mga8
firefox-ff-91.9.0-1.mga8
firefox-lij-91.9.0-1.mga8
firefox-uz-91.9.0-1.mga8
firefox-is-91.9.0-1.mga8
firefox-mk-91.9.0-1.mga8
firefox-lv-91.9.0-1.mga8
firefox-bs-91.9.0-1.mga8
firefox-ga_IE-91.9.0-1.mga8
firefox-it-91.9.0-1.mga8
firefox-ms-91.9.0-1.mga8
firefox-xh-91.9.0-1.mga8
firefox-af-91.9.0-1.mga8

from SRPMS:
nss-3.78.0-1.mga8.src.rpm
firefox-91.9.0-1.mga8.src.rpm
firefox-l10n-91.9.0-1.mga8.src.rpm

Comment 1 David Walser 2022-05-03 17:12:04 CEST

Packages are in the process of being submitted to the build system and should be available later today.

Advisory:
========================

Updated firefox packages fix security vulnerabilities:

Documents in deeply-nested cross-origin browsing contexts could have obtained
permissions granted to the top-level origin, bypassing the existing prompt and
wrongfully inheriting the top-level permissions (CVE-2022-29909).

Firefox did not properly protect against top-level navigations for an iframe
sandbox with a policy relaxed through a keyword like
allow-top-navigation-by-user-activation (CVE-2022-29911).

Requests initiated through reader mode did not properly omit cookies with a
SameSite attribute (CVE-2022-29912).

When reusing existing popups Firefox would have allowed them to cover the
fullscreen notification UI, which could have enabled browser spoofing attacks
(CVE-2022-29914).

Firefox behaved slightly differently for already known resources when loading
CSS resources involving CSS variables. This could have been used to probe the
browser history (CVE-2022-29916).

Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and the
Mozilla Fuzzing Team reported memory safety bugs present in Firefox ESR 91.8.
Some of these bugs showed evidence of memory corruption and we presume that
with enough effort some of these could have been exploited to run arbitrary
code (CVE-2022-29917).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29909
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29914
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29916
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29917
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_78.html
https://www.mozilla.org/en-US/security/advisories/mfsa2022-17/

Comment 2 David Walser 2022-05-03 19:35:18 CEST

Packages have been submitted to the build system and will be available eventually.

Assignee: luigiwalser => qa-bugs

Comment 3 Morgan Leijström 2022-05-04 10:16:14 CEST

OK mga8-64, Plasma, nvidia-current, Swedish locale
Some banking sites, webshops, video sites, printing.

CC: (none) => fri

Comment 4 Len Lawrence 2022-05-04 12:13:34 CEST

mga8, x64
Updated and restarted firefox.  Restored previous session.
Working fine - local file browser, command-line invocation of Youtube video, interactive word puzzle, Google Maps....

CC: (none) => tarazed25

Comment 5 Brian Rockwell 2022-05-04 16:11:39 CEST

MGA8-64, Gnome, Asus Laptop

AMD A6-9225 RADEON R4
RTL8723BE 
Bluetooth

The following 5 packages are going to be installed:

- firefox-91.9.0-1.mga8.x86_64
- firefox-en_CA-91.9.0-1.mga8.noarch
- firefox-en_GB-91.9.0-1.mga8.noarch
- firefox-en_US-91.9.0-1.mga8.noarch
- lib64nss3-3.78.0-1.mga8.x86_64

945B of disk space will be freed.

---- restarted system

I've used it on my favorite websites (video/audio/text) - no issues

CC: (none) => brtians1

Comment 6 David Walser 2022-05-04 18:28:43 CEST

RedHat has issued an advisory for this today (May 4):
https://access.redhat.com/errata/RHSA-2022:1705

David Walser 2022-05-04 18:37:06 CEST

Blocks: (none) => 30374

Comment 7 Jose Manuel López 2022-05-05 08:53:50 CEST

Hi,

Updated from 91.8 in Mageia 8 Plasma x86_64. Writing from new version now. No issues for the moment.

Banks, sync, addons, spanish locale, youtube ok.

Greetings!

CC: (none) => joselp

Comment 8 Thomas Andrews 2022-05-06 14:57:58 CEST

Updated the mga8-64 US English Firefox and Thunderbird in one operation. No issues to report with either.

CC: (none) => andrewsfarm

Comment 9 Dave Hodgins 2022-05-06 21:23:08 CEST

Validating the update. Advisory committed to svn.

Keywords: (none) => advisory, validated_update
Whiteboard: (none) => MGA8-64-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 10 Mageia Robot 2022-05-06 22:18:26 CEST

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0162.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

Note You need to log in before you can comment on or make changes to this bug.