30765 – Firefox 91.13

Bug 30765 - Firefox 91.13

Summary: Firefox 91.13

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	8
Hardware:	All Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:
Whiteboard:	MGA8-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:	30766
	Show dependency tree / graph

Reported:	2022-08-23 17:45 CEST by David Walser
Modified:	2022-08-25 23:23 CEST (History)
CC List:	5 users (show)

See Also:
Source RPM:	nspr, nss, firefox
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2022-08-23 17:45:07 CEST

Mozilla has released Firefox 91.13.0 today (August 23):
https://www.mozilla.org/en-US/firefox/91.13.0/releasenotes/

Security issues fixed:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-35/

There are also nspr and nss updates:
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/oOKOnyGPMQQ
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/uceBXfAG1pM
https://firefox-source-docs.mozilla.org/security/nss/releases/index.html
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_82.html

Package list should be as follows.

Updated packages in core/updates_testing:
========================================
libnspr4-4.34.1-1.mga8
libnspr-devel-4.34.1-1.mga8
nss-3.82.0-1.mga8
nss-doc-3.82.0-1.mga8
libnss3-3.82.0-1.mga8
libnss-devel-3.82.0-1.mga8
libnss-static-devel-3.82.0-1.mga8
firefox-91.13.0-1.mga8
firefox-ru-91.13.0-1.mga8
firefox-uk-91.13.0-1.mga8
firefox-be-91.13.0-1.mga8
firefox-el-91.13.0-1.mga8
firefox-kk-91.13.0-1.mga8
firefox-th-91.13.0-1.mga8
firefox-pa_IN-91.13.0-1.mga8
firefox-ka-91.13.0-1.mga8
firefox-ja-91.13.0-1.mga8
firefox-bg-91.13.0-1.mga8
firefox-sr-91.13.0-1.mga8
firefox-hy_AM-91.13.0-1.mga8
firefox-ko-91.13.0-1.mga8
firefox-zh_TW-91.13.0-1.mga8
firefox-vi-91.13.0-1.mga8
firefox-zh_CN-91.13.0-1.mga8
firefox-hu-91.13.0-1.mga8
firefox-bn-91.13.0-1.mga8
firefox-hi_IN-91.13.0-1.mga8
firefox-ar-91.13.0-1.mga8
firefox-sk-91.13.0-1.mga8
firefox-cs-91.13.0-1.mga8
firefox-ur-91.13.0-1.mga8
firefox-hsb-91.13.0-1.mga8
firefox-lt-91.13.0-1.mga8
firefox-te-91.13.0-1.mga8
firefox-fr-91.13.0-1.mga8
firefox-he-91.13.0-1.mga8
firefox-pl-91.13.0-1.mga8
firefox-sq-91.13.0-1.mga8
firefox-fa-91.13.0-1.mga8
firefox-de-91.13.0-1.mga8
firefox-oc-91.13.0-1.mga8
firefox-tr-91.13.0-1.mga8
firefox-kab-91.13.0-1.mga8
firefox-es_MX-91.13.0-1.mga8
firefox-es_AR-91.13.0-1.mga8
firefox-es_CL-91.13.0-1.mga8
firefox-pt_PT-91.13.0-1.mga8
firefox-fy_NL-91.13.0-1.mga8
firefox-pt_BR-91.13.0-1.mga8
firefox-gl-91.13.0-1.mga8
firefox-cy-91.13.0-1.mga8
firefox-sv_SE-91.13.0-1.mga8
firefox-gd-91.13.0-1.mga8
firefox-km-91.13.0-1.mga8
firefox-ro-91.13.0-1.mga8
firefox-mr-91.13.0-1.mga8
firefox-gu_IN-91.13.0-1.mga8
firefox-hr-91.13.0-1.mga8
firefox-sl-91.13.0-1.mga8
firefox-nl-91.13.0-1.mga8
firefox-es_ES-91.13.0-1.mga8
firefox-eo-91.13.0-1.mga8
firefox-ca-91.13.0-1.mga8
firefox-da-91.13.0-1.mga8
firefox-fi-91.13.0-1.mga8
firefox-eu-91.13.0-1.mga8
firefox-ia-91.13.0-1.mga8
firefox-nn_NO-91.13.0-1.mga8
firefox-nb_NO-91.13.0-1.mga8
firefox-br-91.13.0-1.mga8
firefox-id-91.13.0-1.mga8
firefox-tl-91.13.0-1.mga8
firefox-my-91.13.0-1.mga8
firefox-ta-91.13.0-1.mga8
firefox-en_GB-91.13.0-1.mga8
firefox-szl-91.13.0-1.mga8
firefox-en_CA-91.13.0-1.mga8
firefox-an-91.13.0-1.mga8
firefox-ast-91.13.0-1.mga8
firefox-kn-91.13.0-1.mga8
firefox-az-91.13.0-1.mga8
firefox-si-91.13.0-1.mga8
firefox-en_US-91.13.0-1.mga8
firefox-et-91.13.0-1.mga8
firefox-ff-91.13.0-1.mga8
firefox-lij-91.13.0-1.mga8
firefox-uz-91.13.0-1.mga8
firefox-is-91.13.0-1.mga8nss-3.82.0-1.mga8
nss-doc-3.82.0-1.mga8
libnss3-3.82.0-1.mga8
libnss-devel-3.82.0-1.mga8
libnss-static-devel-3.82.0-1.mga8
firefox-91.13.0-1.mga8
firefox-ru-91.13.0-1.mga8
firefox-uk-91.13.0-1.mga8
firefox-be-91.13.0-1.mga8
firefox-el-91.13.0-1.mga8
firefox-kk-91.13.0-1.mga8
firefox-th-91.13.0-1.mga8
firefox-pa_IN-91.13.0-1.mga8
firefox-ka-91.13.0-1.mga8
firefox-ja-91.13.0-1.mga8
firefox-bg-91.13.0-1.mga8
firefox-sr-91.13.0-1.mga8
firefox-hy_AM-91.13.0-1.mga8
firefox-ko-91.13.0-1.mga8
firefox-zh_TW-91.13.0-1.mga8
firefox-vi-91.13.0-1.mga8
firefox-zh_CN-91.13.0-1.mga8
firefox-hu-91.13.0-1.mga8
firefox-bn-91.13.0-1.mga8
firefox-hi_IN-91.13.0-1.mga8
firefox-ar-91.13.0-1.mga8
firefox-sk-91.13.0-1.mga8
firefox-cs-91.13.0-1.mga8
firefox-ur-91.13.0-1.mga8
firefox-hsb-91.13.0-1.mga8
firefox-lt-91.13.0-1.mga8
firefox-te-91.13.0-1.mga8
firefox-fr-91.13.0-1.mga8
firefox-he-91.13.0-1.mga8
firefox-pl-91.13.0-1.mga8
firefox-sq-91.13.0-1.mga8
firefox-fa-91.13.0-1.mga8
firefox-de-91.13.0-1.mga8
firefox-oc-91.13.0-1.mga8
firefox-tr-91.13.0-1.mga8
firefox-kab-91.13.0-1.mga8
firefox-es_MX-91.13.0-1.mga8
firefox-es_AR-91.13.0-1.mga8
firefox-es_CL-91.13.0-1.mga8
firefox-pt_PT-91.13.0-1.mga8
firefox-fy_NL-91.13.0-1.mga8
firefox-pt_BR-91.13.0-1.mga8
firefox-gl-91.13.0-1.mga8
firefox-cy-91.13.0-1.mga8
firefox-sv_SE-91.13.0-1.mga8
firefox-gd-91.13.0-1.mga8
firefox-km-91.13.0-1.mga8
firefox-ro-91.13.0-1.mga8
firefox-mr-91.13.0-1.mga8
firefox-gu_IN-91.13.0-1.mga8
firefox-hr-91.13.0-1.mga8
firefox-sl-91.13.0-1.mga8
firefox-nl-91.13.0-1.mga8
firefox-es_ES-91.13.0-1.mga8
firefox-eo-91.13.0-1.mga8
firefox-ca-91.13.0-1.mga8
firefox-da-91.13.0-1.mga8
firefox-fi-91.13.0-1.mga8
firefox-eu-91.13.0-1.mga8
firefox-ia-91.13.0-1.mga8
firefox-nn_NO-91.13.0-1.mga8
firefox-nb_NO-91.13.0-1.mga8
firefox-br-91.13.0-1.mga8
firefox-id-91.13.0-1.mga8
firefox-tl-91.13.0-1.mga8
firefox-my-91.13.0-1.mga8
firefox-ta-91.13.0-1.mga8
firefox-en_GB-91.13.0-1.mga8
firefox-szl-91.13.0-1.mga8
firefox-en_CA-91.13.0-1.mga8
firefox-an-91.13.0-1.mga8
firefox-ast-91.13.0-1.mga8
firefox-kn-91.13.0-1.mga8
firefox-az-91.13.0-1.mga8
firefox-si-91.13.0-1.mga8
firefox-en_US-91.13.0-1.mga8
firefox-et-91.13.0-1.mga8
firefox-ff-91.13.0-1.mga8
firefox-lij-91.13.0-1.mga8
firefox-uz-91.13.0-1.mga8
firefox-is-91.13.0-1.mga8
firefox-mk-91.13.0-1.mga8
firefox-lv-91.13.0-1.mga8
firefox-bs-91.13.0-1.mga8
firefox-ga_IE-91.13.0-1.mga8
firefox-it-91.13.0-1.mga8
firefox-ms-91.13.0-1.mga8
firefox-xh-91.13.0-1.mga8
firefox-af-91.13.0-1.mga8

from SRPMS:
nspr-4.34.1-1.mga8.src.rpm
nss-3.82.0-1.mga8.src.rpm
firefox-91.13.0-1.mga8.src.rpm
firefox-l10n-91.13.0-1.mga8.src.rpm

Comment 1 David Walser 2022-08-23 17:47:24 CEST

Advisory:
========================

Updated firefox packages fix security vulnerabilities:

An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin (CVE-2022-38472).

A cross-origin iframe referencing an XSLT document would inherit the parent domain's permissions (such as microphone or camera access) (CVE-2022-38473).

Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2022-38478).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38473
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38478
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/oOKOnyGPMQQ
https://groups.google.com/a/mozilla.org/g/dev-tech-crypto/c/uceBXfAG1pM
https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_82.html
https://www.mozilla.org/en-US/security/advisories/mfsa2022-35/

David Walser 2022-08-23 18:05:32 CEST

Blocks: (none) => 30766

Comment 2 David Walser 2022-08-23 18:09:52 CEST

After this update eventually gets pushed, we'll need to do an internal build of 102.2 (not for release) to start the process of moving to the 102 branch, so we can have 102.3 ready to go shortly after its release.  Moving Cauldron to 102.x took a *lot* of commits by Thierry, so I'll need him to help out with that.

Blocks: 30766 => (none)

David Walser 2022-08-23 18:10:03 CEST

Blocks: (none) => 30766

Comment 3 David Walser 2022-08-23 20:16:40 CEST

Packages are building and should be available in a few hours.

Thierry, see Comment 2 (also please update 102.x in Cauldron).

CC: (none) => thierry.vignaud
Assignee: luigiwalser => qa-bugs

Comment 4 Thomas Andrews 2022-08-23 23:36:13 CEST

Is there a reason why most, if not all packages in Comment 0 are listed twice? Also, the line just before the second nss-doc has two package names that are run together.

It was that way for the last Firefox update, as well.

CC: (none) => andrewsfarm

Comment 5 David Walser 2022-08-24 00:17:50 CEST

Haha, copy paste error.

Comment 6 David Walser 2022-08-24 21:28:36 CEST

RedHat has issued an advisory for this today (August 24):
https://access.redhat.com/errata/RHSA-2022:6174

Comment 7 Dave Hodgins 2022-08-24 22:32:33 CEST

No regressions in my usage. Waiting for a non English user to test before validating.

CC: (none) => davidwhodgins

Comment 8 Dave Hodgins 2022-08-24 23:46:31 CEST

Tested with "LANG=fr.UTF-8 firefox". Menus are in French. Validating.
Advisory committed to svn.

Keywords: (none) => advisory, validated_update
Whiteboard: (none) => MGA8-64-OK
CC: (none) => sysadmin-bugs

Comment 9 Morgan Leijström 2022-08-25 10:01:11 CEST

mga8-64 OK for me
Plasma, nvidia-current, swedish locale
settings and tabs preserved
video, banking, shops

CC: (none) => fri

Comment 10 Mageia Robot 2022-08-25 23:23:24 CEST

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0309.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.