Mozilla has released Firefox 115.2 on August 29: https://www.mozilla.org/en-US/firefox/115.2.0/releasenotes/ Security issues fixed: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/ There is also NSS and rootcerts updates: https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_93.html https://firefox-source-docs.mozilla.org/security/nss/releases/index.html
Whiteboard: (none) => MGA9TOO, MGA8TOOCC: (none) => nicolas.salgueroSource RPM: (none) => rootcerts, nss, firefox, firefox-l10n
Blocks: (none) => 32090
Nicolas, I suspect you are going to do this; but in case not, assigning globally.
Assignee: bugsquad => pkg-bugs
Partial list of updated packages in core/updates_testing: ======================== rootcerts-20230720.00-1.mga{8|9} rootcerts-java-20230720.00-1.mga{8|9} lib(64)nss3-3.93.0-1.mga{8|9} lib(64)nss-devel-3.93.0-1.mga{8|9} lib(64)nss-static-devel-3.93.0-1.mga{8|9} nss-3.93.0-1.mga{8|9} nss-doc-3.93.0-1.mga{8|9} from SRPMS: rootcerts-20230720.00-1.mga{8|9}.src.rpm nss-3.93.0-1.mga{8|9}.src.rpm
For the moment, Firefox 115.2 is only built for Mageia 9 because it needs at least rust 1.66.0 and Mageia 8 only provides rust 1.60.0. Partial list of updated packages in core/updates_testing: ======================== firefox-115.2.0-1.mga9 firefox-af-115.2.0-1.mga9 firefox-an-115.2.0-1.mga9 firefox-ar-115.2.0-1.mga9 firefox-ast-115.2.0-1.mga9 firefox-az-115.2.0-1.mga9 firefox-be-115.2.0-1.mga9 firefox-bg-115.2.0-1.mga9 firefox-bn-115.2.0-1.mga9 firefox-br-115.2.0-1.mga9 firefox-bs-115.2.0-1.mga9 firefox-ca-115.2.0-1.mga9 firefox-cs-115.2.0-1.mga9 firefox-cy-115.2.0-1.mga9 firefox-da-115.2.0-1.mga9 firefox-de-115.2.0-1.mga9 firefox-el-115.2.0-1.mga9 firefox-en_CA-115.2.0-1.mga9 firefox-en_GB-115.2.0-1.mga9 firefox-en_US-115.2.0-1.mga9 firefox-eo-115.2.0-1.mga9 firefox-es_AR-115.2.0-1.mga9 firefox-es_CL-115.2.0-1.mga9 firefox-es_ES-115.2.0-1.mga9 firefox-es_MX-115.2.0-1.mga9 firefox-et-115.2.0-1.mga9 firefox-eu-115.2.0-1.mga9 firefox-fa-115.2.0-1.mga9 firefox-ff-115.2.0-1.mga9 firefox-fi-115.2.0-1.mga9 firefox-fr-115.2.0-1.mga9 firefox-fur-115.2.0-1.mga9 firefox-fy_NL-115.2.0-1.mga9 firefox-ga_IE-115.2.0-1.mga9 firefox-gd-115.2.0-1.mga9 firefox-gl-115.2.0-1.mga9 firefox-gu_IN-115.2.0-1.mga9 firefox-he-115.2.0-1.mga9 firefox-hi_IN-115.2.0-1.mga9 firefox-hr-115.2.0-1.mga9 firefox-hsb-115.2.0-1.mga9 firefox-hu-115.2.0-1.mga9 firefox-hy_AM-115.2.0-1.mga9 firefox-ia-115.2.0-1.mga9 firefox-id-115.2.0-1.mga9 firefox-is-115.2.0-1.mga9 firefox-it-115.2.0-1.mga9 firefox-ja-115.2.0-1.mga9 firefox-ka-115.2.0-1.mga9 firefox-kab-115.2.0-1.mga9 firefox-kk-115.2.0-1.mga9 firefox-km-115.2.0-1.mga9 firefox-kn-115.2.0-1.mga9 firefox-ko-115.2.0-1.mga9 firefox-lij-115.2.0-1.mga9 firefox-lt-115.2.0-1.mga9 firefox-lv-115.2.0-1.mga9 firefox-mk-115.2.0-1.mga9 firefox-mr-115.2.0-1.mga9 firefox-ms-115.2.0-1.mga9 firefox-my-115.2.0-1.mga9 firefox-nb_NO-115.2.0-1.mga9 firefox-nl-115.2.0-1.mga9 firefox-nn_NO-115.2.0-1.mga9 firefox-oc-115.2.0-1.mga9 firefox-pa_IN-115.2.0-1.mga9 firefox-pl-115.2.0-1.mga9 firefox-pt_BR-115.2.0-1.mga9 firefox-pt_PT-115.2.0-1.mga9 firefox-ro-115.2.0-1.mga9 firefox-ru-115.2.0-1.mga9 firefox-sc-115.2.0-1.mga9 firefox-si-115.2.0-1.mga9 firefox-sk-115.2.0-1.mga9 firefox-sl-115.2.0-1.mga9 firefox-sq-115.2.0-1.mga9 firefox-sr-115.2.0-1.mga9 firefox-sv_SE-115.2.0-1.mga9 firefox-szl-115.2.0-1.mga9 firefox-ta-115.2.0-1.mga9 firefox-te-115.2.0-1.mga9 firefox-tg-115.2.0-1.mga9 firefox-th-115.2.0-1.mga9 firefox-tl-115.2.0-1.mga9 firefox-tr-115.2.0-1.mga9 firefox-uk-115.2.0-1.mga9 firefox-ur-115.2.0-1.mga9 firefox-uz-115.2.0-1.mga9 firefox-vi-115.2.0-1.mga9 firefox-xh-115.2.0-1.mga9 firefox-zh_CN-115.2.0-1.mga9 firefox-zh_TW-115.2.0-1.mga9 from SRPMS: firefox-115.2.0-1.mga9.src.rpm firefox-l10n-115.2.0-1.mga9.src.rpm
Hi, I have update from testing repositories. No issues for the moment. - Banks ok. - Settings, addons, themes, language-es ok. - Digital certificates ok. - Audio y video youtube ok. Greetings!
CC: (none) => joselp
OK for my use mga8-64, Plasma, Nvidia-current on GTX 750. intel i7-870, kernel 6.1.45-desktop-1.mga8 (6.4 do not work well on resume) Tried some of my usual sites incl banking, video, and webshops
CC: (none) => fri
Blocks: (none) => 32258
Blocks: 32258 => (none)
Suggested advisory: ======================== The updated packages fix security vulnerabilities: Use-after-free in workers. (CVE-2023-3600) Offscreen Canvas could have bypassed cross-origin restrictions. (CVE-2023-4045) Incorrect value used during WASM compilation. (CVE-2023-4046) Potential permissions request bypass via clickjacking. (CVE-2023-4047) Crash in DOMParser due to out-of-memory conditions. (CVE-2023-4048) Fix potential race conditions when releasing platform objects. (CVE-2023-4049) Stack buffer overflow in StorageManager. (CVE-2023-4050) Cookie jar overflow caused unexpected cookie jar state. (CVE-2023-4055) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14. (CVE-2023-4056) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. (CVE-2023-4057) Memory corruption in IPC CanvasTranslator. (CVE-2023-4573) Memory corruption in IPC ColorPickerShownCallback. (CVE-2023-4574) Memory corruption in IPC FilePickerShownCallback. (CVE-2023-4575) Integer Overflow in RecordedSourceSurfaceCreation. (CVE-2023-4576) Memory corruption in JIT UpdateRegExpStatics. (CVE-2023-4577) Full screen notification obscured by file open dialog. (CVE-2023-4051) Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception. (CVE-2023-4578) Full screen notification obscured by external program. (CVE-2023-4053) Push notifications saved to disk unencrypted. (CVE-2023-4580) XLL file extensions were downloadable without warnings. (CVE-2023-4581) Browsing Context potentially not cleared when closing Private Window. (CVE-2023-4583) Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2. (CVE-2023-4584) Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. (CVE-2023-4585) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3600 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4057 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4576 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4577 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4051 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4578 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4053 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4580 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4583 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4585 https://www.mozilla.org/en-US/firefox/115.0.1/releasenotes/ https://www.mozilla.org/en-US/firefox/115.0.2/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-26/ https://www.mozilla.org/en-US/firefox/115.0.3/releasenotes/ https://www.mozilla.org/en-US/firefox/115.1.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/ https://www.mozilla.org/en-US/firefox/115.2.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/ https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_93.html https://firefox-source-docs.mozilla.org/security/nss/releases/index.html ======================== Updated packages in core/updates_testing: ======================== rootcerts-20230720.00-1.mga9 rootcerts-java-20230720.00-1.mga9 lib(64)nss3-3.93.0-1.mga9 lib(64)nss-devel-3.93.0-1.mga9 lib(64)nss-static-devel-3.93.0-1.mga9 nss-3.93.0-1.mga9 nss-doc-3.93.0-1.mga9 firefox-115.2.0-1.mga9 firefox-af-115.2.0-1.mga9 firefox-an-115.2.0-1.mga9 firefox-ar-115.2.0-1.mga9 firefox-ast-115.2.0-1.mga9 firefox-az-115.2.0-1.mga9 firefox-be-115.2.0-1.mga9 firefox-bg-115.2.0-1.mga9 firefox-bn-115.2.0-1.mga9 firefox-br-115.2.0-1.mga9 firefox-bs-115.2.0-1.mga9 firefox-ca-115.2.0-1.mga9 firefox-cs-115.2.0-1.mga9 firefox-cy-115.2.0-1.mga9 firefox-da-115.2.0-1.mga9 firefox-de-115.2.0-1.mga9 firefox-el-115.2.0-1.mga9 firefox-en_CA-115.2.0-1.mga9 firefox-en_GB-115.2.0-1.mga9 firefox-en_US-115.2.0-1.mga9 firefox-eo-115.2.0-1.mga9 firefox-es_AR-115.2.0-1.mga9 firefox-es_CL-115.2.0-1.mga9 firefox-es_ES-115.2.0-1.mga9 firefox-es_MX-115.2.0-1.mga9 firefox-et-115.2.0-1.mga9 firefox-eu-115.2.0-1.mga9 firefox-fa-115.2.0-1.mga9 firefox-ff-115.2.0-1.mga9 firefox-fi-115.2.0-1.mga9 firefox-fr-115.2.0-1.mga9 firefox-fur-115.2.0-1.mga9 firefox-fy_NL-115.2.0-1.mga9 firefox-ga_IE-115.2.0-1.mga9 firefox-gd-115.2.0-1.mga9 firefox-gl-115.2.0-1.mga9 firefox-gu_IN-115.2.0-1.mga9 firefox-he-115.2.0-1.mga9 firefox-hi_IN-115.2.0-1.mga9 firefox-hr-115.2.0-1.mga9 firefox-hsb-115.2.0-1.mga9 firefox-hu-115.2.0-1.mga9 firefox-hy_AM-115.2.0-1.mga9 firefox-ia-115.2.0-1.mga9 firefox-id-115.2.0-1.mga9 firefox-is-115.2.0-1.mga9 firefox-it-115.2.0-1.mga9 firefox-ja-115.2.0-1.mga9 firefox-ka-115.2.0-1.mga9 firefox-kab-115.2.0-1.mga9 firefox-kk-115.2.0-1.mga9 firefox-km-115.2.0-1.mga9 firefox-kn-115.2.0-1.mga9 firefox-ko-115.2.0-1.mga9 firefox-lij-115.2.0-1.mga9 firefox-lt-115.2.0-1.mga9 firefox-lv-115.2.0-1.mga9 firefox-mk-115.2.0-1.mga9 firefox-mr-115.2.0-1.mga9 firefox-ms-115.2.0-1.mga9 firefox-my-115.2.0-1.mga9 firefox-nb_NO-115.2.0-1.mga9 firefox-nl-115.2.0-1.mga9 firefox-nn_NO-115.2.0-1.mga9 firefox-oc-115.2.0-1.mga9 firefox-pa_IN-115.2.0-1.mga9 firefox-pl-115.2.0-1.mga9 firefox-pt_BR-115.2.0-1.mga9 firefox-pt_PT-115.2.0-1.mga9 firefox-ro-115.2.0-1.mga9 firefox-ru-115.2.0-1.mga9 firefox-sc-115.2.0-1.mga9 firefox-si-115.2.0-1.mga9 firefox-sk-115.2.0-1.mga9 firefox-sl-115.2.0-1.mga9 firefox-sq-115.2.0-1.mga9 firefox-sr-115.2.0-1.mga9 firefox-sv_SE-115.2.0-1.mga9 firefox-szl-115.2.0-1.mga9 firefox-ta-115.2.0-1.mga9 firefox-te-115.2.0-1.mga9 firefox-tg-115.2.0-1.mga9 firefox-th-115.2.0-1.mga9 firefox-tl-115.2.0-1.mga9 firefox-tr-115.2.0-1.mga9 firefox-uk-115.2.0-1.mga9 firefox-ur-115.2.0-1.mga9 firefox-uz-115.2.0-1.mga9 firefox-vi-115.2.0-1.mga9 firefox-xh-115.2.0-1.mga9 firefox-zh_CN-115.2.0-1.mga9 firefox-zh_TW-115.2.0-1.mga9 from SRPMS: rootcerts-20230720.00-1.mga9.src.rpm nss-3.93.0-1.mga9.src.rpm firefox-115.2.0-1.mga9.src.rpm firefox-l10n-115.2.0-1.mga9.src.rpm
Assignee: pkg-bugs => qa-bugsStatus: NEW => ASSIGNEDVersion: Cauldron => 9Whiteboard: MGA9TOO, MGA8TOO => (none)
mga9, x64 Installed updates for en_GB. The reconfiguration process was a bit of a pain, as it always is. No devices other than PCs here. Bookmark list was preserved. Changed theme OK. Could not connect to the internet until the cache was cleared (?). First time that has happened. Browsing seems to work as normal. Youtube videos - sound, video and subtitles OK. My bank has no objections to the new version.
CC: (none) => tarazed25
Updated on another machine and found that the setup step can be skipped. Straight to browsing.
Font problems in pdf viewer? I have noticed some pdf documents renders terrible in Firefox, but OK in Chromium, as well as when opened with Okular. It feels the frequency of this problem is larger with latest Firefox, but i have not downgraded to compare. But regardless if it is a regression or not - as it works with Okular... cant Firefox pdf viewer use same system fonts? Example: https://www.ti.com/lit/ds/symlink/lm340.pdf
(In reply to Morgan Leijström from comment #9) > Font problems in pdf viewer? > > I have noticed some pdf documents renders terrible in Firefox, but OK in > Chromium, as well as when opened with Okular. > > It feels the frequency of this problem is larger with latest Firefox, but i > have not downgraded to compare. But regardless if it is a regression or not > - as it works with Okular... cant Firefox pdf viewer use same system fonts? > > Example: > https://www.ti.com/lit/ds/symlink/lm340.pdf Hi, It seems changing browser.display.use_document_fonts from 1 to 0, in about:config solves that issue. Best regards, Nico.
Thank you Nico, that solves it for me too :) Maybe we should discuss for next update if we should change the default. To me, this seems like an accelerating problem, or I have just had bad luck recently...
I saw the issue with Thunderbird 115.2 too and in two different PC with Intel graphics so I agree we may need to discuss about changing the default value.
I think we should put it in errata for now.
Keywords: (none) => FOR_ERRATA9
MGA9 64 GNOME Updated FF with QA repo and RPM: firefox 115.2.0 1.mga9 x86_64 firefox-fr 115.2.0 1.mga9 noarch lib64nss3 3.93.0 1.mga9 x86_64 nss 3.93.0 1.mga9 x86_64 rootcerts 20230720.00 1.mga9 noarch rootcerts-java 20230720.00 1.mga9 noarch Browsing is OK. Audio streaming with spotify OK Netflix OK Bank site OK Extensions OK I have font problem with PDF too
CC: (none) => guillaume.royer
PDF font workaround in Comment 10 entered in errata: https://wiki.mageia.org/en/Mageia_9_Errata#Firefox_ESR
Status comment: (none) => (Pdf rendering in errata)Keywords: FOR_ERRATA9 => IN_ERRATA9
MGA9-64 Plasma on an HP Pavilion 15, AMD-based. No installation issues. No issues with browsing. I have always sent pdfs to Okular, so I hadn't noticed any problems with their display in Firefox.
CC: (none) => andrewsfarm
Seem OK for 64 bit - can we have a test on 32 bit?
Whiteboard: (none) => MGA9-64-OK
On Foolishness, my Dell Inspiron 5100, MGA9-32 Xfce system: No installation issues. No issues noted with browsing, within the limits of the hardware. For example, watching a Youtube video is painfully slow, with constant breaks for buffering because of the small amount of RAM. Complex pages without video take quite a while to load (compared to my i5 Plasma system), but they do load and display correctly. OK for 32-bit.
Whiteboard: MGA9-64-OK => MGA9-64-OK MGA9-32-OK
I have used this on my production machine for a few days now, without issue. Time for it to go out. Validating. Advisory in comment 6.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Removing the validation. With a critical security bug that is being exploited in the wild https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ there's no point pushing this update as there will have to be another one as soon as possible.
CC: (none) => davidwhodginsKeywords: validated_update => (none)
You decide, but with respect this time i think you should consider again. This is ready to go (minus advisory) and fixes 8 high risk points. It takes us about a week to make next ready. And version wise it is a leap compared to our old release version.
I'm hoping it can be done in days. Since the changes from 115.2 to 115.2.1 are minimal, I don't expect it to take very long to update. Testing will be minimal in order to get it out as soon as possible. Note it raises the priority of getting it built for m8 too, whether that means updating rust, or bundling it, it needs to be done. We'll keep the m8/m9 updates seperate in order to get at least the m9 updates out asap. While the fixes in 115.2 are high priority, they are not critical and have not been reported as being exploited in the wild.
(In reply to Dave Hodgins from comment #22) > > Note it raises the priority of getting it built for m8 too, whether that > means > updating rust, or bundling it, it needs to be done. For simplicity Mageia 8 firefox/thunderbird can still stay on 102 branch as that one has also gotten the needed fixes: https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ Firefox ESR 102.15.1 Thunderbird 102.15.1
Comments 22 and 23 sounds good to me. Back to packagers then.
Assignee: qa-bugs => pkg-bugs
Duplicate of bug 32258. *** This bug has been marked as a duplicate of bug 32258 ***
Resolution: (none) => DUPLICATEStatus: ASSIGNED => RESOLVED