pkgsrc.se | The NetBSD package collection

Subject: CVS commit: pkgsrc/www/firefox115
From: David H. Gutteridge
Date: 2025-04-30 04:41:35
Message id: 20250430024135.A40BFFBE3@cvs.NetBSD.org

Log Message:
firefox115: update to 115.23

Mozilla Foundation Security Advisory 2025-30
Security Vulnerabilities fixed in Firefox ESR 115.23

Announced
    April 29, 2025
Impact
    high
Products
    Firefox ESR
Fixed in

        Firefox ESR 115.23

#CVE-2025-2817: Privilege escalation in Firefox Updater

Reporter
    Dong-uk Kim (@justlikebono)
Impact
    high

Description

Mozilla Firefox's update mechanism allowed a medium-integrity user process to \ 
interfere with the SYSTEM-level updater by manipulating the file-locking \ 
behavior. By injecting code into the user-privileged process, an attacker could \ 
bypass intended access controls, allowing SYSTEM-level file operations on paths \ 
controlled by a non-privileged user and enabling privilege escalation.
References

    Bug 1917536

#CVE-2025-4082: WebGL shader attribute memory corruption in Firefox for macOS

Reporter
    un3xploitable & GF
Impact
    high

Description

Modification of specific WebGL shader attributes could trigger an out-of-bounds \ 
read, which, when chained with other vulnerabilities, could be used to escalate \ 
privileges.
This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.
References

    Bug 1937097

#CVE-2025-4083: Process isolation bypass using "javascript:" URI links \ 
in cross-origin frames

Reporter
    Nika Layzell
Impact
    high

Description

A process isolation vulnerability in Firefox stemmed from improper handling of \ 
javascript: URIs, which could allow content to execute in the top-level \ 
document's process instead of the intended frame, potentially enabling a sandbox \ 
escape.
References

    Bug 1958350

#CVE-2025-4084: Potential local code execution in "copy as cURL" command

Reporter
    Ameen Basha M K
Impact
    moderate

Description

Due to insufficient escaping of the ampersand character in the "copy as \ 
cURL" feature, an attacker could trick a user into using this command, \ 
potentially leading to local code execution on the user's system.
This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.
References

    Bug 1949994, 1960198

Files:

Revision	Action	file
1.48	modify	pkgsrc/www/firefox115/Makefile
1.25	modify	pkgsrc/www/firefox115/distinfo