Navigation:
Browse pkgsrc
(this page)
www firefox1..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2025-03-12 04:49:24 by David H. Gutteridge | Files touched by this commit (2) |  |
Log message:
firefox115: update to 115.21.0
Mozilla Foundation Security Advisory 2025-15
Security Vulnerabilities fixed in Firefox ESR 115.21
Announced
March 4, 2025
Impact
critical
Products
Firefox ESR
Fixed in
Firefox ESR 115.21
#CVE-2024-43097: Overflow when growing an SkRegion's RunArray
Reporter
Google Android
Impact
critical
Description
In resizeToAtLeast of SkRegion.cpp, there was a possible out of bounds write due \
to an integer overflow
References
Bug 1945624
#CVE-2025-1930: AudioIPC StreamData could trigger a use-after-free in the \
Browser process
Reporter
dalmurino
Impact
high
Description
On Windows, a compromised content process could use bad StreamData sent over \
AudioIPC to trigger a use-after-free in the Browser process. This could have led \
to a sandbox escape.
References
Bug 1902309
#CVE-2025-1931: Use-after-free in WebTransportChild
Reporter
sherkito
Impact
high
Description
It was possible to cause a use-after-free in the content process side of a \
WebTransport connection, leading to a potentially exploitable crash.
References
Bug 1944126
#CVE-2025-1933: JIT corruption of WASM i32 return values on 64-bit CPUs
Reporter
Xiangwei Zhang and kkdong of Tencent Security YUNDING LAB
Impact
high
Description
On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up \
bits from left over memory. This can potentially cause them to be treated as a \
different type.
References
Bug 1946004
#CVE-2025-1937: Memory safety bugs fixed in Firefox 136, Thunderbird 136, \
Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8
Reporter
the Mozilla Fuzzing Team, Andrew McCreight
Impact
high
Description
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, \
Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of \
memory corruption and we presume that with enough effort some of these could \
have been exploited to run arbitrary code.
References
Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR \
115.21, Firefox ESR 128.8, and Thunderbird 128.8
|
| 2025-02-12 07:45:45 by Ryo ONODERA | Files touched by this commit (850) |
Log message: *: Recursive revbump from audio/flac-1.5.0 |
| 2025-02-04 21:29:06 by Benny Siegert | Files touched by this commit (4) | |
Log message: firefox115: update to 115.20.0 (security) Security Vulnerabilities fixed in Firefox ESR 115.20 #CVE-2025-1009: Use-after-free in XSLT Impact: high An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. #CVE-2025-1010: Use-after-free in Custom Highlight Impact: high An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. #CVE-2025-1012: Use-after-free during concurrent delazification Impact: moderate A race during concurrent delazification could have led to a use-after-free. #CVE-2025-1016: Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20, and Thunderbird 128.7 Impact: high Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| 2025-01-07 18:17:34 by Benny Siegert | Files touched by this commit (4) | |
Log message: firefox115, firefox115-l10n: update to 115.19.0 Security Vulnerabilities fixed in Firefox ESR 115.19 #CVE-2025-0238: Use-after-free when breaking lines in text Impact: moderate Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. #CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 Impact: high Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| 2024-12-27 09:21:09 by Thomas Klausner | Files touched by this commit (1055) |
Log message: *: recursive bump for pango requiring fontconfig 2.15 |
| 2024-11-26 20:11:54 by Benny Siegert | Files touched by this commit (2) | |
Log message: firefox115: update to 115.18.0 Security Vulnerabilities fixed in Firefox ESR 115.18 #CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via WebGL Impact: high Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. #CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims Impact: moderate Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP frame-src bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. |
| 2024-11-17 08:17:06 by Thomas Klausner | Files touched by this commit (944) |
Log message: *: recursive bump for default-on option of at-spi2-core |
| 2024-11-14 23:22:33 by Thomas Klausner | Files touched by this commit (2429) |
Log message: *: recursive bump for icu 76 shlib major version bump |
New packages: