Bug 54343 - firefox-esr: Multiple issues (4.4)
Summary: firefox-esr: Multiple issues (4.4)
Status: CLOSED FIXED
Alias: None
Product: UCS
Classification: Unclassified
Component: Security updates
Version: UCS 4.4
Hardware: All Linux
: P3 normal
Target Milestone: UCS 4.4-8-errata
Assignee: Quality Assurance
QA Contact: Philipp Hahn
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2022-01-17 08:11 CET by Quality Assurance
Modified: 2022-01-19 13:44 CET (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Customer ID:
Max CVSS v3 score: 7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2022-01-17 08:11:10 CET 
New Debian firefox-esr 91.5.0esr-1~deb9u1 fixes:
This update addresses the following issues:

* 91.5.0esr-1~deb9u1 (Wed, 12 Jan 2022 10:04:51 +0100) * Backport to stretch.
* Iframe sandbox bypass with XSLT (CVE-2021-4140)
* Race condition when playing audio files (CVE-2022-22737)
* Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738)
* Missing throttling on external protocol launch dialog (CVE-2022-22739)
* Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740)
* Browser window spoof using fullscreen mode (CVE-2022-22741)
* Out-of-bounds memory access when inserting text in edit mode  (CVE-2022-22742)
* Browser window spoof using fullscreen mode (CVE-2022-22743)
* Leaking cross-origin URLs through securitypolicyviolation event  (CVE-2022-22745)
* Crash when handling empty pkcs7 sequence (CVE-2022-22747)
* Spoofed origin on external protocol launch dialog (CVE-2022-22748)
* Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5  (CVE-2022-22751)
Comment 1 Quality Assurance univentionstaff 2022-01-17 09:01:17 CET 
--- mirror/ftp/4.4/unmaintained/component/4.4-8-errata/source/firefox-esr_91.4.1esr-1~deb9u1.dsc
+++ apt/ucs_4.4-0-errata4.4-8/source/firefox-esr_91.5.0esr-1~deb9u1.dsc
@@ -1,3 +1,23 @@
+91.5.0esr-1~deb9u1 [Wed, 12 Jan 2022 10:04:51 +0100] Emilio Pozuelo Monfort <pochu@debian.org>:
+
+  * Backport to stretch.
+
+91.5.0esr-1 [Wed, 12 Jan 2022 06:58:53 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2022-02, also known as:
+    CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740,
+    CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748,
+    CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751.
+
+  * netwerk/base/SimpleChannel.*, netwerk/base/nsBaseChannel.*,
+    netwerk/protocol/res/ExtensionProtocolHandler.cpp,
+    netwerk/protocol/res/PageThumbProtocolHandler.cpp,
+    toolkit/components/places/nsAnnoProtocolHandler.cpp,
+    dom/file/ipc/RemoteLazyInputStream.cpp: Apply upstream patches to fix
+    excessive CPU usage in web extensions. bz#1706594, bz#1735899.
+    Closes: #1002868.
+
 91.4.1esr-1~deb9u1 [Mon, 27 Dec 2021 20:03:39 +0100] Emilio Pozuelo Monfort <pochu@debian.org>:
 
   * Backport to stretch.

<http://piuparts.knut.univention.de/4.4-8/#4870572659184659287>
Comment 2 Philipp Hahn univentionstaff 2022-01-18 11:18:36 CET 
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

[4.4-8] d4b2703da1 Bug #54343: firefox-esr 91.5.0esr-1~deb9u1
 doc/errata/staging/firefox-esr.yaml | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

[4.4-8] 876c69e95a Bug #54343: firefox-esr 91.5.0esr-1~deb9u1
 doc/errata/staging/firefox-esr.yaml | 39 +++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)