ASA-202106-3 log original external raw

[ASA-202106-3] firefox: multiple issues
Arch Linux Security Advisory ASA-202106-3 ========================================= Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-29959 CVE-2021-29960 CVE-2021-29961 CVE-2021-29966 CVE-2021-29967 Package : firefox Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2018 Summary ======= The package firefox before version 89.0-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing, information disclosure and access restriction bypass. Resolution ========== Upgrade to 89.0-1. # pacman -Syu "firefox>=89.0-1" The problems have been fixed upstream in version 89.0. Workaround ========== None. Description =========== - CVE-2021-29959 (access restriction bypass) When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re- enabling the camera. - CVE-2021-29960 (information disclosure) Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. - CVE-2021-29961 (content spoofing) When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. - CVE-2021-29966 (arbitrary code execution) Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code. - CVE-2021-29967 (arbitrary code execution) Mozilla developers reported memory safety bugs present in Firefox 88 and Thunderbird 78.10. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code. Impact ====== A remote attacker could spoof the user interface, record audio and video without an additional prompt, or execute arbitrary code through crafted web pages. A local attacker could learn the title of a website visited during private browsing mode. References ========== https://www.mozilla.org/security/advisories/mfsa2021-23/ https://bugzilla.mozilla.org/show_bug.cgi?id=1395819 https://bugzilla.mozilla.org/show_bug.cgi?id=1675965 https://bugzilla.mozilla.org/show_bug.cgi?id=1700235 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124 https://www.mozilla.org/security/advisories/mfsa2021-26/ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041 https://security.archlinux.org/CVE-2021-29959 https://security.archlinux.org/CVE-2021-29960 https://security.archlinux.org/CVE-2021-29961 https://security.archlinux.org/CVE-2021-29966 https://security.archlinux.org/CVE-2021-29967

[ASA-202106-3] firefox: multiple issues

Arch Linux Security Advisory ASA-202106-3 ========================================= Severity: High Date : 2021-06-01 CVE-ID : CVE-2021-29959 CVE-2021-29960 CVE-2021-29961 CVE-2021-29966 CVE-2021-29967 Package : firefox Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2018 Summary ======= The package firefox before version 89.0-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing, information disclosure and access restriction bypass. Resolution ========== Upgrade to 89.0-1. # pacman -Syu "firefox>=89.0-1" The problems have been fixed upstream in version 89.0. Workaround ========== None. Description =========== - CVE-2021-29959 (access restriction bypass) When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. This was only possible if the website kept recording with the microphone until re- enabling the camera. - CVE-2021-29960 (information disclosure) Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. - CVE-2021-29961 (content spoofing) When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. - CVE-2021-29966 (arbitrary code execution) Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code. - CVE-2021-29967 (arbitrary code execution) Mozilla developers reported memory safety bugs present in Firefox 88 and Thunderbird 78.10. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could have been exploited to run arbitrary code. Impact ====== A remote attacker could spoof the user interface, record audio and video without an additional prompt, or execute arbitrary code through crafted web pages. A local attacker could learn the title of a website visited during private browsing mode. References ========== https://www.mozilla.org/security/advisories/mfsa2021-23/ https://bugzilla.mozilla.org/show_bug.cgi?id=1395819 https://bugzilla.mozilla.org/show_bug.cgi?id=1675965 https://bugzilla.mozilla.org/show_bug.cgi?id=1700235 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124 https://www.mozilla.org/security/advisories/mfsa2021-26/ https://bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041 https://security.archlinux.org/CVE-2021-29959 https://security.archlinux.org/CVE-2021-29960 https://security.archlinux.org/CVE-2021-29961 https://security.archlinux.org/CVE-2021-29966 https://security.archlinux.org/CVE-2021-29967