MFSA 2023-01 (bsc#1207119)
* CVE-2023-23597 (bmo#1538028)
Logic bug in process allocation allowed to read arbitrary
files
* CVE-2023-23598 (bmo#1800425)
Arbitrary file read from GTK drag and drop on Linux
* CVE-2023-23599 (bmo#1777800)
Malicious command could be hidden in devtools output on
Windows
* CVE-2023-23600 (bmo#1787034)
Notification permissions persisted between Normal and Private
Browsing on Android
* CVE-2023-23601 (bmo#1794268)
URL being dragged from cross-origin iframe into same tab
triggers navigation
* CVE-2023-23602 (bmo#1800890)
Content Security Policy wasn't being correctly applied to
WebSockets in WebWorkers
* CVE-2023-23603 (bmo#1800832)
Calls to <code>console.log</code> allowed bypasing Content
Security Policy via format directive
* CVE-2023-23604 (bmo#1802346)
Creation of duplicate <code>SystemPrincipal</code> from less
secure contexts
* CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974)
Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
* CVE-2023-23606 (bmo#1764974, bmo#1798591, bmo#1799201,
bmo#1800446, bmo#1801248, bmo#1802100, bmo#1803393,
bmo#1804626, bmo#1804971, bmo#1807004)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1033
https://www.mozilla.org/en-US/firefox/108.0/releasenotes/
MFSA 2022-51 (bsc#1206242)
* CVE-2022-46871 (bmo#1795697)
libusrsctp library out of date
* CVE-2022-46872 (bmo#1799156)
Arbitrary file read from a compromised content process
* CVE-2022-46873 (bmo#1644790)
Firefox did not implement the CSP directive unsafe-hashes
* CVE-2022-46874 (bmo#1746139)
Drag and Dropped Filenames could have been truncated to
malicious extensions
* CVE-2022-46875 (bmo#1786188)
Download Protections were bypassed by .atloc and .ftploc
files on Mac OS
* CVE-2022-46877 (bmo#1795139)
Fullscreen notification bypass
* CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
bmo#1801102, bmo#1801315, bmo#1802395)
Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
* CVE-2022-46879 (bmo#1736224, bmo#1793407, bmo#1794249, bmo#1795845,
bmo#1797682, bmo#1797720, bmo#1798494, bmo#1799479)
Memory safety bugs fixed in Firefox 108
- requires
NSS >= 3.85
rustc/cargo 1.65
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1024
MFSA 2022-47 (bsc#1205270)
* CVE-2022-45403 (bmo#1762078)
Service Workers might have learned size of cross-origin media files
* CVE-2022-45404 (bmo#1790815)
Fullscreen notification bypass
* CVE-2022-45405 (bmo#1791314)
Use-after-free in InputStream implementation
* CVE-2022-45406 (bmo#1791975)
Use-after-free of a JavaScript Realm
* CVE-2022-45407 (bmo#1793314)
Loading fonts on workers was not thread-safe
* CVE-2022-45408 (bmo#1793829)
Fullscreen notification bypass via windowName
* CVE-2022-45409 (bmo#1796901)
Use-after-free in Garbage Collection
* CVE-2022-45410 (bmo#1658869)
ServiceWorker-intercepted requests bypassed SameSite cookie policy
* CVE-2022-45411 (bmo#1790311)
Cross-Site Tracing was possible via non-standard override headers
* CVE-2022-45412 (bmo#1791029)
Symlinks may resolve to partially uninitialized buffers
* CVE-2022-45413 (bmo#1791201)
SameSite=Strict cookies could have been sent cross-site via
intent URLs
* CVE-2022-40674 (bmo#1791598)
Use-after-free vulnerability in expat
* CVE-2022-45415 (bmo#1793551)
Downloaded file may have been saved with malicious extension
* CVE-2022-45416 (bmo#1793676)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1019
* Fix missing content on some PDF forms (bmo#1794351)
* Fix column width for the Notification sub-panel in Settings
(bmo#1793558)
* Fix a browser freeze with accessibility enabled on some sites
such as the Proxmox Web UI (bmo#1793748)
* Fix page reloading not working with Firefox View and not
refreshing synced data (bmo#1792680, bmo#1794474)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1013
* support editing of PDFs
* introduced Firefox View
* major WebRTC update
- Better screen sharing for Windows and Linux Wayland users
- RTP performance and reliability improvements
- Richer statistics
- Cross-browser and service compatibility improvements
* detailed releasenotes
https://www.mozilla.org/en-US/firefox/106.0/releasenotes
MFSA 2022-44 (bsc#1204421)
* CVE-2022-42927 (bmo#1789128)
Same-origin policy violation could have leaked cross-origin URLs
* CVE-2022-42928 (bmo#1791520)
Memory Corruption in JS Engine
* CVE-2022-42929 (bmo#1789439)
Denial of Service via window.print
* CVE-2022-42930 (bmo#1789503)
Race condition in DOM Workers
* CVE-2022-42931 (bmo#1780571)
Username saved to a plaintext file on disk
* CVE-2022-42932 (bmo#1789729, bmo#1791363, bmo#1792041)
Memory safety bugs fixed in Firefox
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1008
https://www.mozilla.org/en-US/firefox/104.0.2/releasenotes/
* Fixed a bug making it impossible to use touch or a stylus to
drag the scrollbar on pages (bmo#1787361)
* Fixed an issue causing some users to crash in out-of-memory
conditions (bmo#1774155)
* Fixed an issue that would sometimes affect video & audio playback
when loaded via a cross-origin iframe src attribute (bmo#1781759)
* Fixed an issue that would sometimes affect video & audio playback
when served with Content-Security-Policy: sandbox (bmo#1781063)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1000
* You can now disable automatic opening of the download panel
every time a new download starts
* Firefox now mitigates query parameter tracking when navigating
sites in ETP strict mode
* Improved security by moving audio decoding into a separate
process with stricter sandboxing, thus improving process isolation
* https://www.mozilla.org/en-US/firefox/102.0/releasenotes
MFSA 2022-24 (bsc#1200793)
* CVE-2022-34479 (bmo#1745595)
A popup window could be resized in a way to overlay the
address bar with web content
* CVE-2022-34470 (bmo#1765951)
Use-after-free in nsSHistory
* CVE-2022-34468 (bmo#1768537)
CSP sandbox header without `allow-scripts` can be bypassed
via retargeted javascript: URI
* CVE-2022-34482 (bmo#845880)
Drag and drop of malicious image could have led to malicious
executable and potential code execution
* CVE-2022-34483 (bmo#1335845)
Drag and drop of malicious image could have led to malicious
executable and potential code execution
* CVE-2022-34476 (bmo#1387919)
ASN.1 parser could have been tricked into accepting malformed ASN.1
* CVE-2022-34481 (bmo#1483699, bmo#1497246)
Potential integer overflow in ReplaceElementsAt
* CVE-2022-34474 (bmo#1677138)
Sandboxed iframes could redirect to external schemes
* CVE-2022-34469 (bmo#1721220)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=983
* Reading is now easier with the prefers-contrast media query,
which allows sites to detect if the user has requested that web
content is presented with a higher (or lower) contrast
* All non-configured MIME types can now be assigned a custom
action upon download completion
* allows users to use as many microphones as you want, at the
same time, during video conferencing. The most exciting benefit
is that you can easily switch your microphones at any time
(if your conferencing service provider enables this flexibility)
MFSA 2022-20 (bsc#1200027)
* CVE-2022-31736 (bmo#1735923)
Cross-Origin resource's length leaked
* CVE-2022-31737 (bmo#1743767)
Heap buffer overflow in WebGL
* CVE-2022-31738 (bmo#1756388)
Browser window spoof using fullscreen mode
* CVE-2022-31739 (bmo#1765049)
Attacker-influenced path traversal when saving downloaded files
* CVE-2022-31740 (bmo#1766806)
Register allocation problem in WASM on arm64
* CVE-2022-31741 (bmo#1767590)
Uninitialized variable leads to invalid memory read
* CVE-2022-31742 (bmo#1730434)
Querying a WebAuthn token with a large number of allowCredential
entries may have leaked cross-origin information
* CVE-2022-31743 (bmo#1747388)
HTML Parsing incorrectly ended HTML comments prematurely
* CVE-2022-31744 (bmo#1757604)
CSP bypass enabling stylesheet injection
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=979
* You can now toggle Narrate in ReaderMode with the keyboard
shortcut "n."
* You can find added support for search—with or without
diacritics—in the PDF viewer.
* The Linux sandbox has been strengthened: processes exposed to web
content no longer have access to the X Window system (X11).
* Firefox now supports credit card autofill and capture in
Germany and France.
MFSA 2022-13 (bsc#1197903)
* CVE-2022-1097 (bmo#1745667)
Use-after-free in NSSToken objects
* CVE-2022-28281 (bmo#1755621)
Out of bounds write due to unexpected WebAuthN Extensions
* CVE-2022-28282 (bmo#1751609)
Use-after-free in DocumentL10n::TranslateDocument
* CVE-2022-28283 (bmo#1754066)
Missing security checks for fetching sourceMapURL
* CVE-2022-28284 (bmo#1754522)
Script could be executed via svg's use element
* CVE-2022-28285 (bmo#1756957)
Incorrect AliasSet used in JIT Codegen
* CVE-2022-28286 (bmo#1735265)
iframe contents could be rendered outside the border
* CVE-2022-28287 (bmo#1741515)
Text Selection could crash Firefox
* CVE-2022-24713 (bmo#1758509)
Denial of Service via complex regular expressions
* CVE-2022-28289 (bmo#1663508, bmo#1744525, bmo#1753508,
bmo#1757476, bmo#1757805, bmo#1758549, bmo#1758776)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=970
Change mozilla-kde.patch to follow the GNOME registry behavior for new MIME types to avoid opening downloaded files without any inquiries (bsc#1197319)
In Firefox 98.0, improvements to the download panel have been made to just download files instead of asking the user what to do with them. Unfortunately this causes some unwanted behavior inside nsKDERegistry as its unconditional call to the function
mimeInfo->SetPreferredAction(nsIMIMEInfo::useSystemDefault);
results in the browser opening many file types after download without any inquiries.
By replacing this unconditional call with the conditional one found in nsGNOMERegistry as of 98.0, this issue can be avoided:
3b6a1dc7fb/uriloader/exthandler/unix/nsGNOMERegistry.cpp (L98)
If you have any suggestions for improvement, please let me know!
OBS-URL: https://build.opensuse.org/request/show/964625
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=967
MFSA 2022-04 (bsc#1195682)
* CVE-2022-22753 (bmo#1732435)
Privilege Escalation to SYSTEM on Windows via Maintenance Service
* CVE-2022-22754 (bmo#1750565)
Extensions could have bypassed permission confirmation during update
* CVE-2022-22755 (bmo#1309630)
XSL could have allowed JavaScript execution after a tab was closed
* CVE-2022-22756 (bmo#1317873)
Drag and dropping an image could have resulted in the dropped
object being an executable
* CVE-2022-22757 (bmo#1720098)
Remote Agent did not prevent local websites from connecting
* CVE-2022-22758 (bmo#1728742)
tel: links could have sent USSD codes to the dialer on
Firefox for Android
* CVE-2022-22759 (bmo#1739957)
Sandboxed iframes could have executed script if the parent
appended elements
* CVE-2022-22760 (bmo#1740985, bmo#1748503)
Cross-Origin responses could be distinguished between script
and non-script content-types
* CVE-2022-22761 (bmo#1745566)
frame-ancestors Content Security Policy directive was not
enforced for framed extension pages
* CVE-2022-22762 (bmo#1743931)
JavaScript Dialogs could have been displayed over other
domains on Firefox for Android
* CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545,
bmo#1748210, bmo#1748279)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=958