firefox-68.4.1-1.0.1.AXS4

エラータID: AXSA:2020-4433:02

Release date: 
Wednesday, January 22, 2020 - 06:09
Subject: 
firefox-68.4.1-1.0.1.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 68.4.1 ESR.

Security Fix(es):

* Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026)

* Mozilla: Bypass of @namespace CSS sanitization during pasting (CVE-2019-17016)

* Mozilla: Type Confusion in XPCVariant.cpp (CVE-2019-17017)

* Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 (CVE-2019-17024)

* Mozilla: CSS sanitization does not escape HTML tags (CVE-2019-17022)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2019-17016
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17017
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17022
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17024
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17026
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Solution: 

Update packages.

CVEs: 
CVE-2019-17016
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17017
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17022
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17024
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17026
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Additional Info: 

N/A

Download: 

SRPMS
  1. firefox-68.4.1-1.0.1.AXS4.src.rpm
    MD5: 62fc0f727d4042368a8c56bd01688416
    SHA-256: eb28b2b4517df73a782864fae5d5f1c876fae5763152a9277f31fc1569d5ef1b
    Size: 510.17 MB

Asianux Server 4 for x86
  1. firefox-68.4.1-1.0.1.AXS4.i686.rpm
    MD5: e0307940a850a240eb40e0fa3b3a3de9
    SHA-256: c1258eba3d83cdeba686c9bfa205a6499d810b59dc88528d7fa30f2debbeaa24
    Size: 118.26 MB

Asianux Server 4 for x86_64
  1. firefox-68.4.1-1.0.1.AXS4.x86_64.rpm
    MD5: e34b38fdd36f28e8ed627f031fe4956e
    SHA-256: 4805b1cba31dfe89eb8ea701d31496913385bb2508e0eb0b77280121e75c5428
    Size: 118.36 MB
  2. firefox-68.4.1-1.0.1.AXS4.i686.rpm
    MD5: e0307940a850a240eb40e0fa3b3a3de9
    SHA-256: c1258eba3d83cdeba686c9bfa205a6499d810b59dc88528d7fa30f2debbeaa24
    Size: 118.26 MB