firefox-68.4.1-1.0.1.el7.AXS7
エラータID: AXSA:2020-4427:01
リリース日:
2020/01/17 Friday - 09:27
題名:
firefox-68.4.1-1.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- タグをクリップボードからリッチテキストエディタに
ペーストする際に、CSS サニタイザが誤って @namespace ルールを
上書きしてしまい、ウェブサイトにインジェクションを行い、
データ抽出が可能な脆弱性があります。(CVE-2019-17016)
- オブジェクトタイプを処理する型がないため、型の取り違えが生じ、
その結果クラッシュを引き起こし、困難ではあるものの任意のコードの実行が可能な脆弱性があります。(CVE-2019-17017)
- タグをクリップボードからリッチテキストエディタに
ペーストする際に、CSS サニタイザが "<" と ">" の文字をエスケープしてお
らず、ウェブページが他の innerHTML へ割り当てるノードの innerHTML をコ
ピーすると、クロスサイトスクリプト (XSS) 脆弱性が生じる脆弱性がありま
す。(CVE-2019-17022)
- Firefox にはメモリ安全性のバグが存在し、これらのバグのいくつかには
メモリ破壊を行い、困難ではあるものの任意のコードを実行する可能性のある脆弱性があります。
(CVE-2019-17024)
- Firefoxには、配列の要素の設定に不正なエイリアス情報が
あるため、型の取り違えが起こる脆弱性があります。(CVE-2019-17026)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-17016
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17017
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17022
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17024
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17026
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
追加情報:
N/A
ダウンロード:
SRPMS
- firefox-68.4.1-1.0.1.el7.AXS7.src.rpm
MD5: d3de7d754a51b328bfed0d3166409d91
SHA-256: ba68b6aa74d7643705daad289529da79f96cd772f5952b1c505c224f23025d7c
Size: 510.17 MB
Asianux Server 7 for x86_64
- firefox-68.4.1-1.0.1.el7.AXS7.x86_64.rpm
MD5: 65cd90cc48b6569d788d081abbcf88ba
SHA-256: b89c9f257beb28fbc987a321516345cb411b01e3da9a5c9ce232d8c9bf700190
Size: 94.31 MB - firefox-68.4.1-1.0.1.el7.AXS7.i686.rpm
MD5: dd429fcd889a435948659ec0f5f15885
SHA-256: f9459a3fd801491d571734d10b55b4ce9ba17ed58d62616a79c6f6d102fe2264
Size: 97.14 MB
English