firefox-68.4.1-1.0.1.AXS4
エラータID: AXSA:2020-4433:02
リリース日:
2020/01/22 Wednesday - 06:09
題名:
firefox-68.4.1-1.0.1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- タグをクリップボードからリッチテキストエディタに
ペーストする際に、CSS サニタイザが誤って @namespace ルールを
上書きしてしまい、ウェブサイトにインジェクションを行い、
データ抽出が可能な脆弱性があります。(CVE-2019-17016)
- オブジェクトタイプを処理する型がないため、型の取り違えが生じ、
その結果クラッシュを引き起こし、困難ではあるものの任意のコードの
実行が可能な脆弱性があります。(CVE-2019-17017)
- タグをクリップボードからリッチテキストエディタに
ペーストする際に、CSS サニタイザが "<" と ">" の文字をエスケープしてお
らず、ウェブページが他の innerHTML へ割り当てるノードの innerHTML をコ
ピーすると、クロスサイトスクリプト (XSS) 脆弱性が生じる脆弱性がありま
す。(CVE-2019-17022)
- Firefox にはメモリ安全性のバグが存在し、これらのバグのいくつかには
メモリ破壊を行い、困難ではあるものの任意のコードを実行する可能性のある脆弱性があります。
(CVE-2019-17024)
- Firefoxには、配列の要素の設定に不正なエイリアス情報が
あるため、型の取り違えが起こる脆弱性があります。(CVE-2019-17026)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-17016
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17017
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17022
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17024
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
CVE-2019-17026
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
追加情報:
N/A
ダウンロード:
SRPMS
- firefox-68.4.1-1.0.1.AXS4.src.rpm
MD5: 62fc0f727d4042368a8c56bd01688416
SHA-256: eb28b2b4517df73a782864fae5d5f1c876fae5763152a9277f31fc1569d5ef1b
Size: 510.17 MB
Asianux Server 4 for x86
- firefox-68.4.1-1.0.1.AXS4.i686.rpm
MD5: e0307940a850a240eb40e0fa3b3a3de9
SHA-256: c1258eba3d83cdeba686c9bfa205a6499d810b59dc88528d7fa30f2debbeaa24
Size: 118.26 MB
Asianux Server 4 for x86_64
- firefox-68.4.1-1.0.1.AXS4.x86_64.rpm
MD5: e34b38fdd36f28e8ed627f031fe4956e
SHA-256: 4805b1cba31dfe89eb8ea701d31496913385bb2508e0eb0b77280121e75c5428
Size: 118.36 MB - firefox-68.4.1-1.0.1.AXS4.i686.rpm
MD5: e0307940a850a240eb40e0fa3b3a3de9
SHA-256: c1258eba3d83cdeba686c9bfa205a6499d810b59dc88528d7fa30f2debbeaa24
Size: 118.26 MB
English