#12548: firefox-69.0.1
-------------------------+-----------------------
Reporter: renodr | Owner: ken@…
Type: enhancement | Status: assigned
Priority: normal | Milestone: 9.1
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+-----------------------
Changes (by ken@…):
* owner: blfs-book => ken@…
* status: new => assigned
Comment:
Fixed external programs launching in the background when clicking a link
from inside Firefox to launch them (bug 1570845)
Usability improvements to the Add-ons Manager for users with screen
readers (bug 1567600)
Fixed the Captive Portal notification bar not being dismissable in some
situations after login is complete (bug 1578633)
Fixed the maximum size of fonts in Reader Mode when zoomed (bug 1578454)
Fixed missing stacks in the Developer Tools Performance section (bug
1578354)
Security Fix:
CVE-2019-11754: Pointer Lock is enabled with no user notification
Reporter
Johann Hofmann
Impact
moderate
Description
When the pointer lock is enabled by a website though requestPointerLock(),
no user notification is given. This could allow a malicious website to
hijack the mouse pointer and confuse users.
References
Bug 1580506
As you would expect, that bug is not currently available to normal users
and the CVE is not yet detailed. From [https://www.cybersecurity-
help.cz/vdb/SB2019091810?affChecked=1] The vulnerability allows a remote
attacker to perform spoofing attacks.
Apparently applies to all versions from 66.0.2.
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/12548#comment:1>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
