Thanks for the report. From the advisory, this particular issue only
affected Firefox on Windows, so this should be a non-issue on Ubuntu:
"Note: This issue only affected Windows operating systems. Other
operating systems are unaffected."
** Information type changed from Private Security to Public Security
** Summary changed:
- Mozilla Firefox / Firefox ESR Buffer Overflow Vulnerability
+ Mozilla Firefox / Firefox ESR Buffer Overflow Vulnerability [MFSA2021-06]
** Changed in: firefox (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1915129
Title:
Mozilla Firefox / Firefox ESR Buffer Overflow Vulnerability
[MFSA2021-06]
Status in firefox package in Ubuntu:
Invalid
Bug description:
Description
A vulnerability has been reported in Mozilla Firefox and Mozilla
Firefox ESR, which can be exploited by malicious people to compromise
a vulnerable system.
An error within the Angle graphics library can be exploited to cause a
buffer overflow and subsequently execute arbitrary code.
The vulnerability is reported in Mozilla Firefox versions prior to
85.0.1 and in Mozilla Firefox ESR versions prior to 78.7.1.
Affected Software
The following software is affected by the described vulnerability.
Please check the vendor links below to see if exactly your version is
affected.
Mozilla Firefox 78.x
Mozilla Firefox 85.x
Solution
Update to a fixed version.
Mozilla Firefox:
Update to version 85.0.1.
Mozilla Firefox ESR:
Update to version 78.7.1.
References
1. https://www.mozilla.org/en-US/security/advisories/mfsa2021-06
<https://www.mozilla.org/en-US/security/advisories/mfsa2021-06>
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1915129/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
