Waterfox: CVE-2019-11708 - sandbox escape using Prompt:Open

It's literally the last commit....https://github.com/MrAlex94/Waterfox/commit/aa2e4043f859225117d652f85b28ab4a6eb6838e

So to be clear, you're saying 56 require a totally different patch from 68? I wonder because the _only_ change between Firefox 67.0.3 and 67.0.4 is https://hg.mozilla.org/releases/mozilla-release/rev/ea5154beddff08b919697e3bed6f38cfe3a3d82f which looks unrelated to that commit (and AFAICT the patch I linked has not been ported to Waterfox 56 - nor is it in v68 for that matter, but for 68 just another merge from mozilla-beta would pull it in).

No you are correct, that's the right bug. I pulled in the wrong commit,
I'll pull this one:
https://hg.mozilla.org/releases/mozilla-esr60/rev/32bd10cdfd752729f878cf18b9f72634e74772ba

AFAIK the first exploit was found to be used in the wild. Unsure about the
second one, but it seems to still be high severity but not critical.

On Fri, 21 Jun 2019 at 18:18, laniakea64 notifications@github.com wrote:

So to be clear, you're saying 56 require a totally different patch from
68? I wonder because the only change between Firefox 67.0.3 and 67.0.4
is
https://hg.mozilla.org/releases/mozilla-release/rev/ea5154beddff08b919697e3bed6f38cfe3a3d82f
which looks unrelated to that commit (and AFAICT the patch I linked has not
been ported to Waterfox 56 - nor is it in v68 for that matter, but for 68
just another merge from mozilla-beta would pull it in).

—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
https://github.com/MrAlex94/Waterfox/issues/1039?email_source=notifications&email_token=ABECQWD4756LJGDIDVGNWL3P3UEPVA5CNFSM4H2S7NZKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYJBZ6A#issuecomment-504503544,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABECQWHI5OIGKDFV3SVVHWLP3UEPVANCNFSM4H2S7NZA
.

Let's reopen the issue for now?

Thanks MrAlex94 for patching this in https://github.com/MrAlex94/Waterfox/commit/887055d42092e4ea4aec1d938fc4c379b17bccee :+1:

is this already fixed in the most current installable build? according the blog https://www.waterfox.net/blog/waterfox-56.2.12-release-download/ the release fixes "mfsa2019-22" https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/ which does not list the cve number from this ticket

Yes, includes that fix as well.

On Fri, 12 Jul 2019 at 14:04, Julian notifications@github.com wrote:

is this already fixed in the most current installable build? according the
blog https://www.waterfox.net/blog/waterfox-56.2.12-release-download/ the
release fixes "mfsa2019-22"
https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/ which does
not list the cve number from this ticket

—
You are receiving this because you modified the open/close state.

Reply to this email directly, view it on GitHub
https://github.com/MrAlex94/Waterfox/issues/1039?email_source=notifications&email_token=ABECQWEE6AAJJ3GFSGQG3ZLP7B6ODA5CNFSM4H2S7NZKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODZZWH2I#issuecomment-510878697,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABECQWFPYFWJJLRMM4EK3XDP7B6ODANCNFSM4H2S7NZA
.

@MrAlex94 would be awesome if you could list all fixed cve numbers on your blog/changelog/release pages,