124

Firefox 118.1 released (www.mozilla.org)

submitted 2 years ago by [email protected] to c/[email protected]

3 comments fedilink hide all child comments

top 3 comments

sorted by: hot top new old

[-] [email protected] 15 points 2 years ago

Fix is to address a critical CVE:

Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.

permalink
fedilink
source
hideshow 2 child comments

[-] [email protected] 2 points 2 years ago

Any idea if it's the same root cause as CVE-2023-4863 (libwebp heap buffer overflow)? WEBP is a derivative of VP8, after all.

permalink
fedilink
source
hideshow 2 child comments

[-] [email protected] 4 points 2 years ago

It is apparently a new one in libvpx

permalink
fedilink
source

this post was submitted on 28 Sep 2023

124 points (99.2% liked)

Firefox

20072 readers

15 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 5 years ago

MODERATORS

[email protected]