Hi,
I checked Koji and there seems no build in process to fix this 0-Day
exploitation in firefix
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
The "News" about it is already out and exploited:
Mozilla has revealed that a critical security flaw impacting Firefox and
Firefox Extended Support Release (ESR) has come under active
exploitation in the wild.
The vulnerability, tracked as*CVE-2024-9680*, has been described as a
use-after-free bug in the Animation timeline component.
"An attacker was able to achieve code execution in the content process
by exploiting a use-after-free in Animation timelines," Mozilla said
<https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/> in a
Wednesday advisory.
*"We have had reports of this vulnerability being exploited in the wild."*
*
*
Can one assist Martin and start the build process?
I send Martin a message, in hope he read it earlier than the list / br ones.
From My POV: NoScript will negate the attack on untrusted websites. But
ADs on trusted websites will be the most used way to exploit this.
best regards,
Marius Schwarz*
*
--
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
