I checked Koji and there seems no build in process to fix this 0-Day exploitation in firefix
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
The "News" about it is already out and exploited:
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component.
"An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines," Mozilla said in a Wednesday advisory.
"We have had reports of this vulnerability being exploited in the wild."
Can one assist Martin and start the build process?
I send Martin a message, in hope he read it earlier than the list
/ br ones.
From My POV: NoScript will negate the attack on untrusted
websites. But ADs on trusted websites will be the most used way to
exploit this.
best regards,
Marius Schwarz
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue