חיפוש בתמיכה

יש להימנע מהונאות תמיכה. לעולם לא נבקש ממך להתקשר או לשלוח הודעת טקסט למספר טלפון או לשתף מידע אישי. נא לדווח על כל פעילות חשודה באמצעות באפשרות ״דיווח על שימוש לרעה״.

מידע נוסף

does the CVE-2023-4863 apply to the android app? and if it does, was it fixed?

  • 9 תגובות
  • 0 have this problem
  • 15 views
  • תגובה אחרונה מאת faj

more options

does the CVE-2023-4863 (Heap buffer overflow in libwebp) apply to the android app? and if it does, was it fixed?

does the CVE-2023-4863 (Heap buffer overflow in libwebp) apply to the android app? and if it does, was it fixed?

פתרון נבחר

Hi

I have had confirmation back from Mozilla staff.

This was an issue in Firefox for Android, but it was fixed on 12th September. The advisory for this can be seen at https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/

Read this answer in context 👍 0

כל התגובות (9)

more options

Hi

Let me check that with Mozilla staff and I will get back to you.

more options

Okay thank you, im on version 117.1.0 btw

more options

Also i find if weird, is the newest version actually 117.1.0? Cause in android relase notes i see that 117.0 is the newest and in general relase notes it says 117.0.1 is the newest

more options

It doesn't contain libwebp, so it should be safe.

more options

I see, do you know if this applies to all android browsers or just firefox?

more options

faj said

I see, do you know if this applies to all android browsers or just firefox?

I don't know.

more options

I see, thanks for the anwser and i can sleep peacefully

more options

פתרון נבחר

Hi

I have had confirmation back from Mozilla staff.

This was an issue in Firefox for Android, but it was fixed on 12th September. The advisory for this can be seen at https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/

more options

Paul said

but it was fixed on 12th September.

You the link you sent says it got fixed in 117.0.1, but play store says 12 september there was 117.1.0, is it correct or did something with the updated break for me?