Bug 2327069
| Summary: | CVE-2023-44270 seamonkey: Improper input validation in PostCSS [fedora-41] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Marco Benatto <mbenatto> |
| Component: | seamonkey | Assignee: | Gecko Maintainer <gecko-bugs-nobody> |
| Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 41 | CC: | dmitry, gecko-bugs-nobody |
| Target Milestone: | --- | Keywords: | Security, SecurityTracking |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | {"flaws": ["50e4275e-9f35-4fcd-a6bf-025a0d9f8466"]} | ||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2024-11-18 19:46:01 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2326998 | ||
|
Description
Marco Benatto
2024-11-18 17:48:49 UTC
It seems to me that SeaMonkey does not use PostCSS in any way (at least, for now). Probably it was included into the issue just because is was labeled as "gecko-related" (as many similar erroneous SeaMonkey bugreports have been in the past). Unfortunately, I don't have access to bug 2326998, so I can't obtain its additional info (and pass it upstream if needed). Anyway, there are only a few indirect references to PostCSS in the code, related to the context of additional external software for (actually unused and incomplete) devtools. So probably all these SM bugs should be closed "notabug". OK, now bug 2326998 is accessible. SeaMonkey does not use PostCSS in any way for now. The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days |