1942784 – (CVE-2021-4127) CVE-2021-4127 Mozilla: Angle graphics library out of date

Bug 1942784 (CVE-2021-4127) - CVE-2021-4127 Mozilla: Angle graphics library out of date

Summary: CVE-2021-4127 Mozilla: Angle graphics library out of date

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2021-4127
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1939796 1939797 1939798 1939799 1939800 1939801 1939805 1939806 1939807 1939808 1939809 1939810 1940303
Blocks:	1939794 1967629
TreeView+	depends on / blocked

Reported:	2021-03-25 00:47 UTC by Doran Moppert
Modified:	2023-01-30 09:13 UTC (History)
CC List:	5 users (show)
Fixed In Version:	firefox 78.9, thunderbird 78.9
Doc Type:	If docs needed, set a value
Doc Text:	The Mozilla Foundation Security Advisory describes this issue as: An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited.
Clone Of:
Environment:
Last Closed:	2021-05-04 04:46:44 UTC
Embargoed:

Attachments	(Terms of Use)

Description Doran Moppert 2021-03-25 00:47:21 UTC

An out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited.


External Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/#CVE-2021-4127
https://www.mozilla.org/en-US/security/advisories/mfsa2021-12/#CVE-2021-4127

Comment 1 Doran Moppert 2021-03-25 00:47:25 UTC

Acknowledgments:

Name: the Mozilla project
Upstream: Mozilla Developers, Abraruddin Khan and Omair

Comment 2 Mauro Matteo Cascella 2023-01-02 14:56:01 UTC

Mozilla upstream states that this issue was fixed in Firefox/Thunderbird version 78.9. The firefox/thunderbird packages as shipped in following Red Hat products were previously updated to a version that contains the fix via the following errata:

firefox in Red Hat Enterprise Linux 7
https://access.redhat.com/errata/RHSA-2021:0992

firefox in Red Hat Enterprise Linux 8.1 Extended Update Support
https://access.redhat.com/errata/RHSA-2021:0991

firefox in Red Hat Enterprise Linux 8.2 Extended Update Support
https://access.redhat.com/errata/RHSA-2021:0989

firefox in Red Hat Enterprise Linux 8
https://access.redhat.com/errata/RHSA-2021:0990

thunderbird in Red Hat Enterprise Linux 7
https://access.redhat.com/errata/RHSA-2021:0996

thunderbird in Red Hat Enterprise Linux 8.1 Extended Update Support
https://access.redhat.com/errata/RHSA-2021:0995

thunderbird in Red Hat Enterprise Linux 8.2 Extended Update Support
https://access.redhat.com/errata/RHSA-2021:0994

thunderbird in Red Hat Enterprise Linux 8
https://access.redhat.com/errata/RHSA-2021:0993

Note You need to log in before you can comment on or make changes to this bug.