does the CVE-2023-4863 apply to the android app? and if it does, was it fixed?
does the CVE-2023-4863 (Heap buffer overflow in libwebp) apply to the android app? and if it does, was it fixed?
الحل المُختار
Hi
I have had confirmation back from Mozilla staff.
This was an issue in Firefox for Android, but it was fixed on 12th September. The advisory for this can be seen at https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/
Read this answer in context 👍 0All Replies (9)
Hi
Let me check that with Mozilla staff and I will get back to you.
Okay thank you, im on version 117.1.0 btw
Also i find if weird, is the newest version actually 117.1.0? Cause in android relase notes i see that 117.0 is the newest and in general relase notes it says 117.0.1 is the newest
It doesn't contain libwebp, so it should be safe.
I see, do you know if this applies to all android browsers or just firefox?
I see, thanks for the anwser and i can sleep peacefully
الحل المُختار
Hi
I have had confirmation back from Mozilla staff.
This was an issue in Firefox for Android, but it was fixed on 12th September. The advisory for this can be seen at https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/
Paul said
but it was fixed on 12th September.
You the link you sent says it got fixed in 117.0.1, but play store says 12 september there was 117.1.0, is it correct or did something with the updated break for me?