Installing LibreWolf browser in antiX 21/22 64bits – Page 2

This topic has 18 replies, 5 voices, and was last updated Dec 16-8:19 am by Xunzi_23.

Viewing 4 posts - 16 through 19 (of 19 total)

← 1 2

Author

Posts
December 15, 2022 at 5:32 pm #95724
Member
andyprough
Helpful
Up
0
::

PPC wrote:

some 4 years ago ( https://www.securityweek.com/firefox-saves-screenshots-publicly-accessible-cloud-servers )…

Librewolf’s screenshot tool does not offer these cloud sharing options at all as far as I can tell. It’s strictly a local tool.
December 15, 2022 at 6:03 pm #95725
Member
PPC
Helpful
Up
0
::
We are getting a bit Off topic but, since I went trough the rabbit hole, here it goes:

Andy, I found those examples for security flaws in Firefox and browsers that share it’s code. Like I said, I can’t read the source code, and things could have been fixed since Skidoo last looked at the snapshot extension…

Just to close this matter (since I lack the technical know-how to go into details): if you want to get scared, you can take a look at some of the past security flaws, like those documented here: https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-mozilla-firefox-and-firefox-esr-could-allow-for-remote-code-execution_2022-048
2 examples that are jaw dropping:

*Script could be executed via svg’s use element (CVE-2022-28284)
*Memory safety bugs which could be exploited for arbitrary code execution fixed in Firefox 99 and Firefox ESR 91.8 (CVE-2022-28289)

So, hackers would have gained access to your computer just by you viewing images or simply from a memory bug… Yeah, the least doors I leave open, the better. 🙁

Note to self: if I ever really need the snapshot tool, I probably just reinstall Firefox/firefox-esr/LibreWolf and use it, then erase it again (so, it could have been smarter for me to just move the file away, making like easier if I ever need that feature, I just had to copy it back to the right folder)

P.
- This reply was modified 4 months, 3 weeks ago by PPC.
December 15, 2022 at 6:45 pm #95728
Member
andyprough
Helpful
Up
0
::

PPC wrote:

So, hackers would have gained access to your computer just by you viewing images or simply from a memory bug… Yeah, the least doors I leave open, the better.

Sounds good. You can never be too safe. On my system the screenshot .xpi is located in /usr/share/… instead of /usr/lib/… –

sudo rm /usr/share/librewolf/browser/features/screenshots@mozilla.org.xpi
December 16, 2022 at 8:19 am #95752
Member
Xunzi_23
Helpful
Up
0
::
LW based on FF so interesting referencing.

Pls note, not just about direct browser breaches.

Actively exploited in browsers are usually kept secret until fixed.

https://monitor.firefox.com/breaches
- This reply was modified 4 months, 3 weeks ago by Xunzi_23.
Author

Posts

Viewing 4 posts - 16 through 19 (of 19 total)

← 1 2

You must be logged in to reply to this topic.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.