Closed Bug 1822377 Opened 1 year ago Closed 1 year ago

Port bug 1784348 - improve checks while parsing MIME parameters

Categories

(Thunderbird :: Upstream Synchronization, defect)

Product:
Thunderbird
Component:
Upstream Synchronization
Version:
Thunderbird 113
Type:
defect

Tracking

(thunderbird_esr102 fixed, thunderbird112 fixed, thunderbird113 fixed)

Status:
RESOLVED FIXED
Milestone:
113 Branch
Tracking Flags:
Tracking Status
thunderbird_esr102 --- fixed
thunderbird112 --- fixed
thunderbird113 --- fixed

People

(Reporter: elijmitchell, Assigned: elijmitchell)

References

(Regression)

Details

(Keywords: regression)

Attachments

(1 file, 1 obsolete file)

bug_1822377.patch
3.22 KB, patch
rjl
: approval-comm-beta+
wsmwk
: approval-comm-esr102+
Details | Diff | Splinter Review
No description provided.

Marking this as regressed bug 1784348 since it busted us completely

Keywords: regression
Regressed by: CVE-2023-29539

Pushed by elizabeth@thunderbird.net:
https://hg.mozilla.org/comm-central/rev/d0cb7c43177e
Fix for bustage caused by bug 1784348. rs=bugstage-fix

Status: ASSIGNED → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Regressions: 1822421
status-thunderbird112: --- → unaffected
status-thunderbird_esr102: --- → unaffected
Target Milestone: --- → 113 Branch
Attachment #9323108 - Attachment is obsolete: true

FYI Bug 1784348 - Content-Disposition filename truncation leads to Reflected File Download - is about to be fixed

Attaching what landed on comm-central for this bug.

Comment on attachment 9325669 [details] [diff] [review]
bug_1822377.patch

[Triage Comment]
Upstream bug 1784348 was uplifted to Firefox 112.0b8, so this needs uplifting as well.

Attachment #9325669 - Flags: approval-comm-beta+

Comment on attachment 9325669 [details] [diff] [review]
bug_1822377.patch

[Approval Request Comment]
Regression caused by (bug #): 1784348
User impact if declined: build fails
Testing completed (on c-c, etc.): builds
Risk to taking this patch (and alternatives if risky): none

Attachment #9325669 - Flags: approval-comm-esr102?

(In reply to Kai Engert (:KaiE:) from comment #7)

Comment on attachment 9325669 [details] [diff] [review]
bug_1822377.patch

[Approval Request Comment]
Regression caused by (bug #): 1784348
User impact if declined: build fails
Testing completed (on c-c, etc.): builds
Risk to taking this patch (and alternatives if risky): none

The upstream bug is on m-e102 as c80e35e82cf9d1bda948ed459bc775c2410903de.

Comment on attachment 9325669 [details] [diff] [review]
bug_1822377.patch

[Triage Comment]
Approved for esr102

Attachment #9325669 - Flags: approval-comm-esr102? → approval-comm-esr102+

Just to confirm the patch applies and ESR102 builds and functions here!

Reminder to make sure bug 1822421 is uplifted to c-esr102 after this bug.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: