Jump to content

trium

Experienced Members
 View Profile  See their activity

  • Posts

    2,544

  • Joined

  • Last visited

 Content Type 

Posts posted by trium

    The Firefox/Mozilla Thread

    in Software

    Posted

    ff v68.3.0 esr

     

    03. dec. 2019

     

    Fixed

     

     

    Quote

     

    Security Vulnerabilities fixed in - Firefox ESR 68.3

    Announced
    December 3, 2019
    Impact
    high
    Products
    Firefox ESR
    Fixed in
    • Firefox ESR 68.3

    #CVE-2019-17008: Use-after-free in worker destruction

    Reporter
    Looben Yang
    Impact
    high
    Description

    When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash.

    References

    #CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code

    Reporter
    Alexandru Michis
    Impact
    high
    Description

    When setting a thread name on Windows in WebRTC, an incorrect number of arguments could have been supplied, leading to stack corruption and a potentially exploitable crash.
    Note: this issue only occurs on Windows. Other operating systems are unaffected.

    References

    #CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher

    Reporter
    Craig Disselkoen
    Impact
    high
    Description

    When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash.

    References

    #CVE-2019-17009: Updater temporary files accessible to unprivileged processes

    Reporter
    Robert Strong
    Impact
    moderate
    Description

    When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service.
    Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.

    References

    #CVE-2019-17010: Use-after-free when performing device orientation checks

    Reporter
    Nils
    Impact
    moderate
    Description

    Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash.

    References

    #CVE-2019-17005: Buffer overflow in plain text serializer

    Reporter
    Mirko Brodesser
    Impact
    moderate
    Description

    The plain text serializer used a fixed-size array for the number of

    1. elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash.

       

      References

    #CVE-2019-17011: Use-after-free when retrieving a document in antitracking

    Reporter
    Nils
    Impact
    moderate
    Description

    Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash.

    References

    #CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3

    Reporter
    Mozilla developers and community
    Impact
    high
    Description

    Mozilla developers Christoph Diehl, Nathan Froyd, Jason Kratzer, Christian Holler, Karl Tomlinson, Tyson Smith reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

    References

     

     

    The Firefox/Mozilla Thread

    in Software

    Posted

    ff v71.0

     

    03. dec. 2019

     

    New

    • Improvements to Lockwise, our integrated password manager:

      • Firefox now suggests saved logins from other subdomains of a site
      • Integrated breach alerts from Firefox Monitor are now available to users with screen readers

    • More information about Enhanced Tracking Protection in action:

      • Notifications when Firefox blocks cryptominers
      • A running tally of blocked trackers in the protection panel accessed by clicking the address bar shield

    • Picture-in-picture video comes to Firefox for Windows: Select the blue icon from the right edge of a video to pop open a floating window so you can keep watching while working in other tabs. Learn how the feature works.

    • Native MP3 decoding on Windows, Linux, and macOS

    Fixed

    Changed

    Enterprise

    • New kiosk mode functionality, which allows maximum screen space for customer-facing displays

    Developer

    • Developer Information

    • Added support for developers, including:

      • DevTools’ Network panel can now inspect WebSocket messages and automatically formats a variety of framework formats
      • Console’s new multi-line editor mode provides an IDE-like experience that makes it convenient to iterate on longer code snippets
      • The Network panel’s new resource blocking can simulate the impact of tracking protection, security, service outages, and bad connectivity for more robust testing
      • More features and improvements can be found every release in DevTools’ “What’s New” panel in en-US

    • New videos every week on the Mozilla Developer YouTube channel

    • Improvements to the website certificate viewer, with more features and more detailed information

    • Improvements to the extensions downloads API for handling download failures

    • Extension popup windows now include the extension name instead of its moz-extension:// url when using the windows.create API

    • Extension-registered devtools panels now interact better with screen readers

    unresolved

    • Some Windows users who had previously installed and uninstalled Comodo antivirus software may not be able to start Firefox. Information on how to resolve this issue is described on support.mozilla.org or in the support knowledgebase.

    How to exclude Facebook

    in CCleaner Help Requests

    Posted

    6 hours ago, tinem said:

    can't figure out how to exclude Facebook

     

    additional to the pic from nukecad you should use the option "cookies to keep" and take the ones from facebook from the right to the left side.

     

    or:

     

    you should untick the cleaning-option "cookies" for the used browser you want

    perhaps some german improvements

    in CCleaner

    Posted

    ... in this moment i see another translation-improvement

     

    the last 2 pics:

     

    in english

    software updater -> second line -> installer size

     

    in german

    software updater -> second line -> Größe des Installationsprogramms

    perhaps i mean it goes shorter

    software updater -> second line -> Installationsgröße (simply) or Größe des Updates or Größe Installer

    ublock users

    in Software

    Posted

    ublock v1.24.0

     

    gorhill released this

    Nov 18, 2019

     

    Changes:

    The badge for the cosmetic filtering switch in the popup panel has been revisited so that it will from now on be evaluated on-demand only, which occurs when hovering the mouse cursor over the cosmetic filtering switch:

    a

    Closed as fixed:

    Notable commits with no entry in issue tracker:

    perhaps some german improvements

    in CCleaner

    Posted

    Software updater

     

    --> on the right side -> the two buttons "update" and "refresh" <--- two different words and meaning/senses

     

    in german there -> "aktualisieren" and "aktualisieren"

     

     

    perhaps other translations: refresh = wiederholen/auffrischen/erneuern

    perhaps some german improvements

    in CCleaner

    Posted

    display area to small...

     

    in english:

    ccleaner -> options -> privacy -> "privacy policy"

     

    in german:

    ccleaner -> optionen -> privatsphäre -> "...ichtlinie" <--- because the display area was to small (it seems not automatically customizable)

    there are some letters and/or words missing :-)

    perhaps some german improvements

    in CCleaner

    Posted

    review junk-window:

     

    point 3

    in english -> temporary internet files -> files left behind when you visit websites

     

    in german -> Temporäre Internet Dateien -> Beim Besuch von Websites von Ihnen zurückgelassene Dateien

    perhaps a little bit better translation - proper sense: Temporäre Internet Dateien -> Zurückgelassene Dateien von besuchten Webseiten (maybe Websites)

    perhaps some german improvements

    in CCleaner

    Posted

    hi fans,

     

    i mean in ccleaner v5.63 could be some optimizations to do...

     

    Einfache Bereinigung -> instead "Neu beginnen" => "Neu starten" (its one less letter because the display area was to small (it seems not automatically customizable) -> with one less letter its ok as in the english)

     

    above in the middle of the mainwindow:

    in english -> xy Trackers and xy MB of Junk

    in german -> xy Tracker und xy MB Junk Dateien <--- Junk Dateien? 🙂 oh no!

    perhaps -> xy Tracker und xy MB Müll (short as in english!) or xy Tracker und xy MB Datenmüll

     

    in the middle of the mainwindow:

    in english -> xy Trackers + xy MB of Junk

    in german -> xy Tracker + xy MB Junk Dateien <--- Junk Dateien?

    perhaps -> xy Tracker + xy MB Müll or xy Tracker + xy MB Datenmüll

     

    below in the middle of the mainwindow:

    in english -> review trackers + review junk

    in german -> Tracker anzeigen + auf Junk überprüfen <--- why 2 different formulations/phrasings as in english is only one?

    perhaps -> Tracker anzeigen + Müll anzeigen or better Anzeige Tracker + Anzeige Müll or Vorschau Tracker + Vorschau Müll or Vorschau Tracker + Vorschau Datenmüll

     

     

     

    Defraggler versus Microsoft Optimizer

    in Defraggler Bug Reporting

    Posted

    17 hours ago, ElChabi said:

    @Andvari this  bloody issue was caused by Defraggler  - the issue of  abrupt loss of space!! And as I mentioned in a previous message I did all possible to configure DF in advanced options

     

    i mean i remember me darkly that this "thing" with fullfilled freespace could be from defraggler... normally it is ok after complete the process. have you defragmented the freespace?

     

    take a look in your hdd -> if there are some or alot of created defraggler-folders -> i dont know exactly but i mean you can delete the kind of created unusual folders by defraggler...

    uninstalled firefox still showing in CCleaner

    in CCleaner

    Posted

    if i may...

     

    23 hours ago, T Y Thomas Jr said:

    This did not work for me.  No C:\Documents and Settings\All Users\Application. I still have the issue.

     

    as someone here written - this folder is hidden

     

     

    perhaps will this give you a help...?

    On 06/09/2007 at 22:06, cotty said:

    Hey thanks for your reply, I just deleted the Mozilla folder in: C:\Documents and Settings\Username\Application Data\Mozilla\Firefox\ and firefox miraculously disappeared from CCleaner :rolleyes:

     

     

    but in the meantime i believe the folder is not as in the quote written

    instead in "appdata" -> is hidden too

     

    c:\user\your nick\appdata\local -> "mozilla"

    c:\user\your nick\appdata\locallow -> "mozilla"

    c:\user\your nick\appdata\roaming -> "mozilla"

    and

    c:\programdata -> "mozilla"

     

    perhaps if you have it installed in c:\program files (x86)

    Wie ist das möglich? Was bildet ihr euch ein?

    in CCleaner Suggestions

    Posted

    translation with google :-)

     

    Quote

     

    hello john gray,

     

    sometime in the near past in ccleaner a lot has been changed since the takeover by avast - including the update settings.

     

    it now depends on the version that you had installed. I do not know how the basic settings are with a fresh installation of ccleaner, I've always just drüberinstalliert and occasionally changed here and there, if I found something funny.

     

    -> ccleaner -> options -> updates ->

    1.) IMPORTANT UPDATES (strongly recommended) -> disable

    2.) PRODUCT UPDATES (recommended) -> here is only installed automatically with the pro-version.

    -> otherwise select "MANUALLY PERFORM THESE UDATES"

     

     

     

    ps: probably helpful -> go to the install directory where you have ccleaner installed and rename the following file

    -> "ccupdate.exe" -> z.b. in "ccupdate.exe.old"

    So, actually, no automatic updates should happen ...

     

     

    Wie ist das möglich? Was bildet ihr euch ein?

    in CCleaner Suggestions

    Posted

    hallo john grey,

     

    in ccleaner wurde irgendwann in der näheren vergangenheit so einiges umgestellt seit der übernahme durch avast - inklusive der update-einstellungen.

     

    es kommt jetzt auf die version an, welche du installiert hattest. ich weiß nicht, wie die grundeinstellungen sind bei einer neuinstallation von ccleaner, ich habe immer nur drüberinstalliert und gelegentlich hier und da umgestellt, wenn ich etwas komisch fand.

     

    -> ccleaner -> optionen -> updates ->

    1.) WICHTIGE UPDATES (dringend empfohlen) -> deaktivieren

    2.) PRODUKT-UPDATES (empfohlen) -> hier wird nur automatisch installiert mit der pro-version.

    -> ansonsten "DIESE UDATES MANUELL AUSFÜHREN" auswählen

     

     

     

    ps: wahrscheinlich hilfreich -> gehe ins installationsverzeichnis, wo du bei dir ccleaner installiert hast und benenne folgende datei um

    -> "ccupdate.exe" -> z.b. in "ccupdate.exe.old"

    somit sollten eigentlich auch keine automatischen updates passieren...

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept