From a2640115c91ff22479d4f4562772484567c07052 Mon Sep 17 00:00:00 2001
From: Aminda Suomalainen <suomalainen+git@mikaela.info>
Date: Tue, 21 May 2024 06:35:32 +0300
Subject: [PATCH] firefox: attempt to mitigate CVE-2024-4367 + hardening

https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
---
 etc/firefox/policies/policies.json | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/etc/firefox/policies/policies.json b/etc/firefox/policies/policies.json
index e56c0135..fb4cc641 100644
--- a/etc/firefox/policies/policies.json
+++ b/etc/firefox/policies/policies.json
@@ -569,6 +569,12 @@
         "Type": "boolean",
         "Value": true
       },
+      "pdfjs.isEvalSupported": {
+        "Comment": "CVE-2024-4367 and hardening. I don't think pdf files should be that clever.",
+        "Status": "locked",
+        "Type": "boolean",
+        "Value": false
+      },
       "pdfjs.pageColorsBackground": {
         "Status": "default",
         "Type": "string",