firefox: attempt to mitigate CVE-2024-4367 + hardening

https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
This commit is contained in:
Aminda Suomalainen 2024-05-21 06:35:32 +03:00
parent ae471c224b
commit a2640115c9
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q

View File

@ -569,6 +569,12 @@
"Type": "boolean", "Type": "boolean",
"Value": true "Value": true
}, },
"pdfjs.isEvalSupported": {
"Comment": "CVE-2024-4367 and hardening. I don't think pdf files should be that clever.",
"Status": "locked",
"Type": "boolean",
"Value": false
},
"pdfjs.pageColorsBackground": { "pdfjs.pageColorsBackground": {
"Status": "default", "Status": "default",
"Type": "string", "Type": "string",