From a9fb0002be201a79b10e1f779f87bcd1c1f2978f Mon Sep 17 00:00:00 2001
From: Frederik Braun <fbraun@mozilla.com>
Date: Tue, 8 Jun 2021 09:48:23 +0200
Subject: [PATCH] Add FPVI&SCSB disclosure for Firefox ESR 78.9 and Firefox 87

---
 announce/2021/mfsa2021-10.yml | 10 +++++++++-
 announce/2021/mfsa2021-11.yml | 10 ++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/announce/2021/mfsa2021-10.yml b/announce/2021/mfsa2021-10.yml
index 259029c..932bb33 100644
--- a/announce/2021/mfsa2021-10.yml
+++ b/announce/2021/mfsa2021-10.yml
@@ -5,8 +5,16 @@ fixed_in:
 - Firefox 87
 title: Security Vulnerabilities fixed in Firefox 87
 description: |
-  <b>Note</b>: This advisory was updated May 3, 2021 to include CVE-2021-29951 which was also fixed in this release.
+  <b>Note</b>: This advisory was updated May 3, 2021 to include CVE-2021-29951 and again on June 8, 2021 to include CVE-2021-29955 - both were also fixed in this release.
 advisories:
+  CVE-2021-29955:
+    title: Transient Execution Vulnerability allowed leaking arbitrary memory address
+    impact: high
+    reporter: Hany Ragab, Enrico Barberis, Herbert Bos, and Cristiano Giuffrida from the VUSec group at VU Amsterdam
+    description: |
+      A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.)
+    bugs:
+      - url: 1692972
   CVE-2021-23981:
     title: Texture upload into an unbound backing buffer resulted in an out-of-bound read
     impact: high
diff --git a/announce/2021/mfsa2021-11.yml b/announce/2021/mfsa2021-11.yml
index 0743583..8fcaa35 100644
--- a/announce/2021/mfsa2021-11.yml
+++ b/announce/2021/mfsa2021-11.yml
@@ -4,7 +4,17 @@ impact: high
 fixed_in:
 - Firefox ESR 78.9
 title: Security Vulnerabilities fixed in Firefox ESR 78.9
+description: |
+  <b>Note</b>: This advisory was updated June 8, 2021 to include CVE-2021-29955 which was also fixed in this release.
 advisories:
+  CVE-2021-29955:
+    title: Transient Execution Vulnerability allowed leaking arbitrary memory address
+    impact: high
+    reporter: Hany Ragab, Enrico Barberis, Herbert Bos, and Cristiano Giuffrida from the VUSec group at VU Amsterdam
+    description: |
+      A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.)
+    bugs:
+      - url: 1692972
   CVE-2021-23981:
     title: Texture upload into an unbound backing buffer resulted in an out-of-bound read
     impact: high