Manfred Hollstein (manfred-h) committed 2 months ago (revision 118)

- Mozilla Firefox ESR 115.9.1
  https://www.mozilla.org/security/advisories/mfsa2024-??/
  MFSA 2024-?? (boo#???????)

• Files Changed
• Browse Source

buildservice-autocommit accepted request 1159853 from Manfred Hollstein (manfred-h) 2 months ago (revision 117)

baserev update by copy to link target

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 116)

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 115)

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 114)

- LLVM18 breaks building Firefox ESR on Tumbleweed; add
  * mozilla-fix-issues-with-llvm18.patch

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 113)

- LLVM18 breaks building Firefox ESR on Tumbleweed; ensure we
  BuildRequire: enough packages from llvm17/clang17 to avoid
  pulling in libclang18, even indirectly!

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 112)

- LLVM18 breaks building Firefox ESR on Tumbleweed; add
  * mozilla-fix-issues-with-llvm18.patch

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 111)

  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-2605 (bmo#1872920)
    Windows Error Reporter could be used as a Sandbox escape
    vector
  * CVE-2024-2607 (bmo#1879939)
    JIT code failed to save return registers on Armv7-A
  * CVE-2024-2608 (bmo#1880692)
    Integer overflow could have led to out of bounds write
  * CVE-2024-2616 (bmo#1846197)
    Improve handling of out-of-memory conditions in ICU
  * CVE-2023-5388 (bmo#1780432)
    NSS susceptible to timing attack against RSA decryption
  * CVE-2024-2610 (bmo#1871112)
    Improper handling of html and body tags enabled CSP nonce
    leakage
  * CVE-2024-2611 (bmo#1876675)
    Clickjacking vulnerability could have led to a user
    accidentally granting permissions
  * CVE-2024-2612 (bmo#1879444)
    Self referencing object could have potentially led to a use-
    after-free
  * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405,
    bmo#1881093)
    Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
    and Thunderbird 115.9

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 110)

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 109)

- LLVM18 breaks building Firefox ESR on Tumbleweed; ensure we
  BuildRequire: enough packages from llvm17/clang17 to avoid
  pulling in libclang18, even indirectly!

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 108)

  https://www.mozilla.org/security/advisories/mfsa2024-13/
  MFSA 2024-13 (boo#???????)

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 107)

- LLVM18 breaks building Firefox ESR on Tumbleweed; ensure we use
  only LLVM17 based packages including clang-tools.

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 106)

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 105)

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 2 months ago (revision 104)

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 3 months ago (revision 103)

build2

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 3 months ago (revision 102)

- Mozilla Firefox ESR 115.9.0
  https://www.mozilla.org/security/advisories/mfsa2024-??/
  MFSA 2024-?? (boo#???????)

• Files Changed
• Browse Source

buildservice-autocommit accepted request 1148310 from Manfred Hollstein (manfred-h) 3 months ago (revision 101)

baserev update by copy to link target

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 3 months ago (revision 100)

  MFSA 2024-06 (boo#1220048)

• Files Changed
• Browse Source

Manfred Hollstein (manfred-h) committed 3 months ago (revision 99)

  https://www.mozilla.org/security/advisories/mfsa2024-06/
  MFSA 2024-06 (bsc#???????)
  * CVE-2024-1546 (bmo#1843752)
    Out-of-bounds memory read in networking channels
  * CVE-2024-1547 (bmo#1877879)
    Alert dialog could have been spoofed on another site
  * CVE-2024-1548 (bmo#1832627)
    Fullscreen Notification could have been hidden by select
    element
  * CVE-2024-1549 (bmo#1833814)
    Custom cursor could obscure the permission dialog
  * CVE-2024-1550 (bmo#1860065)
    Mouse cursor re-positioned unexpectedly could have led to
    unintended permission grants
  * CVE-2024-1551 (bmo#1864385)
    Multipart HTTP Responses would accept the Set-Cookie header
    in response parts
  * CVE-2024-1552 (bmo#1874502)
    Incorrect code generation on 32-bit ARM devices
  * CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498,
    bmo#1872296, bmo#1873521, bmo#1873577, bmo#1873597,
    bmo#1873866, bmo#1874080, bmo#1874740, bmo#1875795,
    bmo#1875906, bmo#1876425, bmo#1878211, bmo#1878286)
    Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
    and Thunderbird 115.8

• Files Changed
• Browse Source