Revisions of firefox115
Manfred Hollstein (manfred-h)
committed
(revision 99)
https://www.mozilla.org/security/advisories/mfsa2024-06/
MFSA 2024-06 (bsc#???????)
* CVE-2024-1546 (bmo#1843752)
Out-of-bounds memory read in networking channels
* CVE-2024-1547 (bmo#1877879)
Alert dialog could have been spoofed on another site
* CVE-2024-1548 (bmo#1832627)
Fullscreen Notification could have been hidden by select
element
* CVE-2024-1549 (bmo#1833814)
Custom cursor could obscure the permission dialog
* CVE-2024-1550 (bmo#1860065)
Mouse cursor re-positioned unexpectedly could have led to
unintended permission grants
* CVE-2024-1551 (bmo#1864385)
Multipart HTTP Responses would accept the Set-Cookie header
in response parts
* CVE-2024-1552 (bmo#1874502)
Incorrect code generation on 32-bit ARM devices
* CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498,
bmo#1872296, bmo#1873521, bmo#1873577, bmo#1873597,
bmo#1873866, bmo#1874080, bmo#1874740, bmo#1875795,
bmo#1875906, bmo#1876425, bmo#1878211, bmo#1878286)
Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
and Thunderbird 115.8
Manfred Hollstein (manfred-h)
committed
(revision 98)
Manfred Hollstein (manfred-h)
committed
(revision 97)
- Mozilla Firefox ESR 115.8.0 https://www.mozilla.org/security/advisories/mfsa2024-??/ MFSA 2024-?? (bsc#???????) MFSA 2024-02 (bsc#1218955)
buildservice-autocommit
accepted
request 1141010
from
Manfred Hollstein (manfred-h)
(revision 96)
Manfred Hollstein (manfred-h)
(revision 96)
baserev update by copy to link target
Manfred Hollstein (manfred-h)
committed
(revision 95)
https://www.mozilla.org/security/advisories/mfsa2024-02/
MFSA 2024-02 (bsc#???????)
* CVE-2024-0741 (bmo#1864587)
Out of bounds write in ANGLE
* CVE-2024-0742 (bmo#1867152)
Failure to update user input timestamp
* CVE-2024-0746 (bmo#1660223)
Crash when listing printers on Linux
* CVE-2024-0747 (bmo#1764343)
Bypass of Content Security Policy when directive unsafe-
inline was set
* CVE-2024-0749 (bmo#1813463)
Phishing site popup could show local origin in address bar
* CVE-2024-0750 (bmo#1863083)
Potential permissions request bypass via clickjacking
* CVE-2024-0751 (bmo#1865689)
Privilege escalation through devtools
* CVE-2024-0753 (bmo#1870262)
HSTS policy on subdomain could bypass policy of upper domain
* CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
and Thunderbird 115.7
buildservice-autocommit
accepted
request 1140789
from
Manfred Hollstein (manfred-h)
(revision 94)
Manfred Hollstein (manfred-h)
(revision 94)
baserev update by copy to link target
Manfred Hollstein (manfred-h)
committed
(revision 93)
Manfred Hollstein (manfred-h)
committed
(revision 92)
- Mozilla Firefox ESR 115.7.0 https://www.mozilla.org/security/advisories/mfsa2024-??/ MFSA 2024-?? (bsc#???????)
buildservice-autocommit
accepted
request 1134098
from
Manfred Hollstein (manfred-h)
(revision 91)
Manfred Hollstein (manfred-h)
(revision 91)
baserev update by copy to link target
Manfred Hollstein (manfred-h)
committed
(revision 90)
* CVE-2023-6856 (bmo#1843782)
Heap-buffer-overflow affecting WebGL DrawElementsInstanced
method with Mesa VM driver
* CVE-2023-6865 (bmo#1864123)
Potential exposure of uninitialized data in
EncryptingOutputStream
* CVE-2023-6857 (bmo#1796023)
Symlinks may resolve to smaller than expected buffers
* CVE-2023-6858 (bmo#1826791)
Heap buffer overflow in nsTextFragment
* CVE-2023-6859 (bmo#1840144)
Use-after-free in PR_GetIdentitiesLayer
* CVE-2023-6860 (bmo#1854669)
Potential sandbox escape due to VideoBridge lack of texture
validation
* CVE-2023-6867 (bmo#1863863)
Clickjacking permission prompts using the popup transition
* CVE-2023-6861 (bmo#1864118)
Heap buffer overflow affected nsWindow::PickerOpen(void) in
headless mode
* CVE-2023-6862 (bmo#1868042)
Use-after-free in nsDNSService
* CVE-2023-6863 (bmo#1868901)
Undefined behavior in ShutdownObserver()
* CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328,
bmo#1856090, bmo#1858033, bmo#1858509, bmo#1862089,
bmo#1862777, bmo#1864015)
Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
and Thunderbird 115.6
buildservice-autocommit
accepted
request 1133886
from
Manfred Hollstein (manfred-h)
(revision 89)
Manfred Hollstein (manfred-h)
(revision 89)
baserev update by copy to link target
Manfred Hollstein (manfred-h)
committed
(revision 88)
Manfred Hollstein (manfred-h)
committed
(revision 87)
https://www.mozilla.org/security/advisories/mfsa2023-54/ MFSA 2023-54 (bsc#1217974)
Manfred Hollstein (manfred-h)
committed
(revision 85)
- Mozilla Firefox ESR 115.6.0 MFSA 2023-?? (boo#???????)
buildservice-autocommit
accepted
request 1127928
from
Manfred Hollstein (manfred-h)
(revision 83)
Manfred Hollstein (manfred-h)
(revision 83)
baserev update by copy to link target
Manfred Hollstein (manfred-h)
committed
(revision 82)
MFSA 2023-50 (boo#???????)
* CVE-2023-6204 (bmo#1841050)
Out-of-bound memory access in WebGL2 blitFramebuffer
* CVE-2023-6205 (bmo#1854076)
Use-after-free in MessagePort::Entangled
* CVE-2023-6206 (bmo#1857430)
Clickjacking permission prompts using the fullscreen
transition
* CVE-2023-6207 (bmo#1861344)
Use-after-free in ReadableByteStreamQueueEntry::Buffer
* CVE-2023-6208 (bmo#1855345)
Using Selection API would copy contents into X11 primary
selection.
* CVE-2023-6209 (bmo#1858570)
Incorrect parsing of relative URLs starting with "///"
* CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,
bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,
bmo#1862782)
Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
and Thunderbird 115.5
buildservice-autocommit
accepted
request 1127732
from
Manfred Hollstein (manfred-h)
(revision 81)
Manfred Hollstein (manfred-h)
(revision 81)
baserev update by copy to link target
Manfred Hollstein (manfred-h)
committed
(revision 80)
- Mozilla Firefox ESR 115.5.0 MFSA 2023-?? (boo#???????)
Displaying revisions 41 - 60 of 139
