Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.31966
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.31966
<patchinfo incident="31966"> <issue tracker="bnc" id="1217974">VUL-0: MozillaFirefox / MozillaThunderbird: update to 121 and 115.6esr</issue> <issue tracker="cve" id="2023-6864"/> <issue tracker="cve" id="2023-50762"/> <issue tracker="cve" id="2023-6859"/> <issue tracker="cve" id="2023-6860"/> <issue tracker="cve" id="2023-6862"/> <issue tracker="cve" id="2023-6856"/> <issue tracker="cve" id="2023-6861"/> <issue tracker="cve" id="2023-6857"/> <issue tracker="cve" id="2023-6858"/> <issue tracker="cve" id="2023-6863"/> <issue tracker="cve" id="2023-50761"/> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaThunderbird</summary> <description>This update for MozillaThunderbird fixes the following issues: Firefox Extended Support Release 115.6.0 ESR (bsc#1217974): * CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver (bmo#1843782). * CVE-2023-6857: Symlinks may resolve to smaller than expected buffers (bmo#1796023). * CVE-2023-6858: Heap buffer overflow in nsTextFragment (bmo#1826791). * CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer (bmo#1840144). * CVE-2023-6860: Potential sandbox escape due to VideoBridge lack of texture validation (bmo#1854669). * CVE-2023-6861: Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode (bmo#1864118). * CVE-2023-6862: Use-after-free in nsDNSService (bsc#1868042). * CVE-2023-6863: Undefined behavior in ShutdownObserver() (bmo#1868901). * CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. * CVE-2023-50762: Truncated signed text was shown with a valid OpenPGP signature (bmo#1862625). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor