Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP2
patchinfo.23620
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.23620
<patchinfo incident="23620"> <issue tracker="bnc" id="1197903">VUL-0: MozillaFirefox: release 91.8ESR</issue> <issue tracker="cve" id="2022-24713"/> <issue tracker="cve" id="2022-1196"/> <issue tracker="cve" id="2022-28282"/> <issue tracker="cve" id="2022-1197"/> <issue tracker="cve" id="2022-1097"/> <issue tracker="cve" id="2022-28285"/> <issue tracker="cve" id="2022-28281"/> <issue tracker="cve" id="2022-28289"/> <issue tracker="cve" id="2022-28286"/> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaThunderbird</summary> <description>This update for MozillaThunderbird fixes the following issues: - Updated to version 91.8 (bsc#1197903): - CVE-2022-1097: Fixed a memory corruption issue with NSSToken objects. - CVE-2022-28281: Fixed a memory corruption issue due to unexpected WebAuthN Extensions. - CVE-2022-1197: Fixed an issue where OpenPGP revocation information was ignored. - CVE-2022-1196: Fixed a memory corruption issue after VR process destruction. - CVE-2022-28282: Fixed a memory corruption issue in document translation. - CVE-2022-28285: Fixed a memory corruption issue in JIT code generation. - CVE-2022-28286: Fixed an iframe layout issue that could have been exploited to stage spoofing attacks. - CVE-2022-24713: Fixed a potential denial of service via complex regular expressions. - CVE-2022-28289: Fixed multiple memory corruption issues. Non-security fixes: - Changed Google accounts using password authentication to use OAuth2. - Fixed an issue where OpenPGP ECC keys created by Thunderbird could not be imported into GnuPG. - Fixed an issue where exporting multiple public PGP keys from Thunderbird was not possible. - Fixed an issue where replying to a newsgroup message erroneously displayed a "No-reply" popup warning. - Fixed an issue with opening older address books. - Fixed an issue where LDAP directories would be lost when switching to "Offline" mode. - Fixed an issue when importing webcals. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor