Request 1134147: Submit MozillaThunderbird - openSUSE Build Service

Overview

Request 1134147 accepted

- Mozilla Thunderbird 115.6.0
https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/
* Message selection misbehaved after selecting a sub-message in an
expanded thread, collapsing the thread, then pressing up/down to
move selection
* Thunderbird now attempts to reconnect on a new connection after
SMTP 4xx errors
* HTML FileLink attachments used the wrong encoding
MFSA 2023-55 (bsc#1217230)
* CVE-2023-50762 (bmo#1862625)
Truncated signed text was shown with a valid OpenPGP
signature
* CVE-2023-50761 (bmo#1865647)
S/MIME signature accepted despite mismatching message date
* CVE-2023-6856 (bmo#1843782)
Heap-buffer-overflow affecting WebGL DrawElementsInstanced
method with Mesa VM driver
* CVE-2023-6857 (bmo#1796023)
Symlinks may resolve to smaller than expected buffers
* CVE-2023-6858 (bmo#1826791)
Heap buffer overflow in nsTextFragment
* CVE-2023-6859 (bmo#1840144)
Use-after-free in PR_GetIdentitiesLayer
* CVE-2023-6860 (bmo#1854669)
Potential sandbox escape due to VideoBridge lack of texture
validation
* CVE-2023-6861 (bmo#1864118)
Heap buffer overflow affected nsWindow::PickerOpen(void) in
headless mode
* CVE-2023-6862 (bmo#1868042)

Created by wrosenauer 5 months ago
In state accepted

Submit MozillaThunderbird

Comments for request 1134147 0

Login required, please login in order to comment

Request History

wrosenauer created request 5 months ago

- Mozilla Thunderbird 115.6.0
https://www.thunderbird.net/en-US/thunderbird/115.6.0/releasenotes/
* Message selection misbehaved after selecting a sub-message in an
expanded thread, collapsing the thread, then pressing up/down to
move selection
* Thunderbird now attempts to reconnect on a new connection after
SMTP 4xx errors
* HTML FileLink attachments used the wrong encoding
MFSA 2023-55 (bsc#1217230)
* CVE-2023-50762 (bmo#1862625)
Truncated signed text was shown with a valid OpenPGP
signature
* CVE-2023-50761 (bmo#1865647)
S/MIME signature accepted despite mismatching message date
* CVE-2023-6856 (bmo#1843782)
Heap-buffer-overflow affecting WebGL DrawElementsInstanced
method with Mesa VM driver
* CVE-2023-6857 (bmo#1796023)
Symlinks may resolve to smaller than expected buffers
* CVE-2023-6858 (bmo#1826791)
Heap buffer overflow in nsTextFragment
* CVE-2023-6859 (bmo#1840144)
Use-after-free in PR_GetIdentitiesLayer
* CVE-2023-6860 (bmo#1854669)
Potential sandbox escape due to VideoBridge lack of texture
validation
* CVE-2023-6861 (bmo#1864118)
Heap buffer overflow affected nsWindow::PickerOpen(void) in
headless mode
* CVE-2023-6862 (bmo#1868042)

factory-auto added opensuse-review-team as a reviewer 5 months ago

Please review sources

factory-auto accepted review 5 months ago

Check script succeeded

anag+factory added openSUSE:Factory:Staging:adi:15 as a reviewer 5 months ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:15"

anag+factory accepted review 5 months ago

Picked "openSUSE:Factory:Staging:adi:15"

licensedigger accepted review 5 months ago

ok

dimstar accepted review 5 months ago

anag+factory accepted review 5 months ago

Staging Project openSUSE:Factory:Staging:adi:15 got accepted.

anag+factory approved review 5 months ago

Staging Project openSUSE:Factory:Staging:adi:15 got accepted.

anag+factory accepted request 5 months ago

Staging Project openSUSE:Factory:Staging:adi:15 got accepted.

openSUSE Build Service is sponsored by