Request 849310: Submit MozillaThunderbird - openSUSE Build Service

This request supersedes: request 849113 (Show diff)

Overview

Request 849310 accepted

- Mozilla Thunderbird 78.5.0
MFSA 2020-52 (bsc#1178894)
* CVE-2020-26951 (bmo#1667113)
Parsing mismatches could confuse and bypass security
sanitizer for chrome privileged code
* CVE-2020-16012 (bmo#1642028)
Variable time processing of cross-origin images during
drawImage calls
* CVE-2020-26953 (bmo#1656741)
Fullscreen could be enabled without displaying the security
UI
* CVE-2020-26956 (bmo#1666300)
XSS through paste (manual and clipboard API)
* CVE-2020-26958 (bmo#1669355)
Requests intercepted through ServiceWorkers lacked MIME type
restrictions
* CVE-2020-26959 (bmo#1669466)
Use-after-free in WebRequestService
* CVE-2020-26960 (bmo#1670358)
Potential use-after-free in uses of nsTArray
* CVE-2020-15999 (bmo#1672223)
Heap buffer overflow in freetype
* CVE-2020-26961 (bmo#1672528)
DoH did not filter IPv4 mapped IP Addresses
* CVE-2020-26965 (bmo#1661617)
Software keyboards may have remembered typed passwords
* CVE-2020-26966 (bmo#1663571)
Single-word search queries were also broadcast to local
network
* CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697,

Created by wrosenauer over 3 years ago
In state accepted
Supersedes 849113

Submit MozillaThunderbird

Comments for request 849310 0

Login required, please login in order to comment

Request History

wrosenauer created request over 3 years ago

- Mozilla Thunderbird 78.5.0
MFSA 2020-52 (bsc#1178894)
* CVE-2020-26951 (bmo#1667113)
Parsing mismatches could confuse and bypass security
sanitizer for chrome privileged code
* CVE-2020-16012 (bmo#1642028)
Variable time processing of cross-origin images during
drawImage calls
* CVE-2020-26953 (bmo#1656741)
Fullscreen could be enabled without displaying the security
UI
* CVE-2020-26956 (bmo#1666300)
XSS through paste (manual and clipboard API)
* CVE-2020-26958 (bmo#1669355)
Requests intercepted through ServiceWorkers lacked MIME type
restrictions
* CVE-2020-26959 (bmo#1669466)
Use-after-free in WebRequestService
* CVE-2020-26960 (bmo#1670358)
Potential use-after-free in uses of nsTArray
* CVE-2020-15999 (bmo#1672223)
Heap buffer overflow in freetype
* CVE-2020-26961 (bmo#1672528)
DoH did not filter IPv4 mapped IP Addresses
* CVE-2020-26965 (bmo#1661617)
Software keyboards may have remembered typed passwords
* CVE-2020-26966 (bmo#1663571)
Single-word search queries were also broadcast to local
network
* CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697,

factory-auto added opensuse-review-team as a reviewer over 3 years ago

Please review sources

factory-auto accepted review over 3 years ago

Check script succeeded

licensedigger accepted review over 3 years ago

ok

namtrac accepted review over 3 years ago

RBrownSUSE set openSUSE:Factory:Staging:H as a staging project over 3 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:H"

RBrownSUSE accepted review over 3 years ago

Picked "openSUSE:Factory:Staging:H"

dimstar_suse accepted review over 3 years ago

Staging Project openSUSE:Factory:Staging:H got accepted.

dimstar_suse approved review over 3 years ago

Staging Project openSUSE:Factory:Staging:H got accepted.

dimstar_suse accepted request over 3 years ago

Staging Project openSUSE:Factory:Staging:H got accepted.

openSUSE Build Service is sponsored by