Request 945701: Submit MozillaThunderbird - openSUSE Build Service

Overview

Request 945701 accepted

- Mozilla Thunderbird 91.5.0
https://www.thunderbird.net/en-US/thunderbird/91.5.0/releasenotes
MFSA 2022-03 (bsc#1194547)
* CVE-2022-22746 (bmo#1735071)
Calling into reportValidity could have lead to fullscreen
window spoof
* CVE-2022-22743 (bmo#1739220)
Browser window spoof using fullscreen mode
* CVE-2022-22742 (bmo#1739923)
Out-of-bounds memory access when inserting text in edit mode
* CVE-2022-22741 (bmo#1740389)
Browser window spoof using fullscreen mode
* CVE-2022-22740 (bmo#1742334)
Use-after-free of ChannelEventQueue::mOwner
* CVE-2022-22738 (bmo#1742382)
Heap-buffer-overflow in blendGaussianBlur
* CVE-2022-22737 (bmo#1745874)
Race condition when playing audio files
* CVE-2021-4140 (bmo#1746720)
Iframe sandbox bypass with XSLT
* CVE-2022-22748 (bmo#1705211)
Spoofed origin on external protocol launch dialog
* CVE-2022-22745 (bmo#1735856)
Leaking cross-origin URLs through securitypolicyviolation event
* CVE-2022-22744 (bmo#1737252)
The 'Copy as curl' feature in DevTools did not fully escape
website-controlled data, potentially leading to command injection
* CVE-2022-22747 (bmo#1735028)
Crash when handling empty pkcs7 sequence
* CVE-2022-22739 (bmo#1744158)

Created by wrosenauer over 2 years ago
In state accepted

Submit MozillaThunderbird

Comments for request 945701 0

Login required, please login in order to comment

Request History

wrosenauer created request over 2 years ago

- Mozilla Thunderbird 91.5.0
https://www.thunderbird.net/en-US/thunderbird/91.5.0/releasenotes
MFSA 2022-03 (bsc#1194547)
* CVE-2022-22746 (bmo#1735071)
Calling into reportValidity could have lead to fullscreen
window spoof
* CVE-2022-22743 (bmo#1739220)
Browser window spoof using fullscreen mode
* CVE-2022-22742 (bmo#1739923)
Out-of-bounds memory access when inserting text in edit mode
* CVE-2022-22741 (bmo#1740389)
Browser window spoof using fullscreen mode
* CVE-2022-22740 (bmo#1742334)
Use-after-free of ChannelEventQueue::mOwner
* CVE-2022-22738 (bmo#1742382)
Heap-buffer-overflow in blendGaussianBlur
* CVE-2022-22737 (bmo#1745874)
Race condition when playing audio files
* CVE-2021-4140 (bmo#1746720)
Iframe sandbox bypass with XSLT
* CVE-2022-22748 (bmo#1705211)
Spoofed origin on external protocol launch dialog
* CVE-2022-22745 (bmo#1735856)
Leaking cross-origin URLs through securitypolicyviolation event
* CVE-2022-22744 (bmo#1737252)
The 'Copy as curl' feature in DevTools did not fully escape
website-controlled data, potentially leading to command injection
* CVE-2022-22747 (bmo#1735028)
Crash when handling empty pkcs7 sequence
* CVE-2022-22739 (bmo#1744158)

factory-auto added opensuse-review-team as a reviewer over 2 years ago

Please review sources

factory-auto accepted review over 2 years ago

Check script succeeded

dimstar_suse set openSUSE:Factory:Staging:G as a staging project over 2 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:G"

dimstar_suse accepted review over 2 years ago

Picked "openSUSE:Factory:Staging:G"

dimstar accepted review over 2 years ago

licensedigger accepted review over 2 years ago

ok

dimstar_suse accepted review over 2 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

dimstar_suse approved review over 2 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

dimstar_suse accepted request over 2 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

openSUSE Build Service is sponsored by