103 lines
4.3 KiB
Plaintext
103 lines
4.3 KiB
Plaintext
-------------------------------------------------------------------
|
|
Mon Nov 4 10:37:43 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 128.4.0:
|
|
+ CVE-2024-10458: Permission leak via embed or object elements
|
|
+ CVE-2024-10459: Use-after-free in layout with accessibility
|
|
+ CVE-2024-10460: Confusing display of origin for external
|
|
protocol handler prompt
|
|
+ CVE-2024-10461: XSS due to Content-Disposition being ignored in
|
|
multipart/x-mixed-replace response
|
|
+ CVE-2024-10462: Origin of permission prompt could be spoofed by
|
|
long URL
|
|
+ CVE-2024-10463: Cross origin video frame leak
|
|
+ CVE-2024-10464: History interface could have been used to cause
|
|
a Denial of Service condition in the browser
|
|
+ CVE-2024-10465: Clipboard "paste" button persisted across tabs
|
|
+ CVE-2024-10466: DOM push subscription message could hang
|
|
Firefox
|
|
+ CVE-2024-10467: Memory safety bugs fixed in Firefox 132,
|
|
Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 10 16:26:33 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 128.3.1:
|
|
* CVE-2024-9680: Use-after-free in Animation timeline
|
|
- Changes from version 128.3.0:
|
|
* CVE-2024-9392: Compromised content process can bypass site
|
|
isolation
|
|
* CVE-2024-9393: Cross-origin access to PDF contents through
|
|
multipart responses
|
|
* CVE-2024-9394: Cross-origin access to JSON contents through
|
|
multipart responses
|
|
* CVE-2024-8900: Clipboard write permission bypass
|
|
* CVE-2024-9396: Potential memory corruption may occur when
|
|
cloning certain objects
|
|
* CVE-2024-9397: Potential directory upload bypass via
|
|
clickjacking
|
|
* CVE-2024-9398: External protocol handlers could be enumerated
|
|
via popups
|
|
* CVE-2024-9399: Specially crafted WebTransport requests could
|
|
lead to denial of service
|
|
* CVE-2024-9400: Potential memory corruption during JIT
|
|
compilation
|
|
* CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox
|
|
ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird
|
|
128.3
|
|
* CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox
|
|
ESR 128.3, Thunderbird 131, and Thunderbird 128.3
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 30 17:35:18 UTC 2024 - Cliff Zhao <qzhao@suse.com>
|
|
|
|
- Add mozjs128-CVE-2024-45492.patch:
|
|
Backporting 9bf0f2c1 from libexpat upstream, Detect integer
|
|
overflow in function nextScaffoldPart.
|
|
(CVE-2024-45492, bsc#1230038)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 30 17:25:22 UTC 2024 - Cliff Zhao <qzhao@suse.com>
|
|
|
|
- Add mozjs128-CVE-2024-45491.patch:
|
|
Backporting 8e439a99 from libexpat upstream, Detect integer
|
|
overflow in dtdCopy.
|
|
(CVE-2024-45491, bsc#1230037)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 30 17:15:45 UTC 2024 - Cliff Zhao <qzhao@suse.com>
|
|
|
|
- Add mozjs128-CVE-2024-45490-part01-5c1a3164.patch:
|
|
Backporting 5c1a3164 from libexpat upstream, Reject negative len
|
|
for XML_ParseBuffer.
|
|
CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat
|
|
sources; c12f039b for libexpat tests; 2db23301 for libexpat docs;
|
|
Because mozjs only embeds libexpat sources, so unnecessary to
|
|
port prart02 and part03.
|
|
(CVE-2024-45490, bsc#1230036)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 25 14:02:27 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Update to version 128.2.0:
|
|
+ CVE-2024-8385: WASM type confusion involving ArrayTypes
|
|
+ CVE-2024-8381: Type confusion when looking up a property name
|
|
in a "with" block
|
|
+ CVE-2024-8382: Internal event interfaces were exposed to web
|
|
content when browser EventHandler listener callbacks ran
|
|
+ CVE-2024-8383: Firefox did not ask before openings news: links
|
|
in an external application
|
|
+ CVE-2024-8384: Garbage collection could mis-color
|
|
cross-compartment objects in OOM conditions
|
|
+ CVE-2024-8386: SelectElements could be shown over another site
|
|
if popups are allowed
|
|
+ CVE-2024-8387: Memory safety bugs fixed in Firefox 130,
|
|
Firefox ESR 128.2, and Thunderbird 128.2
|
|
- Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed
|
|
upstream.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 30 07:07:05 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
|
|
|
|
- Initial build for openSUSE.
|