MozillaFirefox

pool/MozillaFirefox

SHA256

Fork 1

Commit Graph

Author	SHA256	Message	Date
Wolfgang Rosenauer	20ffb64e05	- Mozilla Firefox 121.0 https://www.mozilla.org/en-US/firefox/121.0/releasenotes MFSA 2023-56 (bsc#1217974) * CVE-2023-6856 (bmo#1843782) Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver * CVE-2023-6135 (bmo#1853908) NSS susceptible to "Minerva" attack * CVE-2023-6865 (bmo#1864123) Potential exposure of uninitialized data in EncryptingOutputStream * CVE-2023-6857 (bmo#1796023) Symlinks may resolve to smaller than expected buffers * CVE-2023-6858 (bmo#1826791) Heap buffer overflow in nsTextFragment * CVE-2023-6859 (bmo#1840144) Use-after-free in PR_GetIdentitiesLayer * CVE-2023-6866 (bmo#1849037) TypedArrays lack sufficient exception handling * CVE-2023-6860 (bmo#1854669) Potential sandbox escape due to VideoBridge lack of texture validation * CVE-2023-6867 (bmo#1863863) Clickjacking permission prompts using the popup transition * CVE-2023-6861 (bmo#1864118) Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode * CVE-2023-6868 (bmo#1865488) WebPush requests on Firefox for Android did not require VAPID key * CVE-2023-6869 (bmo#1799036) Content can paint outside of sandboxed iframe OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1124	2023-12-22 09:01:08 +00:00

Author

SHA256

Message

Date

Wolfgang Rosenauer

20ffb64e05

- Mozilla Firefox 121.0

https://www.mozilla.org/en-US/firefox/121.0/releasenotes
  MFSA 2023-56 (bsc#1217974)
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6135 (bmo#1853908)
    NSS susceptible to "Minerva" attack
  * CVE-2023-6865 (bmo#1864123)
    Potential exposure of uninitialized data in EncryptingOutputStream
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6866 (bmo#1849037)
    TypedArrays lack sufficient exception handling
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6867 (bmo#1863863)
    Clickjacking permission prompts using the popup transition
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6868 (bmo#1865488)
    WebPush requests on Firefox for Android did not require VAPID key
  * CVE-2023-6869 (bmo#1799036)
    Content can paint outside of sandboxed iframe

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1124

2023-12-22 09:01:08 +00:00

1 Commits