Ana Guerrero
4f784305b3
- Mozilla Thunderbird 140.6.0 ESR
MFSA 2025-96 (bsc#1254551)
* CVE-2025-14321 (bmo#1992760)
Use-after-free in the WebRTC: Signaling component
* CVE-2025-14322 (bmo#1996473)
Sandbox escape due to incorrect boundary conditions in the
Graphics: CanvasWebGL component
* CVE-2025-14323 (bmo#1996555)
Privilege escalation in the DOM: Notifications component
* CVE-2025-14324 (bmo#1996840)
JIT miscompilation in the JavaScript Engine: JIT component
* CVE-2025-14325 (bmo#1998050)
JIT miscompilation in the JavaScript Engine: JIT component
* CVE-2025-14328 (bmo#1996761)
Privilege escalation in the Netmonitor component
* CVE-2025-14329 (bmo#1997018)
Privilege escalation in the Netmonitor component
* CVE-2025-14330 (bmo#1997503)
JIT miscompilation in the JavaScript Engine: JIT component
* CVE-2025-14331 (bmo#2000218)
Same-origin policy bypass in the Request Handling component
* CVE-2025-14333 (bmo#1966501, bmo#1997639)
Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird
ESR 140.6, Firefox 146 and Thunderbird 146
OBS-URL: https://build.opensuse.org/request/show/1322223
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=377