pool/MozillaThunderbird
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFSA 2022-42 (bsc#1203477)

Browse Source 
* CVE-2022-40959 (bmo#1782211)
    Bypassing FeaturePolicy restrictions on transient pages
  * CVE-2022-40960 (bmo#1787633)
    Data-race when parsing non-UTF-8 URLs in threads
  * CVE-2022-40958 (bmo#1779993)
    Bypassing Secure Context restriction for cookies with __Host
    and __Secure prefix
  * CVE-2022-40956 (bmo#1770094)
    Content-Security-Policy base-uri bypass
  * CVE-2022-40957 (bmo#1777604)
    Incoherent instruction cache when building WASM on ARM64
  * CVE-2022-3155 (bmo#1789061)
    Attachment files saved to disk on macOS could be executed
    without warning
  * CVE-2022-40962 (bmo#1767360, bmo#1776655, bmo#1777574, bmo#1784835,
    bmo#1785109, bmo#1786502, bmo#1789440)
    Memory safety bugs fixed in Thunderbird 102.3

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=658
This commit is contained in:
Wolfgang Rosenauer 2022-09-21 21:04:50 +00:00 committed by Git OBS Bridge
parent b9d27af2da
commit 70aadd9160
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
MozillaThunderbird.changes
View File

@ -37,7 +37,24 @@ Fri Sep 16 08:17:49 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
bmo#1788725, bmo#1790324)
* unresolved: No dedicated "Department" field in address book
(bmo#1777780)
MFSA 2022- (bsc#1203477)
MFSA 2022-42 (bsc#1203477)
* CVE-2022-40959 (bmo#1782211)
Bypassing FeaturePolicy restrictions on transient pages
* CVE-2022-40960 (bmo#1787633)
Data-race when parsing non-UTF-8 URLs in threads
* CVE-2022-40958 (bmo#1779993)
Bypassing Secure Context restriction for cookies with __Host
and __Secure prefix
* CVE-2022-40956 (bmo#1770094)
Content-Security-Policy base-uri bypass
* CVE-2022-40957 (bmo#1777604)
Incoherent instruction cache when building WASM on ARM64
* CVE-2022-3155 (bmo#1789061)
Attachment files saved to disk on macOS could be executed
without warning
* CVE-2022-40962 (bmo#1767360, bmo#1776655, bmo#1777574, bmo#1784835,
bmo#1785109, bmo#1786502, bmo#1789440)
Memory safety bugs fixed in Thunderbird 102.3
-------------------------------------------------------------------
Thu Sep 8 06:31:58 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>