rpm/MozillaFirefox
SHA256
1
0
Fork 0
forked from pool/MozillaFirefox
Code Pull Requests Activity
668f506a0c
MozillaFirefox/firefox-68.0.source.tar.xz.asc
Wolfgang Rosenauer c4b62217a3 - Mozilla Firefox 68.0 
* Dark mode in reader view
  * Improved extension security and discovery
  * Cryptomining and fingerprinting protections are added to strict
    content blocking settings in Privacy & Security preferences
  * Camera and microphone access now require an HTTPS connection
  MFSA 2019-21 (bsc#1140868)
  * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
    Sandbox escape via installation of malicious languagepack
  * CVE-2019-11711 (bmo#1552541)
    Script injection within domain through inner window reuse
  * CVE-2019-11712 (bmo#1543804)
    Cross-origin POST requests can be made with NPAPI plugins by
    following 308 redirects
  * CVE-2019-11713 (bmo#1528481)
    Use-after-free with HTTP/2 cached stream
  * CVE-2019-11714 (bmo#1542593)
    NeckoChild can trigger crash when accessed off of main thread
  * CVE-2019-11729 (bmo#1515342)
    Empty or malformed p256-ECDH public keys may trigger a segmentation fault
  * CVE-2019-11715 (bmo#1555523)
    HTML parsing error can contribute to content XSS
  * CVE-2019-11716 (bmo#1552632)
    globalThis not enumerable until accessed
  * CVE-2019-11717 (bmo#1548306)
    Caret character improperly escaped in origins
  * CVE-2019-11718 (bmo#1408349)
    Activity Stream writes unsanitized content to innerHTML
  * CVE-2019-11719 (bmo#1540541)
    Out-of-bounds read when importing curve25519 private key

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748
2019-07-09 21:21:11 +00:00

17 lines
833 B
Plaintext
Raw Blame History

-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl0f/2YACgkQ8aZmj7t9
Vy4Q9Q/7BUeGl3mPqCC+RMSQyp2r1hPouNj1aIzWgjmUCNk+2soKgYXFameB7/UT
nWejptelT261tAUdRUYfttXk+KBsT4wOMEf0UrlC7GTGllfwjoxc/JWUUmXpJTa6
M9xAUIa6NJbXIGCfaRk/PRdz+TAjsLWLQsdavw5zcyMoNiYyTARO0ap1luUo/FAg
9aZ7MtBQ1z4C9B3vYuTH6qgGIA1wazstrNg4C4rgkHAXAzvYW9NMNAO53d0F9w1q
UVDw0VY7G27gOnrysTJH12Lb18AXFWPXWbF5gmxKbkpdjeGlC1q7GvLV+TAI3m7H
UL1fV3c8Y8+9TEJ0c95FvZwTcUmuNDJagt7bu/MNu7i9gyWBqucNnF3NgkmTR+EE
BG21l7lSGBh8s4vl4upoCUoQ/bpriMBw767++TA5uzvj7NZXsOwU4sY97gpiJJIa
0VwVjdHKjQTUITrHuH2hrqD0dNBL8FgFATXxVVEwDGxhiR5ZP9tduL+a/Sn2pcQd
D9v5tJ/3GSlfYJqIAiNMaq139BZBYStcibk99pct5WU5jH6conzx4QEAHM2eaFBX
f87G7PKEfvHiVhuUJF8sblbO1DSj0Qk08/bwcVjW8vTAEKcz7AIQw18FoNxlgcg+
kIW6xfR/P/sLMnwgc9ZEvVd25AYBJ1qwyBDwwAlcEbEmYoftVJo=
=9AVI
-----END PGP SIGNATURE-----
View Git Blame Copy Permalink