forked from pool/MozillaFirefox
8739ae12dd
* https://www.mozilla.org/en-US/firefox/94.0/releasenotes MFSA 2021-48 (bsc#1192250) * CVE-2021-38503 (bmo#1729517) iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504 (bmo#1730156) Use-after-free in file picker dialog * CVE-2021-38505 (bmo#1730194) Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506 (bmo#1730750) Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507 (bmo#1730935) Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * MOZ-2021-0003 (bmo#1736886) Universal XSS in Firefox for Android via QR Code URLs * CVE-2021-38508 (bmo#1366818) Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * MOZ-2021-0004 (bmo#1659155) Web Extensions could access pre-redirect URL when their context menu was triggered by a user * CVE-2021-38509 (bmo#1718571) Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510 (bmo#1731779) Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0005 (bmo#1719203) 'Copy Image Link' context menu action could have been abused OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=942
4 lines
134 B
Plaintext
4 lines
134 B
Plaintext
version https://git-lfs.github.com/spec/v1
|
|
oid sha256:b7bb8c5fcc74a74e9d2b55d1e9415b891305fe86520fb854cec25024d7e5de67
|
|
size 379590880
|