rpm/MozillaFirefox
SHA256
1
0
Fork 0
forked from pool/MozillaFirefox
Code Pull Requests Activity
b45fd771cd
MozillaFirefox/firefox-109.0.source.tar.xz.asc
Wolfgang Rosenauer b45fd771cd - Mozilla Firefox 109.0 
MFSA 2023-01 (bsc#1207119)
  * CVE-2023-23597 (bmo#1538028)
    Logic bug in process allocation allowed to read arbitrary
    files
  * CVE-2023-23598 (bmo#1800425)
    Arbitrary file read from GTK drag and drop on Linux
  * CVE-2023-23599 (bmo#1777800)
    Malicious command could be hidden in devtools output on
    Windows
  * CVE-2023-23600 (bmo#1787034)
    Notification permissions persisted between Normal and Private
    Browsing on Android
  * CVE-2023-23601 (bmo#1794268)
    URL being dragged from cross-origin iframe into same tab
    triggers navigation
  * CVE-2023-23602 (bmo#1800890)
    Content Security Policy wasn't being correctly applied to
    WebSockets in WebWorkers
  * CVE-2023-23603 (bmo#1800832)
    Calls to <code>console.log</code> allowed bypasing Content
    Security Policy via format directive
  * CVE-2023-23604 (bmo#1802346)
    Creation of duplicate <code>SystemPrincipal</code> from less
    secure contexts
  * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974)
    Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
  * CVE-2023-23606 (bmo#1764974, bmo#1798591, bmo#1799201,
    bmo#1800446, bmo#1801248, bmo#1802100, bmo#1803393,
    bmo#1804626, bmo#1804971, bmo#1807004)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1033
2023-01-18 07:21:07 +00:00

17 lines
833 B
Plaintext
Raw Blame History

-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmPAaNoACgkQ6+QekPbx
L21jjA//S/Z+kRySaiGwWBsiUojpu2QUR5VUQQffuweLZpvhG6fjjBQ4/wdnQmvb
kyLsg3EDAw0eERxlykqUcB4Gcx/mSdn3OI8wXmk6LR729tLVWJZolRtz6xqtD43q
iJewxLSEuVN/RTkrL/6UihfMeQhHyAwbk8Cw/S3InNtCZXaw3ETwK4VBJDmKB8+L
f2pHW9XDquMJmSEhCnjHkK525HRa8SM0ahUOKdTyShZoW1iKdVxeyEi8d/UCCgta
Ted6JaQzsyQ7EJzrLZ3axAV373d5+nllY6b9tX2kL2X+04TsrfMD4vhzt6bBSdQG
iQTLrLgbbF086MqADaDYgd4IoVzfI2k5Q/ujeaq7do4Jf3fdhJuwFCKE0Zrbt2Rb
cz1csiA4zCk3mtcz/WNlHEsYDyFNg3FND6tLDm/NBw71pNxWXekbsR9qKWtMFSCz
XhU91lu5x+u5ct3YnZyS8lz0GkC8//UFwNyldDEhSmq9uqKGTIX6bHtfKfo9YE8A
848ua6IU5sf4C0hD6/BobFfFeiYwKJ9AUwOT6juO4+csI63dEy2wTfzvKWi/Du4L
ilUzim7I0ModTAROJoiPNkQQ88aADLGhYlT5r2G0E3GrvvP/hqqRWuFymtfSRLZ3
jOTAl7vZL/7hsndG1qlLLVDoagTL8JBAk8EnOCTUCmltjUDSZV0=
=mgCv
-----END PGP SIGNATURE-----
View Git Blame Copy Permalink