MozillaThunderbird

rpm/MozillaThunderbird

SHA256

Fork 0

forked from pool/MozillaThunderbird

Commit Graph

Author	SHA256	Message	Date
Wolfgang Rosenauer	2f400cc863	- Mozilla Thunderbird 102.7.1 * Microsoft Office 365 accounts were unable to authenticate * https://www.thunderbird.net/en-US/thunderbird/102.7.1/releasenotes/ MFSA 2023-04 * CVE-2023-0430 (bmo#1769000) Revocation status of S/Mime signature certificates was not checked - update create-tar.sh - Mozilla Thunderbird 102.7.0 https://www.thunderbird.net/en-US/thunderbird/102.7.0/releasenotes/ MFSA 2023-03 (bsc#1207119) * CVE-2022-46871 (bmo#1795697) libusrsctp library out of date * CVE-2023-23598 (bmo#1800425) Arbitrary file read from GTK drag and drop on Linux * CVE-2023-23599 (bmo#1777800) Malicious command could be hidden in devtools output on Windows * CVE-2023-23601 (bmo#1794268) URL being dragged from cross-origin iframe into same tab triggers navigation * CVE-2023-23602 (bmo#1800890) Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers * CVE-2022-46877 (bmo#1795139) Fullscreen notification bypass * CVE-2023-23603 (bmo#1800832) Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=684	2023-02-01 07:54:38 +00:00

Author

SHA256

Message

Date

Wolfgang Rosenauer

2f400cc863

- Mozilla Thunderbird 102.7.1

* Microsoft Office 365 accounts were unable to authenticate
  * https://www.thunderbird.net/en-US/thunderbird/102.7.1/releasenotes/
  MFSA 2023-04
  * CVE-2023-0430 (bmo#1769000)
    Revocation status of S/Mime signature certificates was not checked
- update create-tar.sh

- Mozilla Thunderbird 102.7.0
  https://www.thunderbird.net/en-US/thunderbird/102.7.0/releasenotes/
  MFSA 2023-03 (bsc#1207119)
  * CVE-2022-46871 (bmo#1795697)
    libusrsctp library out of date
  * CVE-2023-23598 (bmo#1800425)
    Arbitrary file read from GTK drag and drop on Linux
  * CVE-2023-23599 (bmo#1777800)
    Malicious command could be hidden in devtools output on
    Windows
  * CVE-2023-23601 (bmo#1794268)
    URL being dragged from cross-origin iframe into same tab
    triggers navigation
  * CVE-2023-23602 (bmo#1800890)
    Content Security Policy wasn't being correctly applied to
    WebSockets in WebWorkers
  * CVE-2022-46877 (bmo#1795139)
    Fullscreen notification bypass
  * CVE-2023-23603 (bmo#1800832)
    Calls to <code>console.log</code> allowed bypasing Content
    Security Policy via format directive
  * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=684

2023-02-01 07:54:38 +00:00

1 Commits