MozillaThunderbird/thunderbird-91.5.0.source.tar.xz at 84d0abbef4dd8b6ebf97e0fd26dfa5a5828c3b0f5809b26a4d7673cfabccdcbe - MozillaThunderbird - openSUSE Gitea

rpm/MozillaThunderbird

SHA256

forked from pool/MozillaThunderbird

Files

Wolfgang Rosenauer ed5ea29202 - Mozilla Thunderbird 91.5.0

https://www.thunderbird.net/en-US/thunderbird/91.5.0/releasenotes
  MFSA 2022-03 (bsc#1194547)
  * CVE-2022-22746 (bmo#1735071)
    Calling into reportValidity could have lead to fullscreen
    window spoof
  * CVE-2022-22743 (bmo#1739220)
    Browser window spoof using fullscreen mode
  * CVE-2022-22742 (bmo#1739923)
    Out-of-bounds memory access when inserting text in edit mode
  * CVE-2022-22741 (bmo#1740389)
    Browser window spoof using fullscreen mode
  * CVE-2022-22740 (bmo#1742334)
    Use-after-free of ChannelEventQueue::mOwner
  * CVE-2022-22738 (bmo#1742382)
    Heap-buffer-overflow in blendGaussianBlur
  * CVE-2022-22737 (bmo#1745874)
    Race condition when playing audio files
  * CVE-2021-4140 (bmo#1746720)
    Iframe sandbox bypass with XSLT
  * CVE-2022-22748 (bmo#1705211)
    Spoofed origin on external protocol launch dialog
  * CVE-2022-22745 (bmo#1735856)
    Leaking cross-origin URLs through securitypolicyviolation event
  * CVE-2022-22744 (bmo#1737252)
    The 'Copy as curl' feature in DevTools did not fully escape
    website-controlled data, potentially leading to command injection
  * CVE-2022-22747 (bmo#1735028)
    Crash when handling empty pkcs7 sequence
  * CVE-2022-22739 (bmo#1744158)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=620

2022-01-11 22:11:21 +00:00

4 lines

134 B

Plaintext

Raw Blame History

	`version https://git-lfs.github.com/spec/v1`
	`oid sha256:b89a8e1b57d5be828a7346e817120d7c763a258a2397a23393b7ceb3ce810ab2`
	`size 405937856`