- Firefox Extended Support Release 115.12.0 ESR
  * Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.12.0
  https://www.mozilla.org/security/advisories/mfsa2024-26
  MFSA 2024-26 (boo#1226027)
  * CVE-2024-5702 (bmo#1193389)
    Use-after-free in networking
  * CVE-2024-5688 (bmo#1895086)
    Use-after-free in JavaScript object transplant
  * CVE-2024-5690 (bmo#1883693)
    External protocol handlers leaked by timing attack
  * CVE-2024-5691 (bmo#1888695)
    Sandboxed iframes were able to bypass sandbox restrictions to
    open a new window
  * CVE-2024-5692 (bmo#1891234)
    Bypass of file name restrictions during saving
  * CVE-2024-5693 (bmo#1891319)
    Cross-Origin Image leak via Offscreen Canvas
  * CVE-2024-5696 (bmo#1896555)
    Memory Corruption in Text Fragments
  * CVE-2024-5700 (bmo#1862809, bmo#1889355, bmo#1893388,
    bmo#1895123)
    Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12,
    and Thunderbird 115.12

• Files Changed
• Browse Source

- Firefox Extended Support Release 115.12.0 ESR
  * Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.12.0
  https://www.mozilla.org/security/advisories/mfsa2024-26
  MFSA 2024-26 (boo#???????)
  * CVE-2024-5702 (bmo#1193389)
    Use-after-free in networking
  * CVE-2024-5688 (bmo#1895086)
    Use-after-free in JavaScript object transplant
  * CVE-2024-5690 (bmo#1883693)
    External protocol handlers leaked by timing attack
  * CVE-2024-5691 (bmo#1888695)
    Sandboxed iframes were able to bypass sandbox restrictions to
    open a new window
  * CVE-2024-5692 (bmo#1891234)
    Bypass of file name restrictions during saving
  * CVE-2024-5693 (bmo#1891319)
    Cross-Origin Image leak via Offscreen Canvas
  * CVE-2024-5696 (bmo#1896555)
    Memory Corruption in Text Fragments
  * CVE-2024-5700 (bmo#1862809, bmo#1889355, bmo#1893388,
    bmo#1895123)
    Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12,
    and Thunderbird 115.12

• Files Changed
• Browse Source

  * CVE-2024-4367 (bmo#1893645)
    Arbitrary JavaScript execution in PDF.js
  * CVE-2024-4767 (bmo#1878577)
    IndexedDB files retained in private browsing mode
  * CVE-2024-4768 (bmo#1886082)
    Potential permissions request bypass via clickjacking
  * CVE-2024-4769 (bmo#1886108)
    Cross-origin responses could be distinguished between script
    and non-script content-types
  * CVE-2024-4770 (bmo#1893270)
    Use-after-free could occur when printing to PDF
  * CVE-2024-4777 (bmo#1878199, bmo#1893340)
    Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,
    and Thunderbird 115.11

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.11.0
  https://www.mozilla.org/security/advisories/mfsa2024-22/
  MFSA 2024-22 (boo#???????)

• Files Changed
• Browse Source

bsc#1222535 added

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.10.0
  https://www.mozilla.org/security/advisories/mfsa2024-19/
  MFSA 2024-19 (boo#???????)
  * CVE-2024-3852 (bmo#1883542)
    GetBoundName in the JIT returned the wrong object
  * CVE-2024-3854 (bmo#1884552)
    Out-of-bounds-read after mis-optimized switch statement
  * CVE-2024-3857 (bmo#1886683)
    Incorrect JITting of arguments led to use-after-free during
    garbage collection
  * CVE-2024-2609 (bmo#1866100)
    Permission prompt input delay could expire when not in focus
  * CVE-2024-3859 (bmo#1874489)
    Integer-overflow led to out-of-bounds-read in the OpenType
    sanitizer
  * CVE-2024-3861 (bmo#1883158)
    Potential use-after-free due to AlignedBuffer self-move
  * CVE-2024-3863 (bmo#1885855)
    Download Protections were bypassed by .xrm-ms files on
    Windows
  * CVE-2024-3302 (bmo#1881183,
    bmo#https://kb.cert.org/vuls/id/421644)
    Denial of Service using HTTP/2 CONTINUATION frames
  * CVE-2024-3864 (bmo#1888333)
    Memory safety bug fixed in Firefox 125, Firefox ESR 115.10,
    and Thunderbird 115.10

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.10.0
  https://www.mozilla.org/security/advisories/mfsa2024-19/
  MFSA 2024-19 (boo#???????)

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.9.1
  https://www.mozilla.org/security/advisories/mfsa2024-16/
  MFSA 2024-16 (boo#1221850)

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.9.1
  https://www.mozilla.org/security/advisories/mfsa2024-16/
  MFSA 2024-16 (boo#???????)
  * CVE-2024-29944 (bmo#1886852)
    Privileged JavaScript Execution via Event Handlers

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.9.1
  https://www.mozilla.org/security/advisories/mfsa2024-16/
  MFSA 2024-16 (boo#???????)

• Files Changed
• Browse Source

- LLVM18 breaks building Firefox ESR on Tumbleweed; add
  * mozilla-fix-issues-with-llvm18.patch
- Mozilla Firefox ESR 115.9.0
  https://www.mozilla.org/security/advisories/mfsa2024-13/
  MFSA 2024-13 (boo#???????)
  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-2605 (bmo#1872920)
    Windows Error Reporter could be used as a Sandbox escape
    vector
  * CVE-2024-2607 (bmo#1879939)
    JIT code failed to save return registers on Armv7-A
  * CVE-2024-2608 (bmo#1880692)
    Integer overflow could have led to out of bounds write
  * CVE-2024-2616 (bmo#1846197)
    Improve handling of out-of-memory conditions in ICU
  * CVE-2023-5388 (bmo#1780432)
    NSS susceptible to timing attack against RSA decryption
  * CVE-2024-2610 (bmo#1871112)
    Improper handling of html and body tags enabled CSP nonce
    leakage
  * CVE-2024-2611 (bmo#1876675)
    Clickjacking vulnerability could have led to a user
    accidentally granting permissions
  * CVE-2024-2612 (bmo#1879444)
    Self referencing object could have potentially led to a use-
    after-free
  * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405,
    bmo#1881093)
    Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
    and Thunderbird 115.9

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.8.0
  https://www.mozilla.org/security/advisories/mfsa2024-06/
  MFSA 2024-06 (boo#1220048)
  * CVE-2024-1546 (bmo#1843752)
    Out-of-bounds memory read in networking channels
  * CVE-2024-1547 (bmo#1877879)
    Alert dialog could have been spoofed on another site
  * CVE-2024-1548 (bmo#1832627)
    Fullscreen Notification could have been hidden by select
    element
  * CVE-2024-1549 (bmo#1833814)
    Custom cursor could obscure the permission dialog
  * CVE-2024-1550 (bmo#1860065)
    Mouse cursor re-positioned unexpectedly could have led to
    unintended permission grants
  * CVE-2024-1551 (bmo#1864385)
    Multipart HTTP Responses would accept the Set-Cookie header
    in response parts
  * CVE-2024-1552 (bmo#1874502)
    Incorrect code generation on 32-bit ARM devices
  * CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498,
    bmo#1872296, bmo#1873521, bmo#1873577, bmo#1873597,
    bmo#1873866, bmo#1874080, bmo#1874740, bmo#1875795,
    bmo#1875906, bmo#1876425, bmo#1878211, bmo#1878286)
    Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
    and Thunderbird 115.8

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.7.0
  https://www.mozilla.org/security/advisories/mfsa2024-02/
  MFSA 2024-02 (bsc#???????)
  * CVE-2024-0741 (bmo#1864587)
    Out of bounds write in ANGLE
  * CVE-2024-0742 (bmo#1867152)
    Failure to update user input timestamp
  * CVE-2024-0746 (bmo#1660223)
    Crash when listing printers on Linux
  * CVE-2024-0747 (bmo#1764343)
    Bypass of Content Security Policy when directive unsafe-
    inline was set
  * CVE-2024-0749 (bmo#1813463)
    Phishing site popup could show local origin in address bar
  * CVE-2024-0750 (bmo#1863083)
    Potential permissions request bypass via clickjacking
  * CVE-2024-0751 (bmo#1865689)
    Privilege escalation through devtools
  * CVE-2024-0753 (bmo#1870262)
    HSTS policy on subdomain could bypass policy of upper domain
  * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
    Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
    and Thunderbird 115.7

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.7.0
  https://www.mozilla.org/security/advisories/mfsa2024-??/
  MFSA 2024-?? (bsc#???????)

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.6.0
  https://www.mozilla.org/security/advisories/mfsa2023-54/
  MFSA 2023-54 (bsc#1217974)
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6865 (bmo#1864123)
    Potential exposure of uninitialized data in
    EncryptingOutputStream
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6867 (bmo#1863863)
    Clickjacking permission prompts using the popup transition
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6862 (bmo#1868042)
    Use-after-free in nsDNSService
  * CVE-2023-6863 (bmo#1868901)
    Undefined behavior in ShutdownObserver()
  * CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328,
    bmo#1856090, bmo#1858033, bmo#1858509, bmo#1862089,
    bmo#1862777, bmo#1864015)
    Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
    and Thunderbird 115.6

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.6.0
  https://www.mozilla.org/security/advisories/mfsa2023-54/
  MFSA 2023-54 (bsc#1217974)

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.5.0
  MFSA 2023-50 (boo#???????)
  * CVE-2023-6204 (bmo#1841050)
    Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205 (bmo#1854076)
    Use-after-free in MessagePort::Entangled
  * CVE-2023-6206 (bmo#1857430)
    Clickjacking permission prompts using the fullscreen
    transition
  * CVE-2023-6207 (bmo#1861344)
    Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208 (bmo#1855345)
    Using Selection API would copy contents into X11 primary
    selection.
  * CVE-2023-6209 (bmo#1858570)
    Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,
    bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,
    bmo#1862782)
    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
    and Thunderbird 115.5

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.5.0
  MFSA 2023-?? (boo#???????)

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.4.0
  MFSA 2023-46 (bsc#1216338)
  * CVE-2023-5721 (bmo#1830820)
    Queued up rendering could have allowed websites to clickjack
  * CVE-2023-5732 (bmo#1690979)
    Address bar spoofing via bidirectional characters
  * CVE-2023-5724 (bmo#1836705)
    Large WebGL draw could have led to a crash
  * CVE-2023-5725 (bmo#1845739)
    WebExtensions could open arbitrary URLs
  * CVE-2023-5726 (bmo#1846205)
    Full screen notification obscured by file open dialog on
    macOS
  * CVE-2023-5727 (bmo#1847180)
    Download Protections were bypassed by .msix, .msixbundle,
    .appx, and .appxbundle files on Windows
  * CVE-2023-5728 (bmo#1852729)
    Improper object tracking during GC in the JavaScript engine
    could have led to a crash.
  * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694,
    bmo#1848833, bmo#1850191, bmo#1850259, bmo#1852596,
    bmo#1853201, bmo#1854002, bmo#1855306, bmo#1855640,
    bmo#1856695)
    Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
    and Thunderbird 115.4
- Remove mozilla-bmo1846703.patch as it has been fixed upstream

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.4.0
  MFSA 2023-?? (bsc#???????)
- Remove mozilla-bmo1846703.patch as it has been fixed upstream

• Files Changed
• Browse Source