File _patchinfo of Package patchinfo.28983

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.28983

<patchinfo incident="28983">
  <issue tracker="bnc" id="1211175">VUL-0: MozillaFirefox / MozillaThunderbird: update to 113 and 102.11esr</issue>
  <issue tracker="cve" id="2023-32205"/>
  <issue tracker="cve" id="2023-32211"/>
  <issue tracker="cve" id="2023-32215"/>
  <issue tracker="cve" id="2023-32213"/>
  <issue tracker="cve" id="2023-32214"/>
  <issue tracker="cve" id="2023-32212"/>
  <issue tracker="cve" id="2023-32207"/>
  <issue tracker="cve" id="2023-32206"/>
  <packager>MSirringhaus</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for MozillaThunderbird</summary>
  <description>This update for MozillaThunderbird fixes the following issues:

Update to version 102.11:

- fixed: During Account Setup, the "Checking password..." message was not removed after a failure (bmo#1826022)
- fixed: Miscellaneous UI fixes (bmo#1827070)
- fixed: Security fixes MFSA 2023-18 (bsc#1211175)
- CVE-2023-32205: Browser prompts could have been obscured by popups
- CVE-2023-32206: Crash in RLBox Expat driver
- CVE-2023-32207: Potential permissions request bypass via clickjacking
- CVE-2023-32211: Content process crash due to invalid wasm code
- CVE-2023-32212: Potential spoof due to obscured address bar
- CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()
- CVE-2023-32214: Potential DoS via exposed protocol handlers
- CVE-2023-32215: Memory safety bugs fixed in Thunderbird 102.11
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.28983

Places