Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
patchinfo.27668
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.27668
<patchinfo incident="27668"> <issue tracker="bnc" id="1207119">VUL-0: MozillaFirefox / MozillaThunderbird: update to 109 and 102.7esr</issue> <issue tracker="cve" id="2022-46871"/> <issue tracker="cve" id="2022-46877"/> <issue tracker="cve" id="2023-23603"/> <issue tracker="cve" id="2023-23602"/> <issue tracker="cve" id="2023-23598"/> <issue tracker="cve" id="2023-23601"/> <issue tracker="cve" id="2023-23599"/> <issue tracker="cve" id="2023-0430"/> <issue tracker="cve" id="2023-23605"/> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaThunderbird</summary> <description>This update for MozillaThunderbird fixes the following issues: Updated to version 102.7.1 (bsc#1207119): * CVE-2022-46871: Fixed out of date libusrsctp. * CVE-2023-23598: Fixed arbitrary file read from GTK drag and drop on Linux. * CVE-2023-23599: Fixed issue where malicious command that could be hidden in devtools output on Windows. * CVE-2023-23601: Fixed issue where URL being dragged from cross-origin iframe into same tab triggers navigation. * CVE-2023-23602: Fixed Content Security Policy not being correctly applied to WebSockets in WebWorkers. * CVE-2022-46877: Fixed fullscreen notification bypass. * CVE-2023-23603: Fixed issue where calls to code tag allowed bypassing Content Security Policy via format directive. * CVE-2023-23605: Fixed memory safety bugs. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor