Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:Update
patchinfo.27772
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.27772
<patchinfo incident="27772"> <issue tracker="bnc" id="1208144">VUL-0: MozillaFirefox / MozillaThunderbird: update to 110 and 102.8esr</issue> <issue tracker="bnc" id="1208138">VUL-0: CVE-2023-0767: mozilla-nss: Update NSS to 3.79.4</issue> <issue tracker="cve" id="2023-25728"/> <issue tracker="cve" id="2023-25730"/> <issue tracker="cve" id="2023-25743"/> <issue tracker="cve" id="2023-0767"/> <issue tracker="cve" id="2023-25735"/> <issue tracker="cve" id="2023-25737"/> <issue tracker="cve" id="2023-25738"/> <issue tracker="cve" id="2023-25739"/> <issue tracker="cve" id="2023-25729"/> <issue tracker="cve" id="2023-25732"/> <issue tracker="cve" id="2023-25734"/> <issue tracker="cve" id="2023-25742"/> <issue tracker="cve" id="2023-25744"/> <issue tracker="cve" id="2023-25746"/> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaFirefox</summary> <description>This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR (bsc#1208144): - CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. - CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. - CVE-2023-25743: Fixed Fullscreen notification not being shown in Firefox Focus. - CVE-2023-0767: Fixed arbitrary memory write via PKCS 12 in NSS. - CVE-2023-25735: Fixed potential use-after-free from compartment mismatch in SpiderMonkey. - CVE-2023-25737: Fixed invalid downcast in SVGUtils::SetupStrokeGeometry. - CVE-2023-25738: Fixed printing on Windows which could potentially crash Firefox with some device drivers. - CVE-2023-25739: Fixed use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext. - CVE-2023-25729: Fixed extensions opening external schemes without user knowledge. - CVE-2023-25732: Fixed out of bounds memory write from EncodeInputStream. - CVE-2023-25734: Fixed opening local .url files that causes unexpected network loads. - CVE-2023-25742: Fixed tab crash by Web Crypto ImportKey. - CVE-2023-25744: Fixed Memory safety bugs. - CVE-2023-25746: Fixed Memory safety bugs. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor