Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.27415
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.27415
<patchinfo incident="27415"> <issue tracker="cve" id="2022-46871"/> <issue tracker="cve" id="2023-23598"/> <issue tracker="cve" id="2023-23601"/> <issue tracker="cve" id="2023-23602"/> <issue tracker="cve" id="2022-46877"/> <issue tracker="cve" id="2023-23603"/> <issue tracker="cve" id="2023-23605"/> <issue tracker="bnc" id="1207119">VUL-0: MozillaFirefox / MozillaThunderbird: update to 109 and 102.7esr</issue> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaFirefox</summary> <description>This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR (bsc#1207119): - CVE-2022-46871: Updated an out of date library (libusrsctp) which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential spoofing attack when dragging a URL from a cross-origin iframe into the same tab. - CVE-2023-23602: Fixed a mishandled security check, which caused the Content Security Policy header to be ignored for WebSockets in WebWorkers. - CVE-2022-46877: Fixed a fullscreen notification bypass which could be leveraged in spoofing attacks. - CVE-2023-23603: Fixed a Content Security Policy bypass via format directives. - CVE-2023-23605: Fixed several memory safety bugs. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor