Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.28312
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.28312
<patchinfo incident="28312"> <issue tracker="bnc" id="1209173">VUL-0: MozillaFirefox / MozillaThunderbird: update to 111 and 102.9esr</issue> <issue tracker="bnc" id="1209953">VUL-0: MozillaThunderbird: update to 102.9.1esr</issue> <issue tracker="cve" id="2023-28164"/> <issue tracker="cve" id="2023-28163"/> <issue tracker="cve" id="2023-25751"/> <issue tracker="cve" id="2023-28176"/> <issue tracker="cve" id="2023-25752"/> <issue tracker="cve" id="2023-28162"/> <issue tracker="cve" id="2023-28427"/> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaThunderbird</summary> <description>This update for MozillaThunderbird fixes the following issues: MFSA 2023-12 (bsc#1209953): - CVE-2023-28427: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack (bmo#1822595) MFSA 2023-11 (bsc#1209173): - CVE-2023-25751: Incorrect code generation during JIT compilation (bmo#1814899). - CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (bmo#1809122). - CVE-2023-28162: Invalid downcast in Worklets (bmo#1811327). - CVE-2023-25752: Potential out-of-bounds when accessing throttled streams (bmo#1811627). - CVE-2023-28163: Windows Save As dialog resolved environment variables (bmo#1817768) - CVE-2023-28176: Memory safety bugs fixed in Thunderbird 102.9 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442, bmo#1818674). Mozilla Thunderbird 102.9: - fixed: Notification about a sender's changed OpenPGP key was not immediately visible (bmo#1814003) - fixed: TLS Certificate Override dialog did not appear when retrieving messages via IMAP using "Get Messages" context menu (bmo#1816596) - fixed: Spellcheck dictionaries were missing from localized Thunderbird builds that should have included them (bmo#1818257) - fixed: Tooltips for "Show/Hide" calendar toggle did not display (bmo#1809557) - fixed: Various security fixes Mozilla Thunderbird 102.9.1: - fixed: Thunderbird was unable to open file URLs from command line (URLs beginning with "file://") (bmo#1816343) - fixed: Source strings for localized builds not uploaded to FTP as expected (bmo#1817086) - fixed: Visual and theme improvements (bmo#1821358, bmo#1822286) - fixed: Security fixes </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor