Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.32985
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.32985
<patchinfo incident="32985"> <issue tracker="bnc" id="1221850">VUL-0: MozillaFirefox / MozillaThunderbird: update to 124.0.1 and 115.9.1esr</issue> <issue tracker="bnc" id="1221327">VUL-0: MozillaFirefox / MozillaThunderbird: update to 124 and 115.9esr</issue> <issue tracker="bnc" id="1220048">VUL-0: MozillaFirefox / MozillaThunderbird: update to 123 and 115.8esr</issue> <issue tracker="cve" id="2024-1552"/> <issue tracker="cve" id="2024-29944"/> <issue tracker="cve" id="2024-1549"/> <issue tracker="cve" id="2024-1546"/> <issue tracker="cve" id="2024-1551"/> <issue tracker="cve" id="2024-1547"/> <issue tracker="cve" id="2024-1550"/> <issue tracker="cve" id="2024-1553"/> <issue tracker="cve" id="2024-1548"/> <issue tracker="cve" id="2024-0743"/> <issue tracker="cve" id="2024-2605"/> <issue tracker="cve" id="2024-2607"/> <issue tracker="cve" id="2024-2608"/> <issue tracker="cve" id="2024-2616"/> <issue tracker="cve" id="2023-5388"/> <issue tracker="cve" id="2024-2610"/> <issue tracker="cve" id="2024-2611"/> <issue tracker="cve" id="2024-2612"/> <issue tracker="cve" id="2024-2614"/> <packager>MSirringhaus</packager> <rating>critical</rating> <category>security</category> <summary>Security update for MozillaFirefox</summary> <description>This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 (bsc#1221850). - CVE-2024-29944: Privileged JavaScript Execution via Event Handlers (bmo#1886852). Firefox Extended Support Release 115.9.0 ESR (bsc#1221327): - CVE-2024-0743: Crash in NSS TLS method (bmo#1867408). - CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector (bmo#1872920). - CVE-2024-2607: JIT code failed to save return registers on Armv7-A (bmo#1879939). - CVE-2024-2608: Integer overflow could have led to out of bounds write (bmo#1880692). - CVE-2024-2616: Improve handling of out-of-memory conditions in ICU (bmo#1846197). - CVE-2023-5388: NSS susceptible to timing attack against RSA decryption (bmo#1780432). - CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage (bmo#1871112). - CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions (bmo#1876675). - CVE-2024-2612: Self referencing object could have potentially led to a use- after-free (bmo#1879444). - CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor