Overview

Request 1103476 accepted

- Update to version 102.14.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-4045: Offscreen Canvas could have bypassed
cross-origin restrictions.
+ CVE-2023-4046: Incorrect value used during WASM compilation.
+ CVE-2023-4047: Potential permissions request bypass via
clickjacking.
+ CVE-2023-4048: Crash in DOMParser due to out-of-memory
conditions.
+ CVE-2023-4049: Fix potential race conditions when releasing
platform objects.
+ CVE-2023-4050: Stack buffer overflow in StorageManager.
+ CVE-2023-4054: Lack of warning when opening appref-ms files.
+ CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar
state.
+ CVE-2023-4056: Memory safety bugs fixed in Firefox 116, Firefox
ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and
Thunderbird 102.14.
- Changes from version 102.13.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-37201: Use-after-free in WebRTC certificate generation
+ CVE-2023-37202: Potential use-after-free from compartment
mismatch in SpiderMonkey
+ CVE-2023-37207: Fullscreen notification obscured
+ CVE-2023-37208: Lack of warning when opening Diagcab files
+ CVE-2023-37211: Memory safety bugs fixed in Firefox 115,
Firefox ESR 102.13, and Thunderbird 102.13

Loading...

Request History
Bjørn Lie's avatar

iznogood created request

- Update to version 102.14.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-4045: Offscreen Canvas could have bypassed
cross-origin restrictions.
+ CVE-2023-4046: Incorrect value used during WASM compilation.
+ CVE-2023-4047: Potential permissions request bypass via
clickjacking.
+ CVE-2023-4048: Crash in DOMParser due to out-of-memory
conditions.
+ CVE-2023-4049: Fix potential race conditions when releasing
platform objects.
+ CVE-2023-4050: Stack buffer overflow in StorageManager.
+ CVE-2023-4054: Lack of warning when opening appref-ms files.
+ CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar
state.
+ CVE-2023-4056: Memory safety bugs fixed in Firefox 116, Firefox
ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and
Thunderbird 102.14.
- Changes from version 102.13.0:
+ Various security fixes and other quality improvements.
+ CVE-2023-37201: Use-after-free in WebRTC certificate generation
+ CVE-2023-37202: Potential use-after-free from compartment
mismatch in SpiderMonkey
+ CVE-2023-37207: Fullscreen notification obscured
+ CVE-2023-37208: Lack of warning when opening Diagcab files
+ CVE-2023-37211: Memory safety bugs fixed in Firefox 115,
Firefox ESR 102.13, and Thunderbird 102.13


GNOME Review Bot's avatar

gnome-review-bot accepted review

Check script succeeded


Luciano Santos's avatar

luc14n0 accepted review

LGTM


Luciano Santos's avatar

luc14n0 approved review

LGTM


Dominique Leuenberger's avatar

dimstar accepted request

openSUSE Build Service is sponsored by