Overview

Request 1128270 revoked

- Mozilla Thunderbird 115.5.0
https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
MFSA 2023-52 (bsc#)
* CVE-2023-6204 (bmo#1841050)
Out-of-bound memory access in WebGL2 blitFramebuffer
* CVE-2023-6205 (bmo#1854076)
Use-after-free in MessagePort::Entangled
* CVE-2023-6206 (bmo#1857430)
Clickjacking permission prompts using the fullscreen transition
* CVE-2023-6207 (bmo#1861344)
Use-after-free in ReadableByteStreamQueueEntry::Buffer
* CVE-2023-6208 (bmo#1855345)
Using Selection API would copy contents into X11 primary
selection.
* CVE-2023-6209 (bmo#1858570)
Incorrect parsing of relative URLs starting with "///"
* CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
and Thunderbird 115.5

Request History
Wolfgang Rosenauer's avatar

wrosenauer created request

- Mozilla Thunderbird 115.5.0
https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
MFSA 2023-52 (bsc#)
* CVE-2023-6204 (bmo#1841050)
Out-of-bound memory access in WebGL2 blitFramebuffer
* CVE-2023-6205 (bmo#1854076)
Use-after-free in MessagePort::Entangled
* CVE-2023-6206 (bmo#1857430)
Clickjacking permission prompts using the fullscreen transition
* CVE-2023-6207 (bmo#1861344)
Use-after-free in ReadableByteStreamQueueEntry::Buffer
* CVE-2023-6208 (bmo#1855345)
Using Selection API would copy contents into X11 primary
selection.
* CVE-2023-6209 (bmo#1858570)
Incorrect parsing of relative URLs starting with "///"
* CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
and Thunderbird 115.5


Wolfgang Rosenauer's avatar

wrosenauer revoked request

incomplete

openSUSE Build Service is sponsored by