Overview
Request 1128271 accepted
- Mozilla Thunderbird 115.5.0
https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
MFSA 2023-52 (bsc#1217230)
* CVE-2023-6204 (bmo#1841050)
Out-of-bound memory access in WebGL2 blitFramebuffer
* CVE-2023-6205 (bmo#1854076)
Use-after-free in MessagePort::Entangled
* CVE-2023-6206 (bmo#1857430)
Clickjacking permission prompts using the fullscreen transition
* CVE-2023-6207 (bmo#1861344)
Use-after-free in ReadableByteStreamQueueEntry::Buffer
* CVE-2023-6208 (bmo#1855345)
Using Selection API would copy contents into X11 primary
selection.
* CVE-2023-6209 (bmo#1858570)
Incorrect parsing of relative URLs starting with "///"
* CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
and Thunderbird 115.5
- Created by wrosenauer
- In state accepted
Request History
wrosenauer created request
- Mozilla Thunderbird 115.5.0
https://www.thunderbird.net/en-US/thunderbird/115.5.0/releasenotes
MFSA 2023-52 (bsc#1217230)
* CVE-2023-6204 (bmo#1841050)
Out-of-bound memory access in WebGL2 blitFramebuffer
* CVE-2023-6205 (bmo#1854076)
Use-after-free in MessagePort::Entangled
* CVE-2023-6206 (bmo#1857430)
Clickjacking permission prompts using the fullscreen transition
* CVE-2023-6207 (bmo#1861344)
Use-after-free in ReadableByteStreamQueueEntry::Buffer
* CVE-2023-6208 (bmo#1855345)
Using Selection API would copy contents into X11 primary
selection.
* CVE-2023-6209 (bmo#1858570)
Incorrect parsing of relative URLs starting with "///"
* CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072,
bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782)
Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
and Thunderbird 115.5
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
staging-bot added openSUSE:Factory:Staging:adi:18 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:18"
staging-bot accepted review
Picked "openSUSE:Factory:Staging:adi:18"
licensedigger accepted review
ok
dimstar accepted review
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:adi:18 got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:adi:18 got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:adi:18 got accepted.