Overview

Request 1141172 accepted

- Mozilla Thunderbird 115.7.0
https://www.thunderbird.net/en-US/thunderbird/115.7.0/releasenotes/
MFSA 2024-04 (bsc#1218955)
* CVE-2024-0741 (bmo#1864587)
Out of bounds write in ANGLE
* CVE-2024-0742 (bmo#1867152)
Failure to update user input timestamp
* CVE-2024-0746 (bmo#1660223)
Crash when listing printers on Linux
* CVE-2024-0747 (bmo#1764343)
Bypass of Content Security Policy when directive unsafe-inline was set
* CVE-2024-0749 (bmo#1813463)
Phishing site popup could show local origin in address bar
* CVE-2024-0750 (bmo#1863083)
Potential permissions request bypass via clickjacking
* CVE-2024-0751 (bmo#1865689)
Privilege escalation through devtools
* CVE-2024-0753 (bmo#1870262)
HSTS policy on subdomain could bypass policy of upper domain
* CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
and Thunderbird 115.7

Request History
Wolfgang Rosenauer's avatar

wrosenauer created request

- Mozilla Thunderbird 115.7.0
https://www.thunderbird.net/en-US/thunderbird/115.7.0/releasenotes/
MFSA 2024-04 (bsc#1218955)
* CVE-2024-0741 (bmo#1864587)
Out of bounds write in ANGLE
* CVE-2024-0742 (bmo#1867152)
Failure to update user input timestamp
* CVE-2024-0746 (bmo#1660223)
Crash when listing printers on Linux
* CVE-2024-0747 (bmo#1764343)
Bypass of Content Security Policy when directive unsafe-inline was set
* CVE-2024-0749 (bmo#1813463)
Phishing site popup could show local origin in address bar
* CVE-2024-0750 (bmo#1863083)
Potential permissions request bypass via clickjacking
* CVE-2024-0751 (bmo#1865689)
Privilege escalation through devtools
* CVE-2024-0753 (bmo#1870262)
HSTS policy on subdomain could bypass policy of upper domain
* CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
and Thunderbird 115.7


Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources


Factory Auto's avatar

factory-auto accepted review

Check script succeeded


Ana Guerrero's avatar

anag+factory added as a reviewer

Being evaluated by staging project "openSUSE:Factory:Staging:adi:18"


Ana Guerrero's avatar

anag+factory accepted review

Picked "openSUSE:Factory:Staging:adi:18"


Saul Goodman's avatar

licensedigger accepted review

The legal review is accepted preliminary. The package may require actions later on.


Dominique Leuenberger's avatar

dimstar accepted review


Ana Guerrero's avatar

anag+factory accepted review

Staging Project openSUSE:Factory:Staging:adi:18 got accepted.


Ana Guerrero's avatar

anag+factory approved review

Staging Project openSUSE:Factory:Staging:adi:18 got accepted.


Ana Guerrero's avatar

anag+factory accepted request

Staging Project openSUSE:Factory:Staging:adi:18 got accepted.

openSUSE Build Service is sponsored by