Overview
Request 1160556 accepted
- LLVM18 breaks building Thunderbird on Tumbleweed; add
* mozilla-fix-issues-with-llvm18.patch
- Mozilla Thunderbird 115.9.0
https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/
MFSA 2024-14 (bsc#1221327)
* CVE-2024-0743 (bmo#1867408)
Crash in NSS TLS method
* CVE-2024-2605 (bmo#1872920)
Windows Error Reporter could be used as a Sandbox escape vector
* CVE-2024-2607 (bmo#1879939)
JIT code failed to save return registers on Armv7-A
* CVE-2024-2608 (bmo#1880692)
Integer overflow could have led to out of bounds write
* CVE-2024-2616 (bmo#1846197)
Improve handling of out-of-memory conditions in ICU
* CVE-2023-5388 (bmo#1780432)
NSS susceptible to timing attack against RSA decryption
* CVE-2024-2610 (bmo#1871112)
Improper handling of html and body tags enabled CSP nonce leakage
* CVE-2024-2611 (bmo#1876675)
Clickjacking vulnerability could have led to a user accidentally
granting permissions
* CVE-2024-2612 (bmo#1879444)
Self referencing object could have potentially led to a use-
after-free
* CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093)
Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
and Thunderbird 115.9
- Created by wrosenauer
- In state accepted
Request History
wrosenauer created request
- LLVM18 breaks building Thunderbird on Tumbleweed; add
* mozilla-fix-issues-with-llvm18.patch
- Mozilla Thunderbird 115.9.0
https://www.thunderbird.net/en-US/thunderbird/115.9.0/releasenotes/
MFSA 2024-14 (bsc#1221327)
* CVE-2024-0743 (bmo#1867408)
Crash in NSS TLS method
* CVE-2024-2605 (bmo#1872920)
Windows Error Reporter could be used as a Sandbox escape vector
* CVE-2024-2607 (bmo#1879939)
JIT code failed to save return registers on Armv7-A
* CVE-2024-2608 (bmo#1880692)
Integer overflow could have led to out of bounds write
* CVE-2024-2616 (bmo#1846197)
Improve handling of out-of-memory conditions in ICU
* CVE-2023-5388 (bmo#1780432)
NSS susceptible to timing attack against RSA decryption
* CVE-2024-2610 (bmo#1871112)
Improper handling of html and body tags enabled CSP nonce leakage
* CVE-2024-2611 (bmo#1876675)
Clickjacking vulnerability could have led to a user accidentally
granting permissions
* CVE-2024-2612 (bmo#1879444)
Self referencing object could have potentially led to a use-
after-free
* CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093)
Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
and Thunderbird 115.9
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
anag+factory added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:31"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:adi:31"
licensedigger accepted review
ok
dimstar accepted review
darix accepted review
Accepted review for by_group opensuse-review-team request 1160556 from user anag+factory
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:adi:31 got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:adi:31 got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:adi:31 got accepted.