Overview
Request 1169354 accepted
- Mozilla Thunderbird 115.10.1
https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
* fixed hangup introduced with 115.10.0 (bmo#1891889)
- Mozilla Thunderbird 115.10.0
https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
MFSA 2024-20 (bsc#1222535)
* CVE-2024-3852 (bmo#1883542)
GetBoundName in the JIT returned the wrong object
* CVE-2024-3854 (bmo#1884552)
Out-of-bounds-read after mis-optimized switch statement
* CVE-2024-3857 (bmo#1886683)
Incorrect JITting of arguments led to use-after-free during
garbage collection
* CVE-2024-2609 (bmo#1866100)
Permission prompt input delay could expire when not in focus
* CVE-2024-3859 (bmo#1874489)
Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
* CVE-2024-3861 (bmo#1883158)
Potential use-after-free due to AlignedBuffer self-move
* CVE-2024-3863 (bmo#1885855)
Download Protections were bypassed by .xrm-ms files on Windows
* CVE-2024-3302 (bmo#1881183)
Denial of Service using HTTP/2 CONTINUATION frames
* CVE-2024-3864 (bmo#1888333)
Memory safety bug fixed in Firefox 125, Firefox ESR 115.10,
and Thunderbird 115.10
- Created by wrosenauer
- In state accepted
Request History
wrosenauer created request
- Mozilla Thunderbird 115.10.1
https://www.thunderbird.net/en-US/thunderbird/115.10.1/releasenotes/
* fixed hangup introduced with 115.10.0 (bmo#1891889)
- Mozilla Thunderbird 115.10.0
https://www.thunderbird.net/en-US/thunderbird/115.10.0/releasenotes/
MFSA 2024-20 (bsc#1222535)
* CVE-2024-3852 (bmo#1883542)
GetBoundName in the JIT returned the wrong object
* CVE-2024-3854 (bmo#1884552)
Out-of-bounds-read after mis-optimized switch statement
* CVE-2024-3857 (bmo#1886683)
Incorrect JITting of arguments led to use-after-free during
garbage collection
* CVE-2024-2609 (bmo#1866100)
Permission prompt input delay could expire when not in focus
* CVE-2024-3859 (bmo#1874489)
Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
* CVE-2024-3861 (bmo#1883158)
Potential use-after-free due to AlignedBuffer self-move
* CVE-2024-3863 (bmo#1885855)
Download Protections were bypassed by .xrm-ms files on Windows
* CVE-2024-3302 (bmo#1881183)
Denial of Service using HTTP/2 CONTINUATION frames
* CVE-2024-3864 (bmo#1888333)
Memory safety bug fixed in Firefox 125, Firefox ESR 115.10,
and Thunderbird 115.10
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
staging-bot added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:25"
staging-bot accepted review
Picked "openSUSE:Factory:Staging:adi:25"
dimstar accepted review
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:adi:25 got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:adi:25 got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:adi:25 got accepted.
