Request 1175472: Submit MozillaFirefox - openSUSE Build Service

Overview

Request 1175472 accepted

- Mozilla Firefox 126.0
https://www.mozilla.org/en-US/firefox/126.0/releasenotes
MFSA 2024-21 (bsc#1224056)
* CVE-2024-4764 (bmo#1879093)
Use-after-free when audio input connected with multiple consumers
* CVE-2024-4367 (bmo#1893645)
Arbitrary JavaScript execution in PDF.js
* CVE-2024-4765 (bmo#1871109)
Web application manifests could have been overwritten via
hash collision
* CVE-2024-4766 (bmo#1871214, bmo#1871217)
Fullscreen notification could have been obscured on Firefox
for Android
* CVE-2024-4767 (bmo#1878577)
IndexedDB files retained in private browsing mode
* CVE-2024-4768 (bmo#1886082)
Potential permissions request bypass via clickjacking
* CVE-2024-4769 (bmo#1886108)
Cross-origin responses could be distinguished between script
and non-script content-types
* CVE-2024-4770 (bmo#1893270)
Use-after-free could occur when printing to PDF
* CVE-2024-4771 (bmo#1893891)
Failed allocation could lead to use-after-free
* CVE-2024-4772 (bmo#1870579)
Use of insecure rand() function to generate nonce
* CVE-2024-4773 (bmo#1875248)
URL bar could be cleared after network error
* CVE-2024-4774 (bmo#1886598)
Undefined behavior in ShmemCharMapHashEntry()

Created by wrosenauer 6 months ago
In state accepted

Submit MozillaFirefox

Comments for request 1175472 0

Login required, please login in order to comment

Request History

wrosenauer created request 6 months ago

- Mozilla Firefox 126.0
https://www.mozilla.org/en-US/firefox/126.0/releasenotes
MFSA 2024-21 (bsc#1224056)
* CVE-2024-4764 (bmo#1879093)
Use-after-free when audio input connected with multiple consumers
* CVE-2024-4367 (bmo#1893645)
Arbitrary JavaScript execution in PDF.js
* CVE-2024-4765 (bmo#1871109)
Web application manifests could have been overwritten via
hash collision
* CVE-2024-4766 (bmo#1871214, bmo#1871217)
Fullscreen notification could have been obscured on Firefox
for Android
* CVE-2024-4767 (bmo#1878577)
IndexedDB files retained in private browsing mode
* CVE-2024-4768 (bmo#1886082)
Potential permissions request bypass via clickjacking
* CVE-2024-4769 (bmo#1886108)
Cross-origin responses could be distinguished between script
and non-script content-types
* CVE-2024-4770 (bmo#1893270)
Use-after-free could occur when printing to PDF
* CVE-2024-4771 (bmo#1893891)
Failed allocation could lead to use-after-free
* CVE-2024-4772 (bmo#1870579)
Use of insecure rand() function to generate nonce
* CVE-2024-4773 (bmo#1875248)
URL bar could be cleared after network error
* CVE-2024-4774 (bmo#1886598)
Undefined behavior in ShmemCharMapHashEntry()

factory-auto added opensuse-review-team as a reviewer 6 months ago

Please review sources

factory-auto accepted review 6 months ago

Check script succeeded

dimstar accepted review 6 months ago

anag+factory set openSUSE:Factory:Staging:E as a staging project 6 months ago

Being evaluated by staging project "openSUSE:Factory:Staging:E"

anag+factory accepted review 6 months ago

Picked "openSUSE:Factory:Staging:E"

licensedigger accepted review 6 months ago

The legal review is accepted preliminary. The package may require actions later on.

anag+factory accepted review 6 months ago

Staging Project openSUSE:Factory:Staging:E got accepted.

anag+factory approved review 6 months ago

Staging Project openSUSE:Factory:Staging:E got accepted.

anag+factory accepted request 6 months ago

Staging Project openSUSE:Factory:Staging:E got accepted.

openSUSE Build Service is sponsored by