Overview
Request 1207037 superseded
- Mozilla Thunderbird 128.3.1
https://www.thunderbird.net/en-US/thunderbird/128.0esr/releasenotes/
and following release notes for minor version updates
MFSA 2024-52 (bsc#1231413)
* CVE-2024-9680 (bmo#1923344)
Use-after-free in Animation timeline
Mozilla Thunderbird 128.3.0
MFSA 2024-32 (128.0)
MFSA 2024-37 (128.1)
MFSA 2024-43 (128.2)
MFSA 2024-49 (128.3) (bsc#1230979)
* CVE-2024-9392 (bmo#1899154, bmo#1905843)
Compromised content process can bypass site isolation
* CVE-2024-9393 (bmo#1918301)
Cross-origin access to PDF contents through multipart responses
* CVE-2024-9394 (bmo#1918874)
Cross-origin access to JSON contents through multipart responses
* CVE-2024-8900 (bmo#1872841)
Clipboard write permission bypass
* CVE-2024-9396 (bmo#1912471)
Potential memory corruption may occur when cloning certain objects
* CVE-2024-9397 (bmo#1916659)
Potential directory upload bypass via clickjacking
* CVE-2024-9398 (bmo#1881037)
External protocol handlers could be enumerated via popups
* CVE-2024-9399 (bmo#1907726)
Specially crafted WebTransport requests could lead to denial
of service
* CVE-2024-9400 (bmo#1915249)
Potential memory corruption during JIT compilation
- Created by wrosenauer
- In state superseded
- Superseded by 1207082
-
Open review for
licensedigger
- Open review for openSUSE:Factory:Staging:adi:10
-
Open review for
opensuse-review-team
Request History
wrosenauer created request
- Mozilla Thunderbird 128.3.1
https://www.thunderbird.net/en-US/thunderbird/128.0esr/releasenotes/
and following release notes for minor version updates
MFSA 2024-52 (bsc#1231413)
* CVE-2024-9680 (bmo#1923344)
Use-after-free in Animation timeline
Mozilla Thunderbird 128.3.0
MFSA 2024-32 (128.0)
MFSA 2024-37 (128.1)
MFSA 2024-43 (128.2)
MFSA 2024-49 (128.3) (bsc#1230979)
* CVE-2024-9392 (bmo#1899154, bmo#1905843)
Compromised content process can bypass site isolation
* CVE-2024-9393 (bmo#1918301)
Cross-origin access to PDF contents through multipart responses
* CVE-2024-9394 (bmo#1918874)
Cross-origin access to JSON contents through multipart responses
* CVE-2024-8900 (bmo#1872841)
Clipboard write permission bypass
* CVE-2024-9396 (bmo#1912471)
Potential memory corruption may occur when cloning certain objects
* CVE-2024-9397 (bmo#1916659)
Potential directory upload bypass via clickjacking
* CVE-2024-9398 (bmo#1881037)
External protocol handlers could be enumerated via popups
* CVE-2024-9399 (bmo#1907726)
Specially crafted WebTransport requests could lead to denial
of service
* CVE-2024-9400 (bmo#1915249)
Potential memory corruption during JIT compilation
anag+factory added openSUSE:Factory:Staging:adi:10 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:10"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:adi:10"
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
superseded by 1207082
Don't own system directories