Request 800451: Submit MozillaFirefox - openSUSE Build Service

Overview

Request 800451 accepted

- Mozilla Firefox 76.0
* Lockwise improvements
* Improvements in Picture-in-Picture feature
* Support Audio Worklets
MFSA-2020-16 (bsc#1171186)
* CVE-2020-12387 (bmo#1545345)
Use-after-free during worker shutdown
* CVE-2020-12388 (bmo#1618911)
Sandbox escape with improperly guarded Access Tokens
* CVE-2020-12389 (bmo#1554110)
Sandbox escape with improperly separated process types
* CVE-2020-6831 (bmo#1632241)
Buffer overflow in SCTP chunk input validation
* CVE-2020-12390 (bmo#1141959)
Incorrect serialization of nsIPrincipal.origin for IPv6 addresses
* CVE-2020-12391 (bmo#1457100)
Content-Security-Policy bypass using object elements
* CVE-2020-12392 (bmo#1614468)
Arbitrary local file access with 'Copy as cURL'
* CVE-2020-12393 (bmo#1615471)
Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command injection
* CVE-2020-12394 (bmo#1628288)
URL spoofing in location bar when unfocussed
* CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098,
bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508)
Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
* CVE-2020-12396 (bmo#1339601, bmo#1611938, bmo#1620488,
bmo#1622291, bmo#1627644)
Memory safety bugs fixed in Firefox 76

Created by wrosenauer over 4 years ago
In state accepted

Submit MozillaFirefox

Comments for request 800451 0

Login required, please login in order to comment

Request History

wrosenauer created request over 4 years ago

- Mozilla Firefox 76.0
* Lockwise improvements
* Improvements in Picture-in-Picture feature
* Support Audio Worklets
MFSA-2020-16 (bsc#1171186)
* CVE-2020-12387 (bmo#1545345)
Use-after-free during worker shutdown
* CVE-2020-12388 (bmo#1618911)
Sandbox escape with improperly guarded Access Tokens
* CVE-2020-12389 (bmo#1554110)
Sandbox escape with improperly separated process types
* CVE-2020-6831 (bmo#1632241)
Buffer overflow in SCTP chunk input validation
* CVE-2020-12390 (bmo#1141959)
Incorrect serialization of nsIPrincipal.origin for IPv6 addresses
* CVE-2020-12391 (bmo#1457100)
Content-Security-Policy bypass using object elements
* CVE-2020-12392 (bmo#1614468)
Arbitrary local file access with 'Copy as cURL'
* CVE-2020-12393 (bmo#1615471)
Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command injection
* CVE-2020-12394 (bmo#1628288)
URL spoofing in location bar when unfocussed
* CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098,
bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508)
Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
* CVE-2020-12396 (bmo#1339601, bmo#1611938, bmo#1620488,
bmo#1622291, bmo#1627644)
Memory safety bugs fixed in Firefox 76

factory-auto added opensuse-review-team as a reviewer over 4 years ago

Please review sources

factory-auto accepted review over 4 years ago

Check script succeeded

dimstar_suse set openSUSE:Factory:Staging:G as a staging project over 4 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:G"

dimstar_suse accepted review over 4 years ago

Picked "openSUSE:Factory:Staging:G"

licensedigger accepted review over 4 years ago

ok

namtrac accepted review over 4 years ago

dimstar_suse accepted review over 4 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

dimstar_suse approved review over 4 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

dimstar_suse accepted request over 4 years ago

Staging Project openSUSE:Factory:Staging:G got accepted.

openSUSE Build Service is sponsored by