Overview
Request 874836 superseded
- Mozilla Firefox 86.0
* requires NSS >= 3.61
* requires rust-cbindgen >= 0.16.0
* Firefox now supports simultaneously watching multiple videos in
Picture-in-Picture.
* Total Cookie Protection to Strict Mode
* https://www.mozilla.org/en-US/firefox/86.0/releasenotes
MSFA 2021-07 (bsc#1182614)
* CVE-2021-23969 (bmo#1542194)
Content Security Policy violation report could have contained
the destination of a redirect
* CVE-2021-23970 (bmo#1681724)
Multithreaded WASM triggered assertions validating separation
of script domains
* CVE-2021-23968 (bmo#1687342)
Content Security Policy violation report could have contained
the destination of a redirect
* CVE-2021-23974 (bmo#1528997, bmo#1683627)
noscript elements could have led to an HTML Sanitizer bypass
* CVE-2021-23971 (bmo#1678545)
A website's Referrer-Policy could have been be overridden,
potentially resulting in the full URL being sent as a Referrer
* CVE-2021-23976 (bmo#1684627)
Local spoofing of web manifests for arbitrary pages in
Firefox for Android
* CVE-2021-23977 (bmo#1684761)
Malicious application could read sensitive data from Firefox
for Android's application directories
* CVE-2021-23972 (bmo#1683536)
HTTP Auth phishing warning was omitted when a redirect is
- Created by wrosenauer
- In state superseded
- Superseded by 874847
-
Open review for
licensedigger
-
Open review for
factory-staging
Request History
wrosenauer created request
- Mozilla Firefox 86.0
* requires NSS >= 3.61
* requires rust-cbindgen >= 0.16.0
* Firefox now supports simultaneously watching multiple videos in
Picture-in-Picture.
* Total Cookie Protection to Strict Mode
* https://www.mozilla.org/en-US/firefox/86.0/releasenotes
MSFA 2021-07 (bsc#1182614)
* CVE-2021-23969 (bmo#1542194)
Content Security Policy violation report could have contained
the destination of a redirect
* CVE-2021-23970 (bmo#1681724)
Multithreaded WASM triggered assertions validating separation
of script domains
* CVE-2021-23968 (bmo#1687342)
Content Security Policy violation report could have contained
the destination of a redirect
* CVE-2021-23974 (bmo#1528997, bmo#1683627)
noscript elements could have led to an HTML Sanitizer bypass
* CVE-2021-23971 (bmo#1678545)
A website's Referrer-Policy could have been be overridden,
potentially resulting in the full URL being sent as a Referrer
* CVE-2021-23976 (bmo#1684627)
Local spoofing of web manifests for arbitrary pages in
Firefox for Android
* CVE-2021-23977 (bmo#1684761)
Malicious application could read sensitive data from Firefox
for Android's application directories
* CVE-2021-23972 (bmo#1683536)
HTTP Auth phishing warning was omitted when a redirect is
factory-auto declined review
Output of check script:
firefox-86.0.source.tar.xz /home/go/co/874836/MozillaFirefox/firefox-86.0.source.tar.xz differ: char 15, line 1
ERROR: download_files is configured to fail when the upstream file is different than the committed file... this is the case!
Source URLs are not valid. Try "osc service runall download_files".
factory-auto declined request
Output of check script:
firefox-86.0.source.tar.xz /home/go/co/874836/MozillaFirefox/firefox-86.0.source.tar.xz differ: char 15, line 1
ERROR: download_files is configured to fail when the upstream file is different than the committed file... this is the case!
Source URLs are not valid. Try "osc service runall download_files".
superseded by 874847
