Request 975202: Submit MozillaThunderbird - openSUSE Build Service

Overview

Request 975202 accepted

- Mozilla Thunderbird 91.9.0
* A warning is now displayed if an OpenPGP key has unsafe
attributes that are ignored
* OpenPGP integration in Thunderbird 91.8.0 and 91.8.1 did not
allow SHA-1 key signatures
* CalDAV calendars were marked read-only on startup
MFSA 2022-18 (bsc#1198970)
* CVE-2022-1520 (bmo#1745019)
Incorrect security status shown after viewing an attached
email
* CVE-2022-29914 (bmo#1746448)
Fullscreen notification bypass using popups
* CVE-2022-29909 (bmo#1755081)
Bypassing permission prompt in nested browsing contexts
* CVE-2022-29916 (bmo#1760674)
Leaking browser history with CSS variables
* CVE-2022-29911 (bmo#1761981)
iframe sandbox bypass
* CVE-2022-29912 (bmo#1692655)
Reader mode bypassed SameSite cookies
* CVE-2022-29913 (bmo#1764778)
Speech Synthesis feature not properly disabled
* CVE-2022-29917 (bmo#1684739, bmo#1706441, bmo#1753298,
bmo#1762614, bmo#1762620)
Memory safety bugs fixed in Thunderbird 91.9

Created by wrosenauer over 2 years ago
In state accepted

Submit MozillaThunderbird

Comments for request 975202 0

Login required, please login in order to comment

Request History

wrosenauer created request over 2 years ago

- Mozilla Thunderbird 91.9.0
* A warning is now displayed if an OpenPGP key has unsafe
attributes that are ignored
* OpenPGP integration in Thunderbird 91.8.0 and 91.8.1 did not
allow SHA-1 key signatures
* CalDAV calendars were marked read-only on startup
MFSA 2022-18 (bsc#1198970)
* CVE-2022-1520 (bmo#1745019)
Incorrect security status shown after viewing an attached
email
* CVE-2022-29914 (bmo#1746448)
Fullscreen notification bypass using popups
* CVE-2022-29909 (bmo#1755081)
Bypassing permission prompt in nested browsing contexts
* CVE-2022-29916 (bmo#1760674)
Leaking browser history with CSS variables
* CVE-2022-29911 (bmo#1761981)
iframe sandbox bypass
* CVE-2022-29912 (bmo#1692655)
Reader mode bypassed SameSite cookies
* CVE-2022-29913 (bmo#1764778)
Speech Synthesis feature not properly disabled
* CVE-2022-29917 (bmo#1684739, bmo#1706441, bmo#1753298,
bmo#1762614, bmo#1762620)
Memory safety bugs fixed in Thunderbird 91.9

factory-auto added opensuse-review-team as a reviewer over 2 years ago

Please review sources

factory-auto accepted review over 2 years ago

Check script succeeded

licensedigger accepted review over 2 years ago

ok

dimstar_suse set openSUSE:Factory:Staging:E as a staging project over 2 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:E"

dimstar_suse accepted review over 2 years ago

Picked "openSUSE:Factory:Staging:E"

dimstar accepted review over 2 years ago

dimstar_suse accepted review over 2 years ago

Staging Project openSUSE:Factory:Staging:E got accepted.

dimstar_suse approved review over 2 years ago

Staging Project openSUSE:Factory:Staging:E got accepted.

dimstar_suse accepted request over 2 years ago

Staging Project openSUSE:Factory:Staging:E got accepted.

openSUSE Build Service is sponsored by