Revisions of MozillaFirefox
buildservice-autocommit
accepted
request 1141490
from
Wolfgang Rosenauer (wrosenauer)
(revision 1129)
baserev update by copy to link target
Wolfgang Rosenauer (wrosenauer)
committed
(revision 1128)
- Mozilla Firefox 122.0 https://www.mozilla.org/en-US/firefox/122.0/releasenotes/ MFSA 2024-01 (bsc#1218955) * CVE-2024-0741 (bmo#1864587) Out of bounds write in ANGLE * CVE-2024-0742 (bmo#1867152) Failure to update user input timestamp * CVE-2024-0743 (bmo#1867408) Crash in NSS TLS method * CVE-2024-0744 (bmo#1871089) Wild pointer dereference in JavaScript * CVE-2024-0745 (bmo#1871838) Stack buffer overflow in WebAudio * CVE-2024-0746 (bmo#1660223) Crash when listing printers on Linux * CVE-2024-0747 (bmo#1764343) Bypass of Content Security Policy when directive unsafe-inline was set * CVE-2024-0748 (bmo#1783504) Compromised content process could modify document URI * CVE-2024-0749 (bmo#1813463) Phishing site popup could show local origin in address bar * CVE-2024-0750 (bmo#1863083) Potential permissions request bypass via clickjacking * CVE-2024-0751 (bmo#1865689) Privilege escalation through devtools * CVE-2024-0752 (bmo#1866840) Use-after-free could occur when applying update on macOS * CVE-2024-0753 (bmo#1870262) HSTS policy on subdomain could bypass policy of upper domain * CVE-2024-0754 (bmo#1871605)
buildservice-autocommit
accepted
request 1138351
from
Wolfgang Rosenauer (wrosenauer)
(revision 1127)
baserev update by copy to link target
Wolfgang Rosenauer (wrosenauer)
accepted
request 1137806
from
Andreas Stieger (AndreasStieger)
(revision 1126)
Mozilla Firefox 121.0.1
buildservice-autocommit
accepted
request 1134603
from
Wolfgang Rosenauer (wrosenauer)
(revision 1125)
baserev update by copy to link target
Wolfgang Rosenauer (wrosenauer)
committed
(revision 1124)
- Mozilla Firefox 121.0 https://www.mozilla.org/en-US/firefox/121.0/releasenotes MFSA 2023-56 (bsc#1217974) * CVE-2023-6856 (bmo#1843782) Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver * CVE-2023-6135 (bmo#1853908) NSS susceptible to "Minerva" attack * CVE-2023-6865 (bmo#1864123) Potential exposure of uninitialized data in EncryptingOutputStream * CVE-2023-6857 (bmo#1796023) Symlinks may resolve to smaller than expected buffers * CVE-2023-6858 (bmo#1826791) Heap buffer overflow in nsTextFragment * CVE-2023-6859 (bmo#1840144) Use-after-free in PR_GetIdentitiesLayer * CVE-2023-6866 (bmo#1849037) TypedArrays lack sufficient exception handling * CVE-2023-6860 (bmo#1854669) Potential sandbox escape due to VideoBridge lack of texture validation * CVE-2023-6867 (bmo#1863863) Clickjacking permission prompts using the popup transition * CVE-2023-6861 (bmo#1864118) Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode * CVE-2023-6868 (bmo#1865488) WebPush requests on Firefox for Android did not require VAPID key * CVE-2023-6869 (bmo#1799036) Content can paint outside of sandboxed iframe
buildservice-autocommit
accepted
request 1132165
from
Wolfgang Rosenauer (wrosenauer)
(revision 1123)
baserev update by copy to link target
Wolfgang Rosenauer (wrosenauer)
accepted
request 1132141
from
Andreas Stieger (AndreasStieger)
(revision 1122)
Mozilla Firefox 120.0.1 (boo#1217910)
buildservice-autocommit
accepted
request 1129161
from
Wolfgang Rosenauer (wrosenauer)
(revision 1121)
baserev update by copy to link target
Wolfgang Rosenauer (wrosenauer)
committed
(revision 1120)
- Mozilla Firefox 120.0 https://www.mozilla.org/en-US/firefox/120.0/releasenotes MFSA 2023-49 (bsc#1217230) * CVE-2023-6204 (bmo#1841050) Out-of-bound memory access in WebGL2 blitFramebuffer * CVE-2023-6205 (bmo#1854076) Use-after-free in MessagePort::Entangled * CVE-2023-6206 (bmo#1857430) Clickjacking permission prompts using the fullscreen transition * CVE-2023-6207 (bmo#1861344) Use-after-free in ReadableByteStreamQueueEntry::Buffer * CVE-2023-6208 (bmo#1855345) Using Selection API would copy contents into X11 primary selection. * CVE-2023-6209 (bmo#1858570) Incorrect parsing of relative URLs starting with "///" * CVE-2023-6210 (bmo#1801501) Mixed-content resources not blocked in a javascript: pop-up * CVE-2023-6211 (bmo#1850200) Clickjacking to load insecure pages in HTTPS-only mode * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782) Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 * CVE-2023-6213 (bmo#1849265, bmo#1851118, bmo#1854911) Memory safety bugs fixed in Firefox 120 - rebased patches
buildservice-autocommit
accepted
request 1124746
from
Wolfgang Rosenauer (wrosenauer)
(revision 1119)
baserev update by copy to link target
Wolfgang Rosenauer (wrosenauer)
accepted
request 1124728
from
Andreas Stieger (AndreasStieger)
(revision 1118)
Mozilla Firefox 119.0.1
buildservice-autocommit
accepted
request 1121261
from
Wolfgang Rosenauer (wrosenauer)
(revision 1117)
baserev update by copy to link target
Wolfgang Rosenauer (wrosenauer)
accepted
request 1121257
from
Bjørn Lie (iznogood)
(revision 1116)
Alter .changes to avoid factory bots nack'ing the submission. (mention patches enabled/disabled).
Wolfgang Rosenauer (wrosenauer)
committed
(revision 1115)
- Mozilla Firefox 119.0 https://www.mozilla.org/en-US/firefox/119.0/releasenotes MFSA 2023-45 (bsc#1216338) * CVE-2023-5721 (bmo#1830820) Queued up rendering could have allowed websites to clickjack * CVE-2023-5722 (bmo#1738426) Cross-Origin size and header leakage * CVE-2023-5723 (bmo#1802057) Invalid cookie characters could have led to unexpected errors * CVE-2023-5724 (bmo#1836705) Large WebGL draw could have led to a crash * CVE-2023-5725 (bmo#1845739) WebExtensions could open arbitrary URLs * CVE-2023-5726 (bmo#1846205) Full screen notification obscured by file open dialog on macOS * CVE-2023-5727 (bmo#1847180) Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows * CVE-2023-5728 (bmo#1852729) Improper object tracking during GC in the JavaScript engine could have led to a crash. * CVE-2023-5729 (bmo#1823720) Fullscreen notification dialog could have been obscured by WebAuthn prompts * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833, bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002, bmo#1855306, bmo#1855640, bmo#1856695) Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1 * CVE-2023-5731 (bmo#1690111, bmo#1721904, bmo#1851803, bmo#1854068)
Wolfgang Rosenauer (wrosenauer)
committed
(revision 1114)
(boo#1216027)
Wolfgang Rosenauer (wrosenauer)
committed
(revision 1113)
- Activate KDE integration again, included rebased and updated patches (upstream removed special files handling for preferences but that has no effect since we haven't shipped obsolete kde.js for a while)
Wolfgang Rosenauer (wrosenauer)
accepted
request 1114576
from
Björn Bidar (Thaodan)
(revision 1112)
- Active KDE integration again, included rebased and updated patches
Wolfgang Rosenauer (wrosenauer)
accepted
request 1117058
from
Andreas Stieger (AndreasStieger)
(revision 1111)
Mozilla Firefox 118.0.2
buildservice-autocommit
accepted
request 1114282
from
Wolfgang Rosenauer (wrosenauer)
(revision 1110)
baserev update by copy to link target
Displaying revisions 21 - 40 of 1149