File _patchinfo of Package patchinfo.39846
<patchinfo incident="39846">
<issue tracker="bnc" id="1246664">VUL-0: MozillaFirefox / MozillaThunderbird: update to 141.0 and 140.1esr</issue>
<issue tracker="cve" id="2025-8027"/>
<issue tracker="cve" id="2025-8028"/>
<issue tracker="cve" id="2025-8029"/>
<issue tracker="cve" id="2025-8036"/>
<issue tracker="cve" id="2025-8037"/>
<issue tracker="cve" id="2025-8030"/>
<issue tracker="cve" id="2025-8031"/>
<issue tracker="cve" id="2025-8032"/>
<issue tracker="cve" id="2025-8038"/>
<issue tracker="cve" id="2025-8039"/>
<issue tracker="cve" id="2025-8033"/>
<issue tracker="cve" id="2025-8034"/>
<issue tracker="cve" id="2025-8040"/>
<issue tracker="cve" id="2025-8035"/>
<packager>MSirringhaus</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for MozillaFirefox</summary>
<description>This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 140.1.0 ESR
* MFSA-RESERVE-2025-1968423 (bmo#1968423)
JavaScript engine only wrote partial return value to stack
* MFSA-RESERVE-2025-1971581 (bmo#1971581)
Large branch table could lead to truncated instruction
* MFSA-RESERVE-2025-1928021 (bmo#1928021)
CSP does not block javascript: URLs on object and embed tags
* MFSA-RESERVE-2025-1960834 (bmo#1960834)
DNS rebinding circumvents CORS
* MFSA-RESERVE-2025-1964767 (bmo#1964767)
Nameless cookies shadow secure cookies
* MFSA-RESERVE-2025-1968414 (bmo#1968414)
Potential user-assisted code execution in “Copy as cURL”
command
* MFSA-RESERVE-2025-1971719 (bmo#1971719)
Incorrect URL stripping in CSP reports
* MFSA-RESERVE-2025-1974407 (bmo#1974407)
XSLT documents could by-pass CSP
* MFSA-RESERVE-2025-1808979 (bmo#1808979)
CSP frame-src was not correctly enforced for paths
* MFSA-RESERVE-2025-1970997 (bmo#1970997)
Search terms persist in URL bar
* MFSA-RESERVE-2025-1973990 (bmo#1973990)
Incorrect JavaScript state machine for generators
* MFSA-RESERVE-2025-1 (bmo#1970422, bmo#1970422, bmo#1970422,
bmo#1970422)
Memory safety bugs fixed in Firefox ESR 115.26, Thunderbird
ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1,
Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
* MFSA-RESERVE-2025-2 (bmo#1975058, bmo#1975058, bmo#1975998,
bmo#1975998)
Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird
ESR 140.1, Firefox 141 and Thunderbird 141
* MFSA-RESERVE-2025-3 (bmo#1975961, bmo#1975961, bmo#1975961)
Memory safety bugs fixed in Firefox ESR 128.13, Firefox ESR
140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
Various security fixes MFSA 2025-59 (bsc#1246664):
- CVE-2025-8027: JavaScript engine only wrote partial return value to stack
- CVE-2025-8028: Large branch table could lead to truncated instruction
- CVE-2025-8029: javascript: URLs executed on object and embed tags
- CVE-2025-8036: DNS rebinding circumvents CORS
- CVE-2025-8037: Nameless cookies shadow secure cookies
- CVE-2025-8030: Potential user-assisted code execution in “Copy as cURL” command
- CVE-2025-8031: Incorrect URL stripping in CSP reports
- CVE-2025-8032: XSLT documents could bypass CSP
- CVE-2025-8038: CSP frame-src was not correctly enforced for paths
- CVE-2025-8039: Search terms persisted in URL bar
- CVE-2025-8033: Incorrect JavaScript state machine for generators
- CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
- CVE-2025-8040: Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
- CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
</description>
</patchinfo>
