File _patchinfo of Package patchinfo.34414

<patchinfo incident="34414">
  <issue tracker="bnc" id="1226027">VUL-0: MozillaFirefox / MozillaThunderbird: update to 127.0 and 115.12esr</issue>
  <issue tracker="cve" id="2024-5700"/>
  <issue tracker="cve" id="2024-5702"/>
  <issue tracker="cve" id="2024-5690"/>
  <issue tracker="cve" id="2024-5692"/>
  <issue tracker="cve" id="2024-5691"/>
  <issue tracker="cve" id="2024-5688"/>
  <issue tracker="cve" id="2024-5696"/>
  <issue tracker="cve" id="2024-5693"/>
  <packager>MSirringhaus</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for MozillaThunderbird</summary>
  <description>This update for MozillaThunderbird fixes the following issues:

- Update to version 115.12.0 ESR (bsc#1226027)
- CVE-2024-5702: Use-after-free in networking
- CVE-2024-5688: Use-after-free in JavaScript object transplant
- CVE-2024-5690: External protocol handlers leaked by timing attack
- CVE-2024-5691: Sandboxed iframes were able to bypass sandbox restrictions to open a new window
- CVE-2024-5692: Bypass of file name restrictions during saving
- CVE-2024-5693: Cross-Origin Image leak via Offscreen Canvas
- CVE-2024-5696: Memory Corruption in Text Fragments
- CVE-2024-5700: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12
</description>
</patchinfo>