Overview

File _patchinfo of Package patchinfo.31591

<patchinfo incident="31591">
  <issue tracker="bnc" id="1217230">VUL-0: MozillaFirefox / MozillaThunderbird: update to 120 and 115.5esr</issue>
  <issue tracker="cve" id="2023-6208"/>
  <issue tracker="cve" id="2023-6212"/>
  <issue tracker="cve" id="2023-6206"/>
  <issue tracker="cve" id="2023-6204"/>
  <issue tracker="cve" id="2023-6207"/>
  <issue tracker="cve" id="2023-6205"/>
  <issue tracker="cve" id="2023-6209"/>
  <packager>MSirringhaus</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for MozillaThunderbird</summary>
  <description>This update for MozillaThunderbird fixes the following issues:

- Mozilla Thunderbird 115.5.0 MFSA 2023-52 (bsc#1217230)

  * CVE-2023-6204: Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205: Use-after-free in MessagePort::Entangled
  * CVE-2023-6206: Clickjacking permission prompts using the fullscreen transition
  * CVE-2023-6207: Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208: Using Selection API would copy contents into X11 primary selection.
  * CVE-2023-6209: Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6212: Memory safety bugs
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places