Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:dirkmueller:acdc:as_python3_module
patchinfo.24855
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.24855
<patchinfo incident="24855"> <issue tracker="bnc" id="1200793">VUL-0: MozillaFirefox / MozillaThunderbird: update to 102 and 91.11esr</issue> <issue tracker="cve" id="2022-2200"/> <issue tracker="cve" id="2022-31744"/> <issue tracker="cve" id="2022-34468"/> <issue tracker="cve" id="2022-34470"/> <issue tracker="cve" id="2022-34472"/> <issue tracker="cve" id="2022-34478"/> <issue tracker="cve" id="2022-34479"/> <issue tracker="cve" id="2022-34481"/> <issue tracker="cve" id="2022-34484"/> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaFirefox</summary> <description>This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR (MFSA 2022-25) (bsc#1200793): - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution (bmo#1771381) - CVE-2022-31744: CSP bypass enabling stylesheet injection (bmo#1757604) - CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (bmo#1768537) - CVE-2022-34470: Use-after-free in nsSHistory (bmo#1765951) - CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked (bmo#1770123) - CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt (bmo#1773717) - CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content (bmo#1745595) - CVE-2022-34481: Potential integer overflow in ReplaceElementsAt (bmo#1497246) - CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 (bmo#1763634, bmo#1772651) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor