File _patchinfo of Package patchinfo.41601

<patchinfo incident="41601">
  <issue tracker="bnc" id="1253188">VUL-0: MozillaFirefox / MozillaThunderbird: update to 145.0 and 140.5esr</issue>
  <issue tracker="cve" id="2025-13013"/>
  <issue tracker="cve" id="2025-11709"/>
  <issue tracker="cve" id="2025-13017"/>
  <issue tracker="cve" id="2025-11710"/>
  <issue tracker="cve" id="2025-13012"/>
  <issue tracker="cve" id="2025-13018"/>
  <issue tracker="cve" id="2025-13019"/>
  <issue tracker="cve" id="2025-11715"/>
  <issue tracker="cve" id="2025-13016"/>
  <issue tracker="cve" id="2025-11711"/>
  <issue tracker="cve" id="2025-11712"/>
  <issue tracker="cve" id="2025-11714"/>
  <issue tracker="cve" id="2025-13014"/>
  <issue tracker="cve" id="2025-11713"/>
  <issue tracker="cve" id="2025-11708"/>
  <issue tracker="cve" id="2025-13020"/>
  <issue tracker="cve" id="2025-13015"/>
  <packager>MSirringhaus</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for MozillaFirefox</summary>
  <description>This update for MozillaFirefox fixes the following issues:

- Update to Firefox Extended Support Release 140.5.0 ESR (bsc#1253188)
- CVE-2025-13012: Race condition in the Graphics component.
- CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component.
- CVE-2025-13017: Same-origin policy bypass in the DOM: Notifications component.
- CVE-2025-13018: Mitigation bypass in the DOM: Security component.
- CVE-2025-13019: Same-origin policy bypass in the DOM: Workers component.
- CVE-2025-13013: Mitigation bypass in the DOM: Core &amp; HTML component.
- CVE-2025-13020: Use-after-free in the WebRTC: Audio/Video component.
- CVE-2025-13014: Use-after-free in the Audio/Video component.
- CVE-2025-13015: Spoofing issue in Firefox.
  </description>
</patchinfo>