Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox124
changeset 1202 28ebbea625bd
parent 1201 3a2c95022db2 
--- a/MozillaFirefox/MozillaFirefox.changes	Fri Mar 22 10:02:25 2024 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes	Sun Apr 21 06:46:25 2024 +0200
@@ -1,4 +1,63 @@
 -------------------------------------------------------------------
+Wed Apr  3 12:50:27 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Mozilla Firefox 124.0.2
+  https://www.mozilla.org/en-US/firefox/124.0.2/releasenotes/
+  * Fixed an issue where users with a large amount of bookmarks would
+    be unable to restore a bookmarks backup. (bmo#1884308)
+  * Fixed an issue that would cause open Firefox windows
+    to go blank or crash during video playback on sites such as
+    Netflix. (bmo#1883932)
+  * Fixed a crash that affected Linux AArch64 builds. (bmo#1866396)
+  * Fixed an issue where some users experienced difficulties loading
+    webpages due to changes made to the default AppArmor configuration
+    shipping in Ubuntu 24.04. (bmo#1884347)
+
+-------------------------------------------------------------------
+Fri Mar 22 09:53:26 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 124.0.1
+  https://www.mozilla.org/en-US/firefox/124.0.1/releasenotes/
+  MFSA 2024-15 (bsc#1221850)
+  * CVE-2024-29943 (bmo#1886849)
+    Out-of-bounds access via Range Analysis bypass
+  * CVE-2024-29944 (bmo#1886852)
+    Privileged JavaScript Execution via Event Handlers
+  Mozilla Firefox 124.0
+  https://www.mozilla.org/en-US/firefox/124.0/releasenotes/
+  MFSA 2024-12 (bsc#1221327)
+  * CVE-2024-2605 (bmo#1872920)
+    Windows Error Reporter could be used as a Sandbox escape vector
+  * CVE-2024-2606 (bmo#1879237)
+    Mishandling of WASM register values
+  * CVE-2024-2607 (bmo#1879939)
+    JIT code failed to save return registers on Armv7-A
+  * CVE-2024-2608 (bmo#1880692)
+    Integer overflow could have led to out of bounds write
+  * CVE-2023-5388 (bmo#1780432)
+    NSS susceptible to timing attack against RSA decryption
+  * CVE-2024-2609 (bmo#1866100)
+    Permission prompt input delay could expire when not in focus
+  * CVE-2024-2610 (bmo#1871112)
+    Improper handling of html and body tags enabled CSP nonce leakage
+  * CVE-2024-2611 (bmo#1876675)
+    Clickjacking vulnerability could have led to a user accidentally
+    granting permissions
+  * CVE-2024-2612 (bmo#1879444)
+    Self referencing object could have potentially led to a use-
+    after-free
+  * CVE-2024-2613 (bmo#1875701)
+    Improper handling of QUIC ACK frame data could have led to OOM
+  * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093)
+    Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
+    and Thunderbird 115.9
+  * CVE-2024-2615 (bmo#1881074, bmo#1881650, bmo#1882438)
+    Memory safety bugs fixed in Firefox 124
+- requires
+  NSS = 3.98
+  rust-cbindgen >= 0.26
+
+-------------------------------------------------------------------
 Fri Mar  8 06:16:48 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
 
 - Mozilla Firefox 123.0.1
mozilla