diff -r 2a0735b1eb92 -r 3a2c95022db2 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Thu Feb 22 20:31:18 2024 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Fri Mar 22 10:02:25 2024 +0100 @@ -1,4 +1,59 @@ ------------------------------------------------------------------- +Fri Mar 8 06:16:48 UTC 2024 - Andreas Stieger + +- Mozilla Firefox 123.0.1 + * Fixed the *Firefox Translation* language indicator in the + address bar displaying a colored square icon instead of the + language code icon. (bmo#1879415) + * Fixed a regression with the `onChange` event not firing when + clearing the value of a `textarea` HTML field. + (bmo#1881457) + * Fixed a regression in the JavaScript JIT engine incorrectly + inlining strings in some cases. (bmo#1882386) + * Fixed: Fixed low contrast of text when selecting rows in the + Developer tools' Storage panel. (bmo#1877090) + +------------------------------------------------------------------- +Thu Feb 22 11:02:39 UTC 2024 - Wolfgang Rosenauer + +- Mozilla Firefox 123.0 + https://www.mozilla.org/en-US/firefox/123.0/releasenotes/ + MFSA 2024-05 (bsc#1220048) + * CVE-2024-1546 (bmo#1843752) + Out-of-bounds memory read in networking channels + * CVE-2024-1547 (bmo#1877879) + Alert dialog could have been spoofed on another site + * CVE-2024-1554 (bmo#1816390) + fetch could be used to effect cache poisoning + * CVE-2024-1548 (bmo#1832627) + Fullscreen Notification could have been hidden by select element + * CVE-2024-1549 (bmo#1833814) + Custom cursor could obscure the permission dialog + * CVE-2024-1550 (bmo#1860065) + Mouse cursor re-positioned unexpectedly could have led to + unintended permission grants + * CVE-2024-1551 (bmo#1864385) + Multipart HTTP Responses would accept the Set-Cookie header + in response parts + * CVE-2024-1555 (bmo#1873223) + SameSite cookies were not properly respected when opening a + website from an external browser + * CVE-2024-1556 (bmo#1870414) + Invalid memory access in the built-in profiler + * CVE-2024-1552 (bmo#1874502) + Incorrect code generation on 32-bit ARM devices + * CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498, bmo#1872296, + bmo#1873521, bmo#1873577, bmo#1873597, bmo#1873866, bmo#1874080, + bmo#1874740, bmo#1875795, bmo#1875906, bmo#1876425, bmo#1878211, + bmo#1878286) + Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, + and Thunderbird 115.8 + * CVE-2024-1557 (bmo#1746471, bmo#1848829, bmo#1864011, bmo#1869175, + bmo#1869455, bmo#1869938, bmo#1871606) + Memory safety bugs fixed in Firefox 123 +- requires NSS 3.97 + +------------------------------------------------------------------- Tue Feb 13 21:21:15 UTC 2024 - Andreas Stieger - Mozilla Firefox 122.0.1