|
1 ------------------------------------------------------------------- |
|
2 Wed Apr 3 12:50:27 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> |
|
3 |
|
4 - Mozilla Firefox 124.0.2 |
|
5 https://www.mozilla.org/en-US/firefox/124.0.2/releasenotes/ |
|
6 * Fixed an issue where users with a large amount of bookmarks would |
|
7 be unable to restore a bookmarks backup. (bmo#1884308) |
|
8 * Fixed an issue that would cause open Firefox windows |
|
9 to go blank or crash during video playback on sites such as |
|
10 Netflix. (bmo#1883932) |
|
11 * Fixed a crash that affected Linux AArch64 builds. (bmo#1866396) |
|
12 * Fixed an issue where some users experienced difficulties loading |
|
13 webpages due to changes made to the default AppArmor configuration |
|
14 shipping in Ubuntu 24.04. (bmo#1884347) |
|
15 |
|
16 ------------------------------------------------------------------- |
|
17 Fri Mar 22 09:53:26 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org> |
|
18 |
|
19 - Mozilla Firefox 124.0.1 |
|
20 https://www.mozilla.org/en-US/firefox/124.0.1/releasenotes/ |
|
21 MFSA 2024-15 (bsc#1221850) |
|
22 * CVE-2024-29943 (bmo#1886849) |
|
23 Out-of-bounds access via Range Analysis bypass |
|
24 * CVE-2024-29944 (bmo#1886852) |
|
25 Privileged JavaScript Execution via Event Handlers |
|
26 Mozilla Firefox 124.0 |
|
27 https://www.mozilla.org/en-US/firefox/124.0/releasenotes/ |
|
28 MFSA 2024-12 (bsc#1221327) |
|
29 * CVE-2024-2605 (bmo#1872920) |
|
30 Windows Error Reporter could be used as a Sandbox escape vector |
|
31 * CVE-2024-2606 (bmo#1879237) |
|
32 Mishandling of WASM register values |
|
33 * CVE-2024-2607 (bmo#1879939) |
|
34 JIT code failed to save return registers on Armv7-A |
|
35 * CVE-2024-2608 (bmo#1880692) |
|
36 Integer overflow could have led to out of bounds write |
|
37 * CVE-2023-5388 (bmo#1780432) |
|
38 NSS susceptible to timing attack against RSA decryption |
|
39 * CVE-2024-2609 (bmo#1866100) |
|
40 Permission prompt input delay could expire when not in focus |
|
41 * CVE-2024-2610 (bmo#1871112) |
|
42 Improper handling of html and body tags enabled CSP nonce leakage |
|
43 * CVE-2024-2611 (bmo#1876675) |
|
44 Clickjacking vulnerability could have led to a user accidentally |
|
45 granting permissions |
|
46 * CVE-2024-2612 (bmo#1879444) |
|
47 Self referencing object could have potentially led to a use- |
|
48 after-free |
|
49 * CVE-2024-2613 (bmo#1875701) |
|
50 Improper handling of QUIC ACK frame data could have led to OOM |
|
51 * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093) |
|
52 Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, |
|
53 and Thunderbird 115.9 |
|
54 * CVE-2024-2615 (bmo#1881074, bmo#1881650, bmo#1882438) |
|
55 Memory safety bugs fixed in Firefox 124 |
|
56 - requires |
|
57 NSS = 3.98 |
|
58 rust-cbindgen >= 0.26 |
|
59 |
1 ------------------------------------------------------------------- |
60 ------------------------------------------------------------------- |
2 Fri Mar 8 06:16:48 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de> |
61 Fri Mar 8 06:16:48 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de> |
3 |
62 |
4 - Mozilla Firefox 123.0.1 |
63 - Mozilla Firefox 123.0.1 |
5 * Fixed the *Firefox Translation* language indicator in the |
64 * Fixed the *Firefox Translation* language indicator in the |