Maintainer Pavel Vasenkov in the sisyphus branch: Information
Maintainer name: Pavel Vasenkov (pav)
Built source packages in this branch: 12
-
- @ruby
Last changed
May 19, 2023, 03:07 PM
#321197 sent by Pavel Vasenkov
System call fuzz tester
May 19, 2023 Pavel Vasenkov:
- Fix removing depricated i810 definations
May 17, 2023, 11:51 PM
#321097 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
May 17, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-32205 Browser prompts could have been obscured by popups + CVE-2023-32206 Crash in RLBox Expat driver + CVE-2023-32207 Potential permissions request bypass via clickjacking + CVE-2023-32211 Content process crash due to invalid wasm code + CVE-2023-32212 Potential spoof due to obscured address bar + CVE-2023-32213 Potential memory corruption in FileReader::DoReadData() + CVE-2023-32214 Potential DoS via exposed protocol handlers + CVE-2023-32215 Memory safety bugs fixed in Thunderbird 102.11
May 17, 2023, 09:47 AM
#320575 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
May 15, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-32205 Browser prompts could have been obscured by popups + CVE-2023-32206 Crash in RLBox Expat driver + CVE-2023-32207 Potential permissions request bypass via clickjacking + CVE-2023-32211 Content process crash due to invalid wasm code + CVE-2023-32212 Potential spoof due to obscured address bar + CVE-2023-32213 Potential memory corruption in FileReader::DoReadData() + CVE-2023-32214 Potential DoS via exposed protocol handlers + CVE-2023-32215 Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
Apr 20, 2023, 11:25 AM
#318816 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
April 19, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-29531 Out-of-bound memory access in WebGL on macOS + CVE-2023-29532 Mozilla Maintenance Service Write-lock bypass + CVE-2023-29533 Fullscreen notification obscured + CVE-2023-1999 Double-free in libwebp + CVE-2023-29535 Potential Memory Corruption following Garbage Collector compaction + CVE-2023-29536 Invalid free from JavaScript code + CVE-2023-29539 Content-Disposition filename truncation leads to Reflected File Download + CVE-2023-29541 Files with malicious extensions could have been downloaded unsafely on Linux + CVE-2023-29542 Bypass of file download extension restrictions + CVE-2023-29545 Windows Save As dialog resolved environment variables + CVE-2023-1945 Memory Corruption in Safe Browsing Code + CVE-2023-29548 Incorrect optimization result on ARM64 + CVE-2023-29550 Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10
Apr 20, 2023, 10:45 AM
#318817 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
April 19, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-29531 Out-of-bound memory access in WebGL on macOS + CVE-2023-29532 Mozilla Maintenance Service Write-lock bypass + CVE-2023-29533 Fullscreen notification obscured + CVE-2023-1999 Double-free in libwebp + CVE-2023-29535 Potential Memory Corruption following Garbage Collector compaction + CVE-2023-29536 Invalid free from JavaScript code + CVE-2023-0547 Revocation status of S/Mime recipient certificates was not checked + CVE-2023-29479 Hang when processing certain OpenPGP messages + CVE-2023-29539 Content-Disposition filename truncation leads to Reflected File Download + CVE-2023-29541 Files with malicious extensions could have been downloaded unsafely on Linux + CVE-2023-29542 Bypass of file download extension restrictions + CVE-2023-29545 Windows Save As dialog resolved environment variables + CVE-2023-1945 Memory Corruption in Safe Browsing Code + CVE-2023-29548 Incorrect optimization result on ARM64 + CVE-2023-29550 Memory safety bugs fixed in Thunderbird 102.10
Mar 22, 2023, 07:14 PM
#317199 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
March 22, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-25751 Incorrect code generation during JIT compilation + CVE-2023-28164 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation + CVE-2023-28162 Invalid downcast in Worklets + CVE-2023-25752 Potential out-of-bounds when accessing throttled streams + CVE-2023-28163 Windows Save As dialog resolved environment variables + CVE-2023-28176 Memory safety bugs fixed in Thunderbird 102.9
Mar 22, 2023, 07:01 PM
#317198 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
March 22, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-25751 Incorrect code generation during JIT compilation + CVE-2023-28164 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation + CVE-2023-28162 Invalid downcast in Worklets + CVE-2023-25752 Potential out-of-bounds when accessing throttled streams + CVE-2023-28163 Windows Save As dialog resolved environment variables + CVE-2023-28176 Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9
Mar 5, 2023, 02:58 AM
#316235 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
March 3, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry + CVE-2023-25738 Printing on Windows could potentially crash Firefox with some device drivers + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext + CVE-2023-25729 Extensions could have opened external schemes without user knowledge + CVE-2023-25732 Out of bounds memory write from EncodeInputStream + CVE-2023-25734 Opening local .url files could cause unexpected network loads + CVE-2023-25742 Web Crypto ImportKey crashes tab + CVE-2023-25744 Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8 + CVE-2023-25746 Memory safety bugs fixed in Firefox ESR 102.8
Mar 2, 2023, 08:23 AM
#316076 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Feb. 28, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-0616 User Interface lockup with messages combining S/MIME and OpenPGP + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry + CVE-2023-25738 Printing on Windows could potentially crash Thunderbird with some device drivers + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext + CVE-2023-25729 Extensions could have opened external schemes without user knowledge + CVE-2023-25732 Out of bounds memory write from EncodeInputStream + CVE-2023-25734 Opening local .url files could cause unexpected network loads + CVE-2023-25742 Web Crypto ImportKey crashes tab + CVE-2023-25746 Memory safety bugs fixed in Thunderbird 102.8
Feb 14, 2023, 07:08 PM
#313517 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Jan. 18, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2022-46871 libusrsctp library out of date + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers + CVE-2022-46877 Fullscreen notification bypass + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive + CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
Feb 3, 2023, 02:03 PM
#314597 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Feb. 3, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-0430 Revocation status of S/Mime signature certificates was not checked
Jan 24, 2023, 11:45 AM
#314030 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Jan. 24, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46871 libusrsctp library out of date + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers + CVE-2022-46877 Fullscreen notification bypass + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive + CVE-2023-23605 Memory safety bugs fixed in Thunderbird 102.7
Dec 24, 2022, 11:01 PM
#312284 sent by Pavel Vasenkov
System call fuzz tester
Dec. 24, 2022 Pavel Vasenkov:
- Update from upstream - Fix missed header file - Update source url(Closes: #40516)
Dec 23, 2022, 09:44 PM
#312280 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Dec. 23, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions
Dec 16, 2022, 06:12 PM
#311856 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Dec. 16, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS + CVE-2022-46882 Use-after-free in WebGL + CVE-2022-46878 Memory safety bugs fixed in Thunderbird 102.6
Dec 15, 2022, 01:02 AM
#311756 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Dec. 14, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS + CVE-2022-46882 Use-after-free in WebGL + CVE-2022-46878 Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
Dec 9, 2022, 06:54 PM
#311455 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Dec. 9, 2022 Pavel Vasenkov:
- Build with llvm-version 12 instead llvm-version 13 (Closes: #44436)
Dec 5, 2022, 08:42 PM
#311223 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Dec. 5, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-45414 Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration
Nov 22, 2022, 10:31 AM
#310431 sent by Pavel Vasenkov
Nov 17, 2022, 03:01 PM
#310102 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Nov. 16, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-45403 Service Workers might have learned size of cross-origin media files + CVE-2022-45404 Fullscreen notification bypass + CVE-2022-45405 Use-after-free in InputStream implementation + CVE-2022-45406 Use-after-free of a JavaScript Realm + CVE-2022-45408 Fullscreen notification bypass via windowName + CVE-2022-45409 Use-after-free in Garbage Collection + CVE-2022-45410 ServiceWorker-intercepted requests bypassed SameSite cookie policy + CVE-2022-45411 Cross-Site Tracing was possible via non-standard override headers + CVE-2022-45412 Symlinks may resolve to partially uninitialized buffers + CVE-2022-45416 Keystroke Side-Channel Leakage + CVE-2022-45418 Custom mouse cursor could have been drawn over browser UI + CVE-2022-45420 Iframe contents could be rendered outside the iframe + CVE-2022-45421 Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
Nov 17, 2022, 12:26 PM
#310101 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Nov. 16, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-45403 Service Workers might have learned size of cross-origin media files + CVE-2022-45404 Fullscreen notification bypass + CVE-2022-45405 Use-after-free in InputStream implementation + CVE-2022-45406 Use-after-free of a JavaScript Realm + CVE-2022-45408 Fullscreen notification bypass via windowName + CVE-2022-45409 Use-after-free in Garbage Collection + CVE-2022-45410 ServiceWorker-intercepted requests bypassed SameSite cookie policy + CVE-2022-45411 Cross-Site Tracing was possible via non-standard override headers + CVE-2022-45412 Symlinks may resolve to partially uninitialized buffers + CVE-2022-45416 Keystroke Side-Channel Leakage + CVE-2022-45418 Custom mouse cursor could have been drawn over browser UI + CVE-2022-45420 Iframe contents could be rendered outside the iframe + CVE-2022-45421 Memory safety bugs fixed in Thunderbird 102.5
Nov 15, 2022, 09:33 PM
#310018 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Nov. 11, 2022 Pavel Vasenkov:
- New version.
Oct 24, 2022, 02:27 PM
#308901 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Oct. 24, 2022 Pavel Vasenkov:
- New version.
Oct 24, 2022, 12:41 PM
#308900 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Oct. 24, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-42927 Same-origin policy violation could have leaked cross-origin URLs + CVE-2022-42928 Memory Corruption in JS Engine + CVE-2022-42929 Denial of Service via window.print + CVE-2022-42932 Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4
Oct 11, 2022, 10:01 AM
#308169 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Oct. 10, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-3266 Out of bounds read when decoding H264 + CVE-2022-40959 Bypassing FeaturePolicy restrictions on transient pages + CVE-2022-40960 Data-race when parsing non-UTF-8 URLs in threads + CVE-2022-40958 Bypassing Secure Context restriction for cookies with __Host and __Secure prefix + CVE-2022-40956 Content-Security-Policy base-uri bypass + CVE-2022-40957 Incoherent instruction cache when building WASM on ARM64 + CVE-2022-40962 Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3
Oct 10, 2022, 09:10 AM
#308145 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Oct. 10, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-39249 Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators + CVE-2022-39250 Matrix SDK bundled with Thunderbird vulnerable to a device verification attack + CVE-2022-39251 Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack + CVE-2022-39236 Matrix SDK bundled with Thunderbird vulnerable to a data corruption issue
Sep 16, 2022, 12:57 AM
#306846 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Sept. 15, 2022 Pavel Vasenkov:
- Update language support
Sep 6, 2022, 11:54 AM
#306343 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Sept. 6, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-3033 Leaking of sensitive information when composing a response to an HTML email with a META refresh tag + CVE-2022-3032 Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked + CVE-2022-3034 An iframe element in an HTML email could trigger a network request + CVE-2022-36059 Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack
Aug 29, 2022, 09:04 AM
#304701 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Aug. 24, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-38472 Address bar spoofing via XSLT error handling + CVE-2022-38473 Cross-origin XSLT Documents would have inherited the parent's permissions + CVE-2022-38476 Data race and potential use-after-free in PK11_ChangePW + CVE-2022-38477 Memory safety bugs fixed in Thunderbird 102.2 + CVE-2022-38478 Memory safety bugs fixed in Thunderbird 102.2, and Thunderbird 91.13
Aug 25, 2022, 03:42 PM
#305733 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Aug. 25, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-38472 Address bar spoofing via XSLT error handling + CVE-2022-38473 Cross-origin XSLT Documents would have inherited the parent's permissions + CVE-2022-38476 Data race and potential use-after-free in PK11_ChangePW + CVE-2022-38477 Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 + CVE-2022-38478 Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13
Aug 18, 2022, 06:48 PM
#304700 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
July 22, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-36319 Mouse Position spoofing with CSS transforms + CVE-2022-36318 Directory indexes for bundled resources reflected URL parameters + CVE-2022-36314 Opening local <code>.lnk</code> files could cause unexpected network loads + CVE-2022-2505 Memory safety bugs fixed in Firefox 103 and 102.1
Jun 29, 2022, 08:04 PM
#302834 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
June 29, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-34479 A popup window could be resized in a way to overlay the address bar with web content + CVE-2022-34470 Use-after-free in nsSHistory + CVE-2022-34468 CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI + CVE-2022-34481 Potential integer overflow in ReplaceElementsAt + CVE-2022-31744 CSP bypass enabling stylesheet injection + CVE-2022-34472 Unavailable PAC file resulted in OCSP requests being blocked + CVE-2022-34478 Microsoft protocols can be attacked if a user accepts a prompt + CVE-2022-2200 Undesired attributes could be set as part of prototype pollution + CVE-2022-34484 Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11
Jun 4, 2022, 01:29 AM
#301216 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
June 3, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-31736 Cross-Origin resource's length leaked + CVE-2022-31737 Heap buffer overflow in WebGL + CVE-2022-31738 Browser window spoof using fullscreen mode + CVE-2022-31739 Attacker-influenced path traversal when saving downloaded files + CVE-2022-31740 Register allocation problem in WASM on arm64 + CVE-2022-31741 Uninitialized variable leads to invalid memory read + CVE-2022-1834 Braille space character caused incorrect sender email to be shown for a digitally signed email + CVE-2022-31742 Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information + CVE-2022-31747 Memory safety bugs fixed in Thunderbird 91.10
Jun 4, 2022, 01:23 AM
#301215 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
June 3, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-31736 Cross-Origin resource's length leaked + CVE-2022-31737 Heap buffer overflow in WebGL + CVE-2022-31738 Browser window spoof using fullscreen mode + CVE-2022-31739 Attacker-influenced path traversal when saving downloaded files + CVE-2022-31740 Register allocation problem in WASM on arm64 + CVE-2022-31741 Uninitialized variable leads to invalid memory read + CVE-2022-31742 Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information + CVE-2022-31747 Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
May 25, 2022, 01:13 AM
#297983 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
May 21, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-1802 Prototype pollution in Top-Level Await implementation + CVE-2022-1529 Untrusted input used in JavaScript object indexing, leading to prototype pollution
May 24, 2022, 03:12 PM
#300522 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
May 22, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-1802 Prototype pollution in Top-Level Await implementation + CVE-2022-1529 Untrusted input used in JavaScript object indexing, leading to prototype pollution
May 5, 2022, 06:17 AM
#299477 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
May 4, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-29914 Fullscreen notification bypass using popups + CVE-2022-29909 Bypassing permission prompt in nested browsing contexts + CVE-2022-29916 Leaking browser history with CSS variables + CVE-2022-29911 iframe Sandbox bypass + CVE-2022-29912 Reader mode bypassed SameSite cookies + CVE-2022-29917 Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
May 3, 2022, 11:44 PM
#297984 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
April 6, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-1097 Use-after-free in NSSToken objects + CVE-2022-28281 Out of bounds write due to unexpected WebAuthN Extensions + CVE-2022-1196 Use-after-free after VR Process destruction + CVE-2022-28282 Use-after-free in DocumentL10n::TranslateDocument + CVE-2022-28285 Incorrect AliasSet used in JIT Codegen + CVE-2022-28286 iframe contents could be rendered outside the border + CVE-2022-24713 Denial of Service via complex regular expressions + CVE-2022-28289 Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
Mar 24, 2022, 08:08 PM
#297130 sent by Pavel Vasenkov
The orginal well curated collection of extension methods for Ruby
March 23, 2022 Pavel Vasenkov:
- + disable provides cgi-exception
Mar 14, 2022, 01:06 AM
#296596 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
March 13, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-26383 Browser window spoof using fullscreen mode + CVE-2022-26384 iframe allow-scripts sandbox bypass + CVE-2022-26387 Time-of-check time-of-use bug when verifying add-on signatures + CVE-2022-26381 Use-after-free in text reflows + CVE-2022-26386 Temporary files downloaded to /tmp and accessible by other local users
Mar 14, 2022, 12:59 AM
#296595 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
March 13, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-26383 Browser window spoof using fullscreen mode + CVE-2022-26384 iframe allow-scripts sandbox bypass + CVE-2022-26387 Time-of-check time-of-use bug when verifying add-on signatures + CVE-2022-26381 Use-after-free in text reflows + CVE-2022-26386 Temporary files downloaded to /tmp and accessible by other local users
Mar 9, 2022, 03:51 PM
#296447 sent by Pavel Vasenkov
Duplicate_of_scsitarget-utils
deleted tgt
March 9, 2022 Pavel Vasenkov:
- package removed
Mar 8, 2022, 11:47 AM
#296365 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
March 8, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-26485 Use-after-free in XSLT parameter processing + CVE-2022-26486 Use-after-free in WebGPU IPC Framework
Mar 7, 2022, 10:12 PM
#296355 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
March 7, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-26485 Use-after-free in XSLT parameter processing + CVE-2022-26486 Use-after-free in WebGPU IPC Framework
Feb 18, 2022, 09:23 PM
#295503 sent by Pavel Vasenkov
Feb 12, 2022, 03:04 PM
#295259 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Feb. 12, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service + CVE-2022-22754 Extensions could have bypassed permission confirmation during update + CVE-2022-22756 Drag and dropping an image could have resulted in the dropped object being an executable + CVE-2022-22759 Sandboxed iframes could have executed script if the parent appended elements + CVE-2022-22760 Cross-Origin responses could be distinguished between script and non-script content-types + CVE-2022-22761 frame-ancestors Content Security Policy directive was not enforced for framed extension pages + CVE-2022-22763 Script Execution during invalid object state + CVE-2022-22764 Memory safety bugs fixed in Thunderbird 91.6
Feb 9, 2022, 09:49 PM
#295121 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Feb. 9, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service + CVE-2022-22754 Extensions could have bypassed permission confirmation during update + CVE-2022-22756 Drag and dropping an image could have resulted in the dropped object being an executable + CVE-2022-22759 Sandboxed iframes could have executed script if the parent appended elements + CVE-2022-22760 Cross-Origin responses could be distinguished between script and non-script content-types + CVE-2022-22761 frame-ancestors Content Security Policy directive was not enforced for framed extension pages + CVE-2022-22763 Script Execution during invalid object state + CVE-2022-22764 Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
Jan 27, 2022, 06:25 PM
#294221 sent by Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
Jan. 25, 2022 Pavel Vasenkov:
- New version.
Jan 27, 2022, 05:09 PM
#294209 sent by Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Jan. 27, 2022 Pavel Vasenkov:
- New ESR version.
Oct 21, 2021, 11:15 AM
#287749 sent by Pavel Vasenkov
The successor of GNU Wget, a file and recursive website downloader
Oct. 21, 2021 Pavel Vasenkov:
- Build for Sisyphus (closes #41170)