Сопровождающий Pavel Vasenkov в ветке sisyphus: Информация
Имя сопровождающего: Pavel Vasenkov (pav)
Собрано source пакетов в данной ветке: 13
-
- @ruby
Последние изменения
22 марта 2024 г. 15:46
#343332 отправлено Pavel Vasenkov
pgAdmin is the most popular and feature rich Open Source administration and development platform for PostgreSQL
22 марта 2024 г. Pavel Vasenkov:
- Fixed packages dependencies (Closes: #49747)
12 марта 2024 г. 21:49
#342580 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
12 марта 2024 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2024-1936 Leaking of encrypted email subjects to other conversations
1 марта 2024 г. 19:41
#341795 отправлено Pavel Vasenkov
Security and system auditing tool
1 марта 2024 г. Pavel Vasenkov:
- update new release 3.0.9 (Closed: #49562)
24 февраля 2024 г. 23:23
#341315 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
24 февраля 2024 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2024-1546 Out-of-bounds memory read in networking channels + CVE-2024-1547 Alert dialog could have been spoofed on another site + CVE-2024-1548 Fullscreen Notification could have been hidden by select element + CVE-2024-1549 Custom cursor could obscure the permission dialog + CVE-2024-1550 Mouse cursor re-positioned unexpectedly could have led to unintended permission grants + CVE-2024-1551 Multipart HTTP Responses would accept the Set-Cookie header in response parts + CVE-2024-1552 Incorrect code generation on 32-bit ARM devices + CVE-2024-1553 Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
22 февраля 2024 г. 16:26
#341225 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
21 февраля 2024 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2024-1546 Out-of-bounds memory read in networking channels + CVE-2024-1547 Alert dialog could have been spoofed on another site + CVE-2024-1548 Fullscreen Notification could have been hidden by select element + CVE-2024-1549 Custom cursor could obscure the permission dialog + CVE-2024-1550 Mouse cursor re-positioned unexpectedly could have led to unintended permission grants + CVE-2024-1551 Multipart HTTP Responses would accept the Set-Cookie header in response parts + CVE-2024-1552 Incorrect code generation on 32-bit ARM devices + CVE-2024-1553 Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
4 февраля 2024 г. 17:26
#339732 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
4 февраля 2024 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2024-0741 Out of bounds write in ANGLE + CVE-2024-0742 Failure to update user input timestamp + CVE-2024-0746 Crash when listing printers on Linux + CVE-2024-0747 Bypass of Content Security Policy when directive unsafe-inline was set + CVE-2024-0749 Phishing site popup could show local origin in address bar + CVE-2024-0750 Potential permissions request bypass via clickjacking + CVE-2024-0751 Privilege escalation through devtools + CVE-2024-0753 HSTS policy on subdomain could bypass policy of upper domain + CVE-2024-0755 Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7
4 февраля 2024 г. 10:37
#339728 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
4 февраля 2024 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2024-0741 Out of bounds write in ANGLE + CVE-2024-0742 Failure to update user input timestamp + CVE-2024-0746 Crash when listing printers on Linux + CVE-2024-0747 Bypass of Content Security Policy when directive unsafe-inline was set + CVE-2024-0749 Phishing site popup could show local origin in address bar + CVE-2024-0750 Potential permissions request bypass via clickjacking + CVE-2024-0751 Privilege escalation through devtools + CVE-2024-0753 HSTS policy on subdomain could bypass policy of upper domain + CVE-2024-0755 Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7
27 декабря 2023 г. 16:22
#337340 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
21 декабря 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-50762 Truncated signed text was shown with a valid OpenPGP signature + CVE-2023-50761 S/MIME signature accepted despite mismatching message date + CVE-2023-6856 Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver + CVE-2023-6857 Symlinks may resolve to smaller than expected buffers + CVE-2023-6858 Heap buffer overflow in nsTextFragment + CVE-2023-6859 Use-after-free in PR_GetIdentitiesLayer + CVE-2023-6860 Potential sandbox escape due to VideoBridge lack of texture validation + CVE-2023-6861 Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode + CVE-2023-6862 Use-after-free in nsDNSService + CVE-2023-6863 Undefined behavior in ShutdownObserver()
20 декабря 2023 г. 14:37
#336858 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
20 декабря 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-6856 Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver + CVE-2023-6865 Potential exposure of uninitialized data in EncryptingOutputStream + CVE-2023-6857 Symlinks may resolve to smaller than expected buffers + CVE-2023-6858 Heap buffer overflow in nsTextFragment + CVE-2023-6859 Use-after-free in PR_GetIdentitiesLayer + CVE-2023-6860 Potential sandbox escape due to VideoBridge lack of texture validation + CVE-2023-6867 Clickjacking permission prompts using the popup transition + CVE-2023-6861 Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode + CVE-2023-6862 Use-after-free in nsDNSService + CVE-2023-6863 Undefined behavior in ShutdownObserver() + CVE-2023-6864 Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6
3 ноября 2023 г. 13:48
#333443 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
2 ноября 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-5721 Queued up rendering could have allowed websites to clickjack + CVE-2023-5732 Address bar spoofing via bidirectional characters + CVE-2023-5724 Large WebGL draw could have led to a crash + CVE-2023-5725 WebExtensions could open arbitrary URLs + CVE-2023-5726 Full screen notification obscured by file open dialog on macOS + CVE-2023-5727 Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows + CVE-2023-5728 Improper object tracking during GC in the JavaScript engine could have led to a crash. + CVE-2023-5730 Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1
2 ноября 2023 г. 10:41
#333372 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
1 ноября 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-5721 Queued up rendering could have allowed websites to clickjack + CVE-2023-5732 Address bar spoofing via bidirectional characters + CVE-2023-5724 Large WebGL draw could have led to a crash + CVE-2023-5725 WebExtensions could open arbitrary URLs + CVE-2023-5726 Full screen notification obscured by file open dialog on macOS + CVE-2023-5727 Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows + CVE-2023-5728 Improper object tracking during GC in the JavaScript engine could have led to a crash. + CVE-2023-5730 Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1
17 октября 2023 г. 16:20
#331922 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
16 октября 2023 г. Pavel Vasenkov:
- Fix check dependencies error for GLIBC_PRIVATE
16 октября 2023 г. 22:20
#331921 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
16 октября 2023 г. Pavel Vasenkov:
- Fix check dependencies error for GLIBC_PRIVATE
14 октября 2023 г. 8:23
#331418 отправлено Pavel Vasenkov
E-book reader application
10 октября 2023 г. Pavel Vasenkov:
- New version (Closes: #47908)
14 октября 2023 г. 2:12
#331419 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
13 октября 2023 г. Pavel Vasenkov:
- Fix folder location for config-privacy js configuration files (Closes #47960)
8 октября 2023 г. 0:18
#331244 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
6 октября 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-5168 Out-of-bounds write in FilterNodeD2D1 + CVE-2023-5169 Out-of-bounds write in PathOps + CVE-2023-5171 Use-after-free in Ion Compiler + CVE-2023-5174 Double-free in process spawning on Windows + CVE-2023-5176 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 + CVE-2023-5217 Heap buffer overflow in libvpx
30 сентября 2023 г. 8:09
#330520 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
29 сентября 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-5168 Out-of-bounds write in FilterNodeD2D1 + CVE-2023-5169 Out-of-bounds write in PathOps + CVE-2023-5171 Use-after-free in Ion Compiler + CVE-2023-5174 Double-free in process spawning on Windows + CVE-2023-5176 Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 + CVE-2023-5217 Heap buffer overflow in libvpx
25 сентября 2023 г. 12:11
#328494 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
14 сентября 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-3600 Use-after-free in workers + CVE-2023-3417 File Extension Spoofing using the Text Direction Override Character + CVE-2023-4045 Offscreen Canvas could have bypassed cross-origin restrictions + CVE-2023-4046 Incorrect value used during WASM compilation + CVE-2023-4047 Potential permissions request bypass via clickjacking + CVE-2023-4048 Crash in DOMParser due to out-of-memory conditions + CVE-2023-4049 Fix potential race conditions when releasing platform objects + CVE-2023-4050 Stack buffer overflow in StorageManager + CVE-2023-4052 File deletion and privilege escalation through Firefox uninstaller + CVE-2023-4054 Lack of warning when opening appref-ms files + CVE-2023-4055 Cookie jar overflow caused unexpected cookie jar state + CVE-2023-4056 Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 + CVE-2023-4057 Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1 + CVE-2023-4573 Memory corruption in IPC CanvasTranslator + CVE-2023-4574 Memory corruption in IPC ColorPickerShownCallback + CVE-2023-4575 Memory corruption in IPC FilePickerShownCallback + CVE-2023-4576 Integer Overflow in RecordedSourceSurfaceCreation + CVE-2023-4577 Memory corruption in JIT UpdateRegExpStatics + CVE-2023-4051 Full screen notification obscured by file open dialog + CVE-2023-4578 Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception + CVE-2023-4053 Full screen notification obscured by external program + CVE-2023-4580 Push notifications saved to disk unencrypted + CVE-2023-4581 XLL file extensions were downloadable without warnings + CVE-2023-4582 Buffer Overflow in WebGL glGetProgramiv + CVE-2023-4583 Browsing Context potentially not cleared when closing Private Window + CVE-2023-4584 Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 + CVE-2023-4585 Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 + CVE-2023-4863 Heap buffer overflow in libwebp
21 сентября 2023 г. 13:16
#329982 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
20 сентября 2023 г. Pavel Vasenkov:
- Restored build for 32bit archs
20 сентября 2023 г. 8:36
#329883 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
8 сентября 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-3600 Use-after-free in workers + CVE-2023-4045 Offscreen Canvas could have bypassed cross-origin restrictions + CVE-2023-4046 Incorrect value used during WASM compilation + CVE-2023-4047 Potential permissions request bypass via clickjacking + CVE-2023-4048 Crash in DOMParser due to out-of-memory conditions + CVE-2023-4049 Fix potential race conditions when releasing platform objects + CVE-2023-4050 Stack buffer overflow in StorageManager + CVE-2023-4052 File deletion and privilege escalation through Firefox uninstaller + CVE-2023-4054 Lack of warning when opening appref-ms files + CVE-2023-4055 Cookie jar overflow caused unexpected cookie jar state + CVE-2023-4056 Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 + CVE-2023-4057 Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1 + CVE-2023-4573 Memory corruption in IPC CanvasTranslator + CVE-2023-4574 Memory corruption in IPC ColorPickerShownCallback + CVE-2023-4575 Memory corruption in IPC FilePickerShownCallback + CVE-2023-4576 Integer Overflow in RecordedSourceSurfaceCreation + CVE-2023-4577 Memory corruption in JIT UpdateRegExpStatics + CVE-2023-4051 Full screen notification obscured by file open dialog + CVE-2023-4578 Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception + CVE-2023-4053 Full screen notification obscured by external program + CVE-2023-4580 Push notifications saved to disk unencrypted + CVE-2023-4581 XLL file extensions were downloadable without warnings + CVE-2023-4582 Buffer Overflow in WebGL glGetProgramiv + CVE-2023-4583 Browsing Context potentially not cleared when closing Private Window + CVE-2023-4584 Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 + CVE-2023-4585 Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 + CVE-2023-4863 Heap buffer overflow in libwebp
20 сентября 2023 г. 1:36
#329882 отправлено Pavel Vasenkov
E-book reader application
18 сентября 2023 г. Pavel Vasenkov:
- ExcludeArch: i386 i486 i586 i686 i786 i886 i986 pentium2 pentium3 pentium4 k6 athlon athlon_xp ppc64le
GUI prototyping tool
18 сентября 2023 г. Pavel Vasenkov:
- ExcludeArch: i386 i486 i586 i686 i786 i886 i986 pentium2 pentium3 pentium4 k6 athlon athlon_xp ppc64le
configure firefox for a livecd environment
18 сентября 2023 г. Pavel Vasenkov:
- ExcludeArch: i386 i486 i586 i686 i786 i886 i986 pentium2 pentium3 pentium4 k6 athlon athlon_xp ppc64le
start the browser for a suitable webkiosk environment
19 сентября 2023 г. Pavel Vasenkov:
- ExcludeArch: i386 i486 i586 i686 i786 i886 i986 pentium2 pentium3 pentium4 k6 athlon athlon_xp ppc64le
30 июня 2023 г. 22:42
#323806 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
27 июня 2023 г. Pavel Vasenkov:
- Fixes: Unstable name collisions Build failure with GCC 13
30 июня 2023 г. 22:02
#323808 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
27 июня 2023 г. Pavel Vasenkov:
- Fixes: Unstable name collisions Build failure with GCC 13
14 июня 2023 г. 17:05
#322997 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
14 июня 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-34414 Click-jacking certificate exceptions through rendering lag + CVE-2023-34416 Memory safety bugs fixed in Thunderbird 102.12
8 июня 2023 г. 5:55
#322571 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
7 июня 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-34414 Click-jacking certificate exceptions through rendering lag + CVE-2023-34416 Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12
19 мая 2023 г. 15:07
#321197 отправлено Pavel Vasenkov
System call fuzz tester
19 мая 2023 г. Pavel Vasenkov:
- Fix removing depricated i810 definations
17 мая 2023 г. 23:51
#321097 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
17 мая 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-32205 Browser prompts could have been obscured by popups + CVE-2023-32206 Crash in RLBox Expat driver + CVE-2023-32207 Potential permissions request bypass via clickjacking + CVE-2023-32211 Content process crash due to invalid wasm code + CVE-2023-32212 Potential spoof due to obscured address bar + CVE-2023-32213 Potential memory corruption in FileReader::DoReadData() + CVE-2023-32214 Potential DoS via exposed protocol handlers + CVE-2023-32215 Memory safety bugs fixed in Thunderbird 102.11
17 мая 2023 г. 9:47
#320575 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
15 мая 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-32205 Browser prompts could have been obscured by popups + CVE-2023-32206 Crash in RLBox Expat driver + CVE-2023-32207 Potential permissions request bypass via clickjacking + CVE-2023-32211 Content process crash due to invalid wasm code + CVE-2023-32212 Potential spoof due to obscured address bar + CVE-2023-32213 Potential memory corruption in FileReader::DoReadData() + CVE-2023-32214 Potential DoS via exposed protocol handlers + CVE-2023-32215 Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
20 апреля 2023 г. 11:25
#318816 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
19 апреля 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-29531 Out-of-bound memory access in WebGL on macOS + CVE-2023-29532 Mozilla Maintenance Service Write-lock bypass + CVE-2023-29533 Fullscreen notification obscured + CVE-2023-1999 Double-free in libwebp + CVE-2023-29535 Potential Memory Corruption following Garbage Collector compaction + CVE-2023-29536 Invalid free from JavaScript code + CVE-2023-29539 Content-Disposition filename truncation leads to Reflected File Download + CVE-2023-29541 Files with malicious extensions could have been downloaded unsafely on Linux + CVE-2023-29542 Bypass of file download extension restrictions + CVE-2023-29545 Windows Save As dialog resolved environment variables + CVE-2023-1945 Memory Corruption in Safe Browsing Code + CVE-2023-29548 Incorrect optimization result on ARM64 + CVE-2023-29550 Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10
20 апреля 2023 г. 10:45
#318817 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
19 апреля 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-29531 Out-of-bound memory access in WebGL on macOS + CVE-2023-29532 Mozilla Maintenance Service Write-lock bypass + CVE-2023-29533 Fullscreen notification obscured + CVE-2023-1999 Double-free in libwebp + CVE-2023-29535 Potential Memory Corruption following Garbage Collector compaction + CVE-2023-29536 Invalid free from JavaScript code + CVE-2023-0547 Revocation status of S/Mime recipient certificates was not checked + CVE-2023-29479 Hang when processing certain OpenPGP messages + CVE-2023-29539 Content-Disposition filename truncation leads to Reflected File Download + CVE-2023-29541 Files with malicious extensions could have been downloaded unsafely on Linux + CVE-2023-29542 Bypass of file download extension restrictions + CVE-2023-29545 Windows Save As dialog resolved environment variables + CVE-2023-1945 Memory Corruption in Safe Browsing Code + CVE-2023-29548 Incorrect optimization result on ARM64 + CVE-2023-29550 Memory safety bugs fixed in Thunderbird 102.10
22 марта 2023 г. 19:14
#317199 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
22 марта 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-25751 Incorrect code generation during JIT compilation + CVE-2023-28164 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation + CVE-2023-28162 Invalid downcast in Worklets + CVE-2023-25752 Potential out-of-bounds when accessing throttled streams + CVE-2023-28163 Windows Save As dialog resolved environment variables + CVE-2023-28176 Memory safety bugs fixed in Thunderbird 102.9
22 марта 2023 г. 19:01
#317198 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
22 марта 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-25751 Incorrect code generation during JIT compilation + CVE-2023-28164 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation + CVE-2023-28162 Invalid downcast in Worklets + CVE-2023-25752 Potential out-of-bounds when accessing throttled streams + CVE-2023-28163 Windows Save As dialog resolved environment variables + CVE-2023-28176 Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9
5 марта 2023 г. 2:58
#316235 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
3 марта 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry + CVE-2023-25738 Printing on Windows could potentially crash Firefox with some device drivers + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext + CVE-2023-25729 Extensions could have opened external schemes without user knowledge + CVE-2023-25732 Out of bounds memory write from EncodeInputStream + CVE-2023-25734 Opening local .url files could cause unexpected network loads + CVE-2023-25742 Web Crypto ImportKey crashes tab + CVE-2023-25744 Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8 + CVE-2023-25746 Memory safety bugs fixed in Firefox ESR 102.8
2 марта 2023 г. 8:23
#316076 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
28 февраля 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-0616 User Interface lockup with messages combining S/MIME and OpenPGP + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry + CVE-2023-25738 Printing on Windows could potentially crash Thunderbird with some device drivers + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext + CVE-2023-25729 Extensions could have opened external schemes without user knowledge + CVE-2023-25732 Out of bounds memory write from EncodeInputStream + CVE-2023-25734 Opening local .url files could cause unexpected network loads + CVE-2023-25742 Web Crypto ImportKey crashes tab + CVE-2023-25746 Memory safety bugs fixed in Thunderbird 102.8
14 февраля 2023 г. 19:08
#313517 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
18 января 2023 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2022-46871 libusrsctp library out of date + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers + CVE-2022-46877 Fullscreen notification bypass + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive + CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
3 февраля 2023 г. 14:03
#314597 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
3 февраля 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-0430 Revocation status of S/Mime signature certificates was not checked
24 января 2023 г. 11:45
#314030 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
24 января 2023 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46871 libusrsctp library out of date + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers + CVE-2022-46877 Fullscreen notification bypass + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive + CVE-2023-23605 Memory safety bugs fixed in Thunderbird 102.7
24 декабря 2022 г. 23:01
#312284 отправлено Pavel Vasenkov
System call fuzz tester
24 декабря 2022 г. Pavel Vasenkov:
- Update from upstream - Fix missed header file - Update source url(Closes: #40516)
23 декабря 2022 г. 21:44
#312280 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
23 декабря 2022 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions
16 декабря 2022 г. 18:12
#311856 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
16 декабря 2022 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS + CVE-2022-46882 Use-after-free in WebGL + CVE-2022-46878 Memory safety bugs fixed in Thunderbird 102.6
15 декабря 2022 г. 1:02
#311756 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
14 декабря 2022 г. Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS + CVE-2022-46882 Use-after-free in WebGL + CVE-2022-46878 Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
9 декабря 2022 г. 18:54
#311455 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
9 декабря 2022 г. Pavel Vasenkov:
- Build with llvm-version 12 instead llvm-version 13 (Closes: #44436)
5 декабря 2022 г. 20:42
#311223 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
5 декабря 2022 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-45414 Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration
22 ноября 2022 г. 10:31
#310431 отправлено Pavel Vasenkov
17 ноября 2022 г. 15:01
#310102 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
16 ноября 2022 г. Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-45403 Service Workers might have learned size of cross-origin media files + CVE-2022-45404 Fullscreen notification bypass + CVE-2022-45405 Use-after-free in InputStream implementation + CVE-2022-45406 Use-after-free of a JavaScript Realm + CVE-2022-45408 Fullscreen notification bypass via windowName + CVE-2022-45409 Use-after-free in Garbage Collection + CVE-2022-45410 ServiceWorker-intercepted requests bypassed SameSite cookie policy + CVE-2022-45411 Cross-Site Tracing was possible via non-standard override headers + CVE-2022-45412 Symlinks may resolve to partially uninitialized buffers + CVE-2022-45416 Keystroke Side-Channel Leakage + CVE-2022-45418 Custom mouse cursor could have been drawn over browser UI + CVE-2022-45420 Iframe contents could be rendered outside the iframe + CVE-2022-45421 Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
17 ноября 2022 г. 12:26
#310101 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
16 ноября 2022 г. Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-45403 Service Workers might have learned size of cross-origin media files + CVE-2022-45404 Fullscreen notification bypass + CVE-2022-45405 Use-after-free in InputStream implementation + CVE-2022-45406 Use-after-free of a JavaScript Realm + CVE-2022-45408 Fullscreen notification bypass via windowName + CVE-2022-45409 Use-after-free in Garbage Collection + CVE-2022-45410 ServiceWorker-intercepted requests bypassed SameSite cookie policy + CVE-2022-45411 Cross-Site Tracing was possible via non-standard override headers + CVE-2022-45412 Symlinks may resolve to partially uninitialized buffers + CVE-2022-45416 Keystroke Side-Channel Leakage + CVE-2022-45418 Custom mouse cursor could have been drawn over browser UI + CVE-2022-45420 Iframe contents could be rendered outside the iframe + CVE-2022-45421 Memory safety bugs fixed in Thunderbird 102.5
15 ноября 2022 г. 21:33
#310018 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
11 ноября 2022 г. Pavel Vasenkov:
- New version.
24 октября 2022 г. 14:27
#308901 отправлено Pavel Vasenkov
Thunderbird is Mozilla's e-mail client
24 октября 2022 г. Pavel Vasenkov:
- New version.
24 октября 2022 г. 12:41
#308900 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
24 октября 2022 г. Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-42927 Same-origin policy violation could have leaked cross-origin URLs + CVE-2022-42928 Memory Corruption in JS Engine + CVE-2022-42929 Denial of Service via window.print + CVE-2022-42932 Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4
11 октября 2022 г. 10:01
#308169 отправлено Pavel Vasenkov
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
10 октября 2022 г. Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-3266 Out of bounds read when decoding H264 + CVE-2022-40959 Bypassing FeaturePolicy restrictions on transient pages + CVE-2022-40960 Data-race when parsing non-UTF-8 URLs in threads + CVE-2022-40958 Bypassing Secure Context restriction for cookies with __Host and __Secure prefix + CVE-2022-40956 Content-Security-Policy base-uri bypass + CVE-2022-40957 Incoherent instruction cache when building WASM on ARM64 + CVE-2022-40962 Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3