Пакет rpm-build-thunderbird: Информация

- New version.
- Security fixes:
  + CVE-2022-38472 Address bar spoofing via XSLT error handling
  + CVE-2022-38473 Cross-origin XSLT Documents would have inherited the parent's permissions
  + CVE-2022-38476 Data race and potential use-after-free in PK11_ChangePW
  + CVE-2022-38477 Memory safety bugs fixed in Thunderbird 102.2
  + CVE-2022-38478 Memory safety bugs fixed in Thunderbird 102.2, and Thunderbird 91.13

- New version.
- Security fixes:
  + CVE-2022-36319 Mouse Position spoofing with CSS transforms
  + CVE-2022-36318 Directory indexes for bundled resources reflected URL parameters
  + CVE-2022-36314 Opening local <code>.lnk</code> files could cause unexpected network loads
  + CVE-2022-2505 Memory safety bugs fixed in Thunderbird 102.1

- New version.
- Security fixes:
  + CVE-2022-34479 A popup window could be resized in a way to overlay the address bar with web content
  + CVE-2022-34470 Use-after-free in nsSHistory
  + CVE-2022-34468 CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI
  + CVE-2022-2226 An email with a mismatching OpenPGP signature date was accepted as valid
  + CVE-2022-34481 Potential integer overflow in ReplaceElementsAt
  + CVE-2022-31744 CSP bypass enabling stylesheet injection
  + CVE-2022-34472 Unavailable PAC file resulted in OCSP requests being blocked
  + CVE-2022-34478 Microsoft protocols can be attacked if a user accepts a prompt
  + CVE-2022-2200 Undesired attributes could be set as part of prototype pollution
  + CVE-2022-34484 Memory safety bugs fixed in Thunderbird 91.11 and Thunderbird 102