Maintainer Pavel Vasenkov in the p10 branch: Information
Maintainer name: Pavel Vasenkov (pav)
Built source packages in this branch: 18
-
- @ruby
Last changes
Apr 23, 2024, 07:08 PM
#345277 sent by Pavel Vasenkov
New_version_with_CVE
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
April 16, 2024 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2024-3852 GetBoundName in the JIT returned the wrong object + CVE-2024-3854 Out-of-bounds-read after mis-optimized switch statement + CVE-2024-3857 Incorrect JITting of arguments led to use-after-free during garbage collection + CVE-2024-2609 Permission prompt input delay could expire when not in focus + CVE-2024-3859 Integer-overflow led to out-of-bounds-read in the OpenType sanitizer + CVE-2024-3861 Potential use-after-free due to AlignedBuffer self-move + CVE-2024-3863 Download Protections were bypassed by .xrm-ms files on Windows + CVE-2024-3302 Denial of Service using HTTP/2 CONTINUATION frames + CVE-2024-3864 Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10
Apr 9, 2024, 09:23 PM
#344254 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
April 3, 2024 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2024-0743 Crash in NSS TLS method + CVE-2024-2605 Windows Error Reporter could be used as a Sandbox escape vector + CVE-2024-2607 JIT code failed to save return registers on Armv7-A + CVE-2024-2608 Integer overflow could have led to out of bounds write + CVE-2024-2616 Improve handling of out-of-memory conditions in ICU + CVE-2023-5388 NSS susceptible to timing attack against RSA decryption + CVE-2024-2610 Improper handling of html and body tags enabled CSP nonce leakage + CVE-2024-2611 Clickjacking vulnerability could have led to a user accidentally granting permissions + CVE-2024-2612 Self referencing object could have potentially led to a use-after-free + CVE-2024-2614 Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 + CVE-2024-29944 Privileged JavaScript Execution via Event Handlers
Apr 8, 2024, 05:58 PM
#344280 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
April 3, 2024 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2024-0743 Crash in NSS TLS method + CVE-2024-2605 Windows Error Reporter could be used as a Sandbox escape vector + CVE-2024-2607 JIT code failed to save return registers on Armv7-A + CVE-2024-2608 Integer overflow could have led to out of bounds write + CVE-2024-2616 Improve handling of out-of-memory conditions in ICU + CVE-2023-5388 NSS susceptible to timing attack against RSA decryption + CVE-2024-2610 Improper handling of html and body tags enabled CSP nonce leakage + CVE-2024-2611 Clickjacking vulnerability could have led to a user accidentally granting permissions + CVE-2024-2612 Self referencing object could have potentially led to a use-after-free + CVE-2024-2614 Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
Mar 20, 2024, 04:32 PM
#342581 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
March 12, 2024 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2024-1936 Leaking of encrypted email subjects to other conversations
Mar 14, 2024, 10:01 PM
#341796 sent by Pavel Vasenkov
New_version
Security and system auditing tool
March 1, 2024 Pavel Vasenkov:
- update new release 3.0.9 (Closed: #49562)
Mar 5, 2024, 08:25 PM
#341263 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Feb. 21, 2024 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2024-1546 Out-of-bounds memory read in networking channels + CVE-2024-1547 Alert dialog could have been spoofed on another site + CVE-2024-1548 Fullscreen Notification could have been hidden by select element + CVE-2024-1549 Custom cursor could obscure the permission dialog + CVE-2024-1550 Mouse cursor re-positioned unexpectedly could have led to unintended permission grants + CVE-2024-1551 Multipart HTTP Responses would accept the Set-Cookie header in response parts + CVE-2024-1552 Incorrect code generation on 32-bit ARM devices + CVE-2024-1553 Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
Feb 9, 2024, 10:58 PM
#339729 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Feb. 4, 2024 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2024-0741 Out of bounds write in ANGLE + CVE-2024-0742 Failure to update user input timestamp + CVE-2024-0746 Crash when listing printers on Linux + CVE-2024-0747 Bypass of Content Security Policy when directive unsafe-inline was set + CVE-2024-0749 Phishing site popup could show local origin in address bar + CVE-2024-0750 Potential permissions request bypass via clickjacking + CVE-2024-0751 Privilege escalation through devtools + CVE-2024-0753 HSTS policy on subdomain could bypass policy of upper domain + CVE-2024-0755 Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7
Dec 28, 2023, 10:30 PM
#336859 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Dec. 20, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-6856 Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver + CVE-2023-6865 Potential exposure of uninitialized data in EncryptingOutputStream + CVE-2023-6857 Symlinks may resolve to smaller than expected buffers + CVE-2023-6858 Heap buffer overflow in nsTextFragment + CVE-2023-6859 Use-after-free in PR_GetIdentitiesLayer + CVE-2023-6860 Potential sandbox escape due to VideoBridge lack of texture validation + CVE-2023-6867 Clickjacking permission prompts using the popup transition + CVE-2023-6861 Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode + CVE-2023-6862 Use-after-free in nsDNSService + CVE-2023-6863 Undefined behavior in ShutdownObserver() + CVE-2023-6864 Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6
Nov 24, 2023, 10:17 AM
#334058 sent by Pavel Vasenkov
new_version
Daemon fo gather statistics about the TCP and UDP packets
AT Computing's System & Process Monitor
Nov. 22, 2023 Leontiy Volodin:
- Fix version (ALT #48545)
Nov 14, 2023, 07:08 PM
#333444 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Nov. 2, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-5721 Queued up rendering could have allowed websites to clickjack + CVE-2023-5732 Address bar spoofing via bidirectional characters + CVE-2023-5724 Large WebGL draw could have led to a crash + CVE-2023-5725 WebExtensions could open arbitrary URLs + CVE-2023-5726 Full screen notification obscured by file open dialog on macOS + CVE-2023-5727 Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows + CVE-2023-5728 Improper object tracking during GC in the JavaScript engine could have led to a crash. + CVE-2023-5730 Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1
Oct 19, 2023, 05:37 PM
#330014 sent by Pavel Vasenkov
New_version
E-book reader application
GUI prototyping tool
Sept. 18, 2023 Pavel Vasenkov:
- ExcludeArch: i386 i486 i586 i686 i786 i886 i986 pentium2 pentium3 pentium4 k6 athlon athlon_xp ppc64le
configure firefox for a livecd environment
Sept. 18, 2023 Pavel Vasenkov:
- ExcludeArch: i386 i486 i586 i686 i786 i886 i986 pentium2 pentium3 pentium4 k6 athlon athlon_xp ppc64le
start the browser for a suitable webkiosk environment
Sept. 19, 2023 Pavel Vasenkov:
- ExcludeArch: i386 i486 i586 i686 i786 i886 i986 pentium2 pentium3 pentium4 k6 athlon athlon_xp ppc64le
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Oct. 16, 2023 Pavel Vasenkov:
- Fix check dependencies error for GLIBC_PRIVATE
Sep 28, 2023, 01:24 PM
#330025 sent by Pavel Vasenkov
New_version
Netscape Network Security Services(NSS)
July 31, 2023 Alexey Gladkov:
- New version (3.92). - Certificate Authority Changes: + Add CN=Atos TrustedRoot Root CA ECC G2 2020 + Add CN=Atos TrustedRoot Root CA RSA G2 2020 + Add CN=LAWtrust Root CA2 (4096) + Add CN=SSL.com Client ECC Root CA 2022 + Add CN=SSL.com Client RSA Root CA 2022 + Add CN=SSL.com TLS ECC Root CA 2022 + Add CN=SSL.com TLS RSA Root CA 2022 + Add CN=Sectigo Public Email Protection Root E46 + Add CN=Sectigo Public Email Protection Root R46 + Add CN=Sectigo Public Server Authentication Root E46 + Add CN=Sectigo Public Server Authentication Root R46 + Remove CN=Chambers of Commerce Root,OU=http://www.chambersign.org + Remove CN=E-Tugra Certification Authority,OU=E-Tugra Sertifikasyon Merkezi + Remove CN=E-Tugra Global Root CA ECC v3,OU=E-Tugra Trust Center + Remove CN=E-Tugra Global Root CA RSA v3,OU=E-Tugra Trust Center + Remove CN=Hongkong Post Root CA 1
Jul 21, 2023, 03:16 PM
#324723 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
June 27, 2023 Pavel Vasenkov:
- Fixes: Unstable name collisions Build failure with GCC 13
Jun 21, 2023, 01:17 PM
#322595 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
June 7, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-34414 Click-jacking certificate exceptions through rendering lag + CVE-2023-34416 Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12
Jun 6, 2023, 08:00 PM
#321602 sent by Pavel Vasenkov
New_build
System call fuzz tester
May 19, 2023 Pavel Vasenkov:
- Fix removing depricated i810 definations
May 26, 2023, 10:27 PM
#321098 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
May 17, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-32205 Browser prompts could have been obscured by popups + CVE-2023-32206 Crash in RLBox Expat driver + CVE-2023-32207 Potential permissions request bypass via clickjacking + CVE-2023-32211 Content process crash due to invalid wasm code + CVE-2023-32212 Potential spoof due to obscured address bar + CVE-2023-32213 Potential memory corruption in FileReader::DoReadData() + CVE-2023-32214 Potential DoS via exposed protocol handlers + CVE-2023-32215 Memory safety bugs fixed in Thunderbird 102.11
May 24, 2023, 07:08 PM
#320576 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
May 15, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-32205 Browser prompts could have been obscured by popups + CVE-2023-32206 Crash in RLBox Expat driver + CVE-2023-32207 Potential permissions request bypass via clickjacking + CVE-2023-32211 Content process crash due to invalid wasm code + CVE-2023-32212 Potential spoof due to obscured address bar + CVE-2023-32213 Potential memory corruption in FileReader::DoReadData() + CVE-2023-32214 Potential DoS via exposed protocol handlers + CVE-2023-32215 Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
May 12, 2023, 09:41 PM
#319671 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
April 19, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-29531 Out-of-bound memory access in WebGL on macOS + CVE-2023-29532 Mozilla Maintenance Service Write-lock bypass + CVE-2023-29533 Fullscreen notification obscured + CVE-2023-1999 Double-free in libwebp + CVE-2023-29535 Potential Memory Corruption following Garbage Collector compaction + CVE-2023-29536 Invalid free from JavaScript code + CVE-2023-29539 Content-Disposition filename truncation leads to Reflected File Download + CVE-2023-29541 Files with malicious extensions could have been downloaded unsafely on Linux + CVE-2023-29542 Bypass of file download extension restrictions + CVE-2023-29545 Windows Save As dialog resolved environment variables + CVE-2023-1945 Memory Corruption in Safe Browsing Code + CVE-2023-29548 Incorrect optimization result on ARM64 + CVE-2023-29550 Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10
May 11, 2023, 11:00 AM
#319782 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
April 19, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-29531 Out-of-bound memory access in WebGL on macOS + CVE-2023-29532 Mozilla Maintenance Service Write-lock bypass + CVE-2023-29533 Fullscreen notification obscured + CVE-2023-1999 Double-free in libwebp + CVE-2023-29535 Potential Memory Corruption following Garbage Collector compaction + CVE-2023-29536 Invalid free from JavaScript code + CVE-2023-0547 Revocation status of S/Mime recipient certificates was not checked + CVE-2023-29479 Hang when processing certain OpenPGP messages + CVE-2023-29539 Content-Disposition filename truncation leads to Reflected File Download + CVE-2023-29541 Files with malicious extensions could have been downloaded unsafely on Linux + CVE-2023-29542 Bypass of file download extension restrictions + CVE-2023-29545 Windows Save As dialog resolved environment variables + CVE-2023-1945 Memory Corruption in Safe Browsing Code + CVE-2023-29548 Incorrect optimization result on ARM64 + CVE-2023-29550 Memory safety bugs fixed in Thunderbird 102.10
Mar 31, 2023, 01:55 PM
#317236 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
March 22, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-25751 Incorrect code generation during JIT compilation + CVE-2023-28164 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation + CVE-2023-28162 Invalid downcast in Worklets + CVE-2023-25752 Potential out-of-bounds when accessing throttled streams + CVE-2023-28163 Windows Save As dialog resolved environment variables + CVE-2023-28176 Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9
Mar 31, 2023, 01:13 PM
#317237 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
March 22, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-25751 Incorrect code generation during JIT compilation + CVE-2023-28164 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation + CVE-2023-28162 Invalid downcast in Worklets + CVE-2023-25752 Potential out-of-bounds when accessing throttled streams + CVE-2023-28163 Windows Save As dialog resolved environment variables + CVE-2023-28176 Memory safety bugs fixed in Thunderbird 102.9
Mar 15, 2023, 02:19 AM
#316239 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
March 3, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry + CVE-2023-25738 Printing on Windows could potentially crash Firefox with some device drivers + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext + CVE-2023-25729 Extensions could have opened external schemes without user knowledge + CVE-2023-25732 Out of bounds memory write from EncodeInputStream + CVE-2023-25734 Opening local .url files could cause unexpected network loads + CVE-2023-25742 Web Crypto ImportKey crashes tab + CVE-2023-25744 Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8 + CVE-2023-25746 Memory safety bugs fixed in Firefox ESR 102.8
Mar 10, 2023, 10:14 PM
#316084 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
Feb. 28, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-0616 User Interface lockup with messages combining S/MIME and OpenPGP + CVE-2023-25728 Content security policy leak in violation reports using iframes + CVE-2023-25730 Screen hijack via browser fullscreen mode + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry + CVE-2023-25738 Printing on Windows could potentially crash Thunderbird with some device drivers + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext + CVE-2023-25729 Extensions could have opened external schemes without user knowledge + CVE-2023-25732 Out of bounds memory write from EncodeInputStream + CVE-2023-25734 Opening local .url files could cause unexpected network loads + CVE-2023-25742 Web Crypto ImportKey crashes tab + CVE-2023-25746 Memory safety bugs fixed in Thunderbird 102.8
Feb 21, 2023, 01:07 PM
#315243 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Jan. 18, 2023 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2022-46871 libusrsctp library out of date + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers + CVE-2022-46877 Fullscreen notification bypass + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive + CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
Feb 9, 2023, 04:21 PM
#314605 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
Feb. 3, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2023-0430 Revocation status of S/Mime signature certificates was not checked
Jan 26, 2023, 11:43 PM
#314033 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
Jan. 24, 2023 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46871 libusrsctp library out of date + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers + CVE-2022-46877 Fullscreen notification bypass + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive + CVE-2023-23605 Memory safety bugs fixed in Thunderbird 102.7
Jan 11, 2023, 06:57 PM
#312449 sent by Pavel Vasenkov
New_build
System call fuzz tester
Dec. 24, 2022 Pavel Vasenkov:
- Update from upstream - Fix missed header file - Update source url(Closes: #40516)
Dec 29, 2022, 03:09 PM
#312281 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
Dec. 23, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions
Dec 23, 2022, 03:11 PM
#311857 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
Dec. 16, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS + CVE-2022-46882 Use-after-free in WebGL + CVE-2022-46878 Memory safety bugs fixed in Thunderbird 102.6
Dec 22, 2022, 08:26 PM
#311776 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Dec. 14, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS + CVE-2022-46882 Use-after-free in WebGL + CVE-2022-46878 Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
Dec 14, 2022, 11:16 PM
#311456 sent by Pavel Vasenkov
bug_fixed
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Dec. 9, 2022 Pavel Vasenkov:
- Build with llvm-version 12 instead llvm-version 13 (Closes: #44436)
Dec 13, 2022, 08:11 PM
#311239 sent by Pavel Vasenkov
new_version
Thunderbird is Mozilla's e-mail client
Dec. 5, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-45414 Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration
Nov 24, 2022, 06:40 PM
#310334 sent by Pavel Vasenkov
new_version
Thunderbird is Mozilla's e-mail client
Nov. 16, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-45403 Service Workers might have learned size of cross-origin media files + CVE-2022-45404 Fullscreen notification bypass + CVE-2022-45405 Use-after-free in InputStream implementation + CVE-2022-45406 Use-after-free of a JavaScript Realm + CVE-2022-45408 Fullscreen notification bypass via windowName + CVE-2022-45409 Use-after-free in Garbage Collection + CVE-2022-45410 ServiceWorker-intercepted requests bypassed SameSite cookie policy + CVE-2022-45411 Cross-Site Tracing was possible via non-standard override headers + CVE-2022-45412 Symlinks may resolve to partially uninitialized buffers + CVE-2022-45416 Keystroke Side-Channel Leakage + CVE-2022-45418 Custom mouse cursor could have been drawn over browser UI + CVE-2022-45420 Iframe contents could be rendered outside the iframe + CVE-2022-45421 Memory safety bugs fixed in Thunderbird 102.5
Jun 7, 2022, 06:06 PM
#301335 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
June 5, 2022 Pavel Vasenkov:
- Enabled build with nss
Jun 6, 2022, 06:13 PM
#301334 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
June 4, 2022 Pavel Vasenkov:
- Merge with 91.10.0-alt1
Jun 3, 2022, 11:07 AM
#300559 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
May 26, 2022 Pavel Vasenkov:
- Defined preview nss version
May 27, 2022, 05:11 PM
#300611 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
May 21, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-1802 Prototype pollution in Top-Level Await implementation + CVE-2022-1529 Untrusted input used in JavaScript object indexing, leading to prototype pollution
May 11, 2022, 09:16 PM
#299492 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
May 5, 2022 Pavel Vasenkov:
- Enable build with nss.
Mar 15, 2022, 06:54 PM
#296598 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
March 13, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-26383 Browser window spoof using fullscreen mode + CVE-2022-26384 iframe allow-scripts sandbox bypass + CVE-2022-26387 Time-of-check time-of-use bug when verifying add-on signatures + CVE-2022-26381 Use-after-free in text reflows + CVE-2022-26386 Temporary files downloaded to /tmp and accessible by other local users
Mar 15, 2022, 10:52 AM
#296597 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
March 13, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-26383 Browser window spoof using fullscreen mode + CVE-2022-26384 iframe allow-scripts sandbox bypass + CVE-2022-26387 Time-of-check time-of-use bug when verifying add-on signatures + CVE-2022-26381 Use-after-free in text reflows + CVE-2022-26386 Temporary files downloaded to /tmp and accessible by other local users
Mar 15, 2022, 04:34 AM
#296375 sent by Pavel Vasenkov
Build_new_version
Thunderbird is Mozilla's e-mail client
March 8, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-26485 Use-after-free in XSLT parameter processing + CVE-2022-26486 Use-after-free in WebGPU IPC Framework
Mar 11, 2022, 10:06 PM
#296362 sent by Pavel Vasenkov
Build_new_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
March 7, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-26485 Use-after-free in XSLT parameter processing + CVE-2022-26486 Use-after-free in WebGPU IPC Framework
Feb 17, 2022, 12:17 PM
#295262 sent by Pavel Vasenkov
New_version
Thunderbird is Mozilla's e-mail client
Feb. 12, 2022 Pavel Vasenkov:
- New version. - Security fixes: + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service + CVE-2022-22754 Extensions could have bypassed permission confirmation during update + CVE-2022-22756 Drag and dropping an image could have resulted in the dropped object being an executable + CVE-2022-22759 Sandboxed iframes could have executed script if the parent appended elements + CVE-2022-22760 Cross-Origin responses could be distinguished between script and non-script content-types + CVE-2022-22761 frame-ancestors Content Security Policy directive was not enforced for framed extension pages + CVE-2022-22763 Script Execution during invalid object state + CVE-2022-22764 Memory safety bugs fixed in Thunderbird 91.6
Feb 16, 2022, 07:25 PM
#295122 sent by Pavel Vasenkov
New_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Feb. 9, 2022 Pavel Vasenkov:
- New ESR version. - Security fixes: + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service + CVE-2022-22754 Extensions could have bypassed permission confirmation during update + CVE-2022-22756 Drag and dropping an image could have resulted in the dropped object being an executable + CVE-2022-22759 Sandboxed iframes could have executed script if the parent appended elements + CVE-2022-22760 Cross-Origin responses could be distinguished between script and non-script content-types + CVE-2022-22761 frame-ancestors Content Security Policy directive was not enforced for framed extension pages + CVE-2022-22763 Script Execution during invalid object state + CVE-2022-22764 Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
Feb 10, 2022, 05:56 PM
#294255 sent by Pavel Vasenkov
new_version
The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Jan. 27, 2022 Pavel Vasenkov:
- New ESR version.
Feb 9, 2022, 08:05 PM
#294253 sent by Pavel Vasenkov
new_version
Thunderbird is Mozilla's e-mail client
Jan. 25, 2022 Pavel Vasenkov:
- New version.
Dec 25, 2021, 01:56 PM
#291491 sent by Pavel Vasenkov
ruby_2_7_4
An Interpreted Object-Oriented Scripting Language
Dec. 8, 2021 Pavel Vasenkov:
- remove undefined option - set replace versions for rake and rspec
Oct 29, 2021, 05:07 PM
#287761 sent by Pavel Vasenkov
new_package
The successor of GNU Wget, a file and recursive website downloader
Oct. 21, 2021 Pavel Vasenkov:
- Build for Sisyphus (closes #41170)
Sep 3, 2021, 11:39 PM
#284004 sent by Pavel Vasenkov
Fixes_bag
Scalable High-Availability cluster resource manager
Aug. 25, 2021 Pavel Vasenkov:
- Fixes command line arguments parsing (#40643)