Пакет firefox-esr: Информация

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
- New ESR version.
- Security fixes
  + CVE-2024-0741 Out of bounds write in ANGLE
  + CVE-2024-0742 Failure to update user input timestamp
  + CVE-2024-0746 Crash when listing printers on Linux
  + CVE-2024-0747 Bypass of Content Security Policy when directive unsafe-inline was set
  + CVE-2024-0749 Phishing site popup could show local origin in address bar
  + CVE-2024-0750 Potential permissions request bypass via clickjacking
  + CVE-2024-0751 Privilege escalation through devtools
  + CVE-2024-0753 HSTS policy on subdomain could bypass policy of upper domain
  + CVE-2024-0755 Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7
- Fixed building with python3.12.
- New ESR version.
- Security fixes
  + CVE-2023-6856 Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver
  + CVE-2023-6865 Potential exposure of uninitialized data in EncryptingOutputStream
  + CVE-2023-6857 Symlinks may resolve to smaller than expected buffers
  + CVE-2023-6858 Heap buffer overflow in nsTextFragment
  + CVE-2023-6859 Use-after-free in PR_GetIdentitiesLayer
  + CVE-2023-6860 Potential sandbox escape due to VideoBridge lack of texture validation
  + CVE-2023-6867 Clickjacking permission prompts using the popup transition
  + CVE-2023-6861 Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode
  + CVE-2023-6862 Use-after-free in nsDNSService
  + CVE-2023-6863 Undefined behavior in ShutdownObserver()
  + CVE-2023-6864 Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6

Пакет firefox-esr: Информация

Последнее изменение