Пакет firefox: Информация

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
- Fix version detection (closes: 49859).
- New release (124.0.1).
- Security fixes:
  + CVE-2024-29943: Out-of-bounds access via Range Analysis bypass
  + CVE-2024-29944: Privileged JavaScript Execution via Event Handlers
- New release (124.0).
- Security fixes:
  + CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector
  + CVE-2024-2606: Mishandling of WASM register values
  + CVE-2024-2607: JIT code failed to save return registers on Armv7-A
  + CVE-2024-2608: Integer overflow could have led to out of bounds write
  + CVE-2023-5388: NSS susceptible to timing attack against RSA decryption
  + CVE-2024-2609: Permission prompt input delay could expire when not in focus
  + CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage
  + CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions
  + CVE-2024-2612: Self referencing object could have potentially led to a use-after-free
  + CVE-2024-2613: Improper handling of QUIC ACK frame data could have led to OOM
  + CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
  + CVE-2024-2615: Memory safety bugs fixed in Firefox 124

Пакет firefox: Информация

Последнее изменение