------------------------------------------------------------------- Mon Nov 4 10:37:43 UTC 2024 - Bjørn Lie - Update to version 128.4.0: + CVE-2024-10458: Permission leak via embed or object elements + CVE-2024-10459: Use-after-free in layout with accessibility + CVE-2024-10460: Confusing display of origin for external protocol handler prompt + CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response + CVE-2024-10462: Origin of permission prompt could be spoofed by long URL + CVE-2024-10463: Cross origin video frame leak + CVE-2024-10464: History interface could have been used to cause a Denial of Service condition in the browser + CVE-2024-10465: Clipboard "paste" button persisted across tabs + CVE-2024-10466: DOM push subscription message could hang Firefox + CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4 ------------------------------------------------------------------- Thu Oct 10 16:26:33 UTC 2024 - Bjørn Lie - Update to version 128.3.1: * CVE-2024-9680: Use-after-free in Animation timeline - Changes from version 128.3.0: * CVE-2024-9392: Compromised content process can bypass site isolation * CVE-2024-9393: Cross-origin access to PDF contents through multipart responses * CVE-2024-9394: Cross-origin access to JSON contents through multipart responses * CVE-2024-8900: Clipboard write permission bypass * CVE-2024-9396: Potential memory corruption may occur when cloning certain objects * CVE-2024-9397: Potential directory upload bypass via clickjacking * CVE-2024-9398: External protocol handlers could be enumerated via popups * CVE-2024-9399: Specially crafted WebTransport requests could lead to denial of service * CVE-2024-9400: Potential memory corruption during JIT compilation * CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 * CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 ------------------------------------------------------------------- Mon Sep 30 17:35:18 UTC 2024 - Cliff Zhao - Add mozjs128-CVE-2024-45492.patch: Backporting 9bf0f2c1 from libexpat upstream, Detect integer overflow in function nextScaffoldPart. (CVE-2024-45492, bsc#1230038) ------------------------------------------------------------------- Mon Sep 30 17:25:22 UTC 2024 - Cliff Zhao - Add mozjs128-CVE-2024-45491.patch: Backporting 8e439a99 from libexpat upstream, Detect integer overflow in dtdCopy. (CVE-2024-45491, bsc#1230037) ------------------------------------------------------------------- Mon Sep 30 17:15:45 UTC 2024 - Cliff Zhao - Add mozjs128-CVE-2024-45490-part01-5c1a3164.patch: Backporting 5c1a3164 from libexpat upstream, Reject negative len for XML_ParseBuffer. CVE-2024-45490's fixes including 3 parts: 5c1a3164 for libexpat sources; c12f039b for libexpat tests; 2db23301 for libexpat docs; Because mozjs only embeds libexpat sources, so unnecessary to port prart02 and part03. (CVE-2024-45490, bsc#1230036) ------------------------------------------------------------------- Wed Sep 25 14:02:27 UTC 2024 - Bjørn Lie - Update to version 128.2.0: + CVE-2024-8385: WASM type confusion involving ArrayTypes + CVE-2024-8381: Type confusion when looking up a property name in a "with" block + CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran + CVE-2024-8383: Firefox did not ask before openings news: links in an external application + CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions + CVE-2024-8386: SelectElements could be shown over another site if popups are allowed + CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 - Drop 0001-Skip-failing-tests-on-ppc64-and-s390x.patch: Fixed upstream. ------------------------------------------------------------------- Fri Aug 30 07:07:05 UTC 2024 - Bjørn Lie - Initial build for openSUSE.