Opened 5 months ago
Closed 5 months ago
#18891 closed enhancement (fixed)
firefox-115.5.0esr
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.1 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Now released, builds with existing instructions (as usual, it matches the release candidate).
Change History (3)
comment:1 by , 5 months ago
| Priority: | normal → elevated |
|---|
comment:3 by , 5 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
I dropped CVE-2023-6208 when pasting from the mozilla advisory. All are 'awaiting analysis' at NVD.
SA-12.0-046
Note:
See TracTickets
for help on using tickets.
Release notes at https://www.mozilla.org/en-US/security/advisories/mfsa2023-50/
CVE-2023-6204: Out-of-bound memory access in WebGL2 blitFramebuffer. rated high
CVE-2023-6205: Use-after-free in MessagePort::Entangled, rated high
CVE-2023-6206: Clickjacking permission prompts using the fullscreen transition, rated high
CVE-2023-6207: Use-after-free in ReadableByteStreamQueueEntry::Buffer, rated high CVE-2023-6208: Using Selection API would copy contents into X11 primary selection, rated medium
CVE-2023-6209: Incorrect parsing of relative URLs starting with "/", rated medium
CVE-2023-6212: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5, rated high