Context Navigation

← Previous Ticket
Next Ticket →

#19026 closed enhancement (fixed)

firefox-115.6.0

Reported by:	Bruce Dubbs	Owned by:	ken@…
Priority:	elevated	Milestone:	12.1
Component:	BOOK	Version:	git
Severity:	normal	Keywords:
Cc:

Description

New minor version.

Change History (5)

comment:1 by ken@…, 4 months ago

Owner:	changed from blfs-book to ken@…
Status:	new → assigned

comment:2 by ken@…, 4 months ago

Priority:	normal → elevated

Release note links to https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/ :

CVE-2023-6856: Heap-buffer-overflow affecting WebGL <code>DrawElementsInstanced</code> method with Mesa VM driver  : High

CVE-2023-6857: Symlinks may resolve to smaller than expected buffers : Medium

CVE-2023-6858: Heap buffer overflow in <code>nsTextFragment</code> : Medium

CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer : Medium

CVE-2023-6860: Potential sandbox escape due to <code>VideoBridge</code> lack of texture validation : Medium

CVE-2023-6861: Heap buffer overflow affected <code>nsWindow::PickerOpen(void)</code> in headless mode : Medium

CVE-2023-6862: Use-after-free in <code>nsDNSService</code> : Medium

CVE-2023-6863: Undefined behavior in <code>ShutdownObserver()</code> : Low

CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 : High

CVE-2023-6865: Potential exposure of uninitialized data in <code>EncryptingOutputStream</code> : High

CVE-2023-6867: Clickjacking permission prompts using the popup transition : Medium

comment:3 by ken@…, 4 months ago

Book updated, sha:r12.0-1018-g0ad86636007a

comment:4 by ken@…, 4 months ago

Security Advisory SA-12.0-057

comment:5 by ken@…, 4 months ago

Resolution:	→ fixed
Status:	assigned → closed

Note: See TracTickets for help on using tickets.

Download in other formats: