Opened 2 weeks ago

Closed 12 days ago

#19664 closed enhancement (fixed)

firefox-115.10.0

Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: elevated Milestone: 12.2
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (4)

comment:1 by Douglas R. Reno, 13 days ago

Priority: normalelevated

comment:2 by Douglas R. Reno, 12 days ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:3 by Douglas R. Reno, 12 days ago

Release Notes: 

Various security fixes and other quality improvements.

Security Fixes:

  • CVE-2024-3852: GetBoundName in the JIT returned the wrong object (High)
  • CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement (High)
  • CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection (High)
  • CVE-2024-2609: Permission prompt input delay could expire when not in focus (Moderate)
  • CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer (Moderate)
  • CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move (Moderate)
  • CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames (Low)
  • CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 (High)

comment:4 by Douglas R. Reno, 12 days ago

Resolution: fixed
Status: assignedclosed

Fixed at fe97c470414f626898f465b5489d0f2bfc2ac2e7

SA-12.1-032 issued

Note: See TracTickets for help on using tickets.