Opened 2 days ago
Last modified 77 minutes ago
#20460 assigned enhancement
firefox-128.3.0
| Reported by: | Bruce Dubbs | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 12.3 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New minor version.
Change History (5)
comment:1 by , 2 days ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 24 hours ago
Note that a Thunderbird release is incoming as well.
Security fixes:
- CVE-2024-9392: Compromised content process can bypass site isolation (High)
- CVE-2024-9393: Cross-origin access to PDF contents through multipart responses (High)
- CVE-2024-9394: Cross-origin access to JSON contents through multipart responses (High)
- CVE-2024-8900: Clipboard write permission bypass (Moderate)
- CVE-2024-9396: Potential memory corruption may occur when cloning certain objects (Moderate)
- CVE-2024-9397: Potential directory upload bypass via clickjacking (Moderate)
- CVE-2024-9398: External protocol handlers could be enumerated via popups (Low)
- CVE-2024-9399: Specially crafted WebTransport requests could lead to denial of service (Low)
- CVE-2024-9400: Potential memory corruption during JIT compilation (Low)
- CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (High)
- CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 (High)
comment:4 by , 3 hours ago
No I haven't :( I originally thought it was on my laptop only, but because you reminded me I checked on my development system and noticed that going to x.com (formerly Twitter) results in the same crash. I'll try it on 128.3.0 and see if it works there.
comment:5 by , 77 minutes ago
| Priority: | normal → high |
|---|
Note:
See TracTickets
for help on using tickets.
Release notes will become available tomorrow