Opened 5 months ago

Closed 5 months ago

#20704 closed enhancement (fixed)

firefox-128.5.0esr

Reported by: Joe Locash Owned by: Douglas R. Reno
Priority: elevated Milestone: 12.3
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

Release notes not available yet but most likely has security updates like all esr releases.

Change History (3)

comment:1 by Douglas R. Reno, 5 months ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

comment:2 by Douglas R. Reno, 5 months ago

Priority: normalelevated

Security Fixes:

  • CVE-2024-11692: Select list elements could be shown over another site (Moderate)
  • CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims (Moderate)
  • CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (Moderate)
  • CVE-2024-11696: Unhandled Exception in Add-on Signature Verification (Moderate)
  • CVE-2024-11697: Improper Keypress Handling in Executable File Confirmation Dialog (Low)
  • CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5, and Thunderbird 128.5 (High)

comment:3 by Douglas R. Reno, 5 months ago

Resolution: fixed
Status: assignedclosed

Fixed at 55d99605a2ebc1d403ed98ef9e70986c93ed4dc6

SA-12.2-048 issued

Note: See TracTickets for help on using tickets.