ALT Linux Sisyphus cybertalk
 help / color / mirror / Atom feed
* [cyber] I: p9/branch packages: +2 (18280)
@ 2022-06-15  0:18 QA Team Robot
  0 siblings, 0 replies; only message in thread
From: QA Team Robot @ 2022-06-15  0:18 UTC (permalink / raw)
  To: sisyphus-cybertalk

	2 UPDATED packages

firefox-esr - The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)	[389M]
* Thu Jun 09 2022 Pavel Vasenkov <pav@altlinux> 91.10.0-alt0.p9.1
- Backport new ESR version to p9 branch.
* Fri Jun 03 2022 Pavel Vasenkov <pav@altlinux> 91.10.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-31736 Cross-Origin resource's length leaked
  + CVE-2022-31737 Heap buffer overflow in WebGL
  + CVE-2022-31738 Browser window spoof using fullscreen mode
  + CVE-2022-31739 Attacker-influenced path traversal when saving downloaded files
  + CVE-2022-31740 Register allocation problem in WASM on arm64
  + CVE-2022-31741 Uninitialized variable leads to invalid memory read
  + CVE-2022-31742 Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information
  + CVE-2022-31747 Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
* Sun May 22 2022 Pavel Vasenkov <pav@altlinux> 91.9.1-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-1802 Prototype pollution in Top-Level Await implementation
  + CVE-2022-1529 Untrusted input used in JavaScript object indexing, leading to prototype pollution
* Wed May 04 2022 Pavel Vasenkov <pav@altlinux> 91.9.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-29914 Fullscreen notification bypass using popups
  + CVE-2022-29909 Bypassing permission prompt in nested browsing contexts
  + CVE-2022-29916 Leaking browser history with CSS variables
  + CVE-2022-29911 iframe Sandbox bypass
  + CVE-2022-29912 Reader mode bypassed SameSite cookies
  + CVE-2022-29917 Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
* Wed Apr 06 2022 Pavel Vasenkov <pav@altlinux> 91.8.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-1097 Use-after-free in NSSToken objects
  + CVE-2022-28281 Out of bounds write due to unexpected WebAuthN Extensions
  + CVE-2022-1196 Use-after-free after VR Process destruction
  + CVE-2022-28282 Use-after-free in DocumentL10n::TranslateDocument
  + CVE-2022-28285 Incorrect AliasSet used in JIT Codegen
  + CVE-2022-28286 iframe contents could be rendered outside the border
  + CVE-2022-24713 Denial of Service via complex regular expressions
  + CVE-2022-28289 Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
* Sun Mar 13 2022 Pavel Vasenkov <pav@altlinux> 91.7.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-26383 Browser window spoof using fullscreen mode
  + CVE-2022-26384 iframe allow-scripts sandbox bypass
  + CVE-2022-26387 Time-of-check time-of-use bug when verifying add-on signatures
  + CVE-2022-26381 Use-after-free in text reflows
  + CVE-2022-26386 Temporary files downloaded to /tmp and accessible by other local users
* Mon Mar 07 2022 Pavel Vasenkov <pav@altlinux> 91.6.1-alt1
Note: changelog entry for 91.7.0-alt0.p9.1 not found.

tarantool - In-memory database and Lua application server       	[11M]
* Fri May 27 2022 Dmitry Kibirev <kdy@altlinux> 2.8.4-alt1
- New stable version
* Tue Nov 02 2021 Dmitry Kibirev <kdy@altlinux> 2.8.3-alt1

Total 18280 source packages.


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2022-06-15  0:18 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-15  0:18 [cyber] I: p9/branch packages: +2 (18280) QA Team Robot

ALT Linux Sisyphus cybertalk

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \
		sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com
	public-inbox-index sisyphus-cybertalk

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git