[cyber] I: p10/branch packages: +1 (19081)

ALT Linux Sisyphus cybertalk
 help / color / mirror / Atom feed

* [cyber] I: p10/branch packages: +1 (19081)
@ 2025-12-03  0:21 QA Team Robot
  0 siblings, 0 replies; only message in thread
From: QA Team Robot @ 2025-12-03  0:21 UTC (permalink / raw)
  To: sisyphus-cybertalk

	1 UPDATED package

firefox-esr - The Mozilla Firefox project is a redesign of Mozilla's browser	[639M]
* Mon Nov 24 2025 Pavel Vasenkov <pav@altlinux> 140.5.0-alt0.p10.1
- Backport new version.
* Fri Nov 14 2025 Pavel Vasenkov <pav@altlinux> 140.5.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2025-13012 Race condition in the Graphics component
  + CVE-2025-13016 Incorrect boundary conditions in the JavaScript: WebAssembly component
  + CVE-2025-13017 Same-origin policy bypass in the DOM: Notifications component
  + CVE-2025-13018 Mitigation bypass in the DOM: Security component
  + CVE-2025-13019 Same-origin policy bypass in the DOM: Workers component
  + CVE-2025-13013 Mitigation bypass in the DOM: Core & HTML component
  + CVE-2025-13020 Use-after-free in the WebRTC: Audio/Video component
  + CVE-2025-13014 Use-after-free in the Audio/Video component
  + CVE-2025-13015 Spoofing issue in Firefox
- provides x-www-browser (Closes: #44717).
* Wed Oct 15 2025 Pavel Vasenkov <pav@altlinux> 140.4.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2025-11708 Use-after-free in MediaTrackGraphImpl::GetInstance()
  + CVE-2025-11709 Out of bounds read/write in a privileged process triggered by WebGL textures
  + CVE-2025-11710 Cross-process information leaked due to malicious IPC messages
  + CVE-2025-11711 Some non-writable Object properties could be modified
  + CVE-2025-11712 An OBJECT tag type attribute overrode browser behavior on web resources without a content-type
  + CVE-2025-11713 Potential user-assisted code execution in 'Copy as cURL' command
  + CVE-2025-11714 Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
  + CVE-2025-11715 Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
* Wed Oct 15 2025 Pavel Vasenkov <pav@altlinux> 140.3.1-alt1
Note: changelog entry for 140.4.0-alt0.p10.1 not found.

Total 19081 source packages.


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2025-12-03  0:21 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-12-03  0:21 [cyber] I: p10/branch packages: +1 (19081) QA Team Robot

ALT Linux Sisyphus cybertalk

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://lore.altlinux.org/sisyphus-cybertalk/0 sisyphus-cybertalk/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 sisyphus-cybertalk sisyphus-cybertalk/ http://lore.altlinux.org/sisyphus-cybertalk \
		sisyphus-cybertalk@lists.altlinux.org sisyphus-cybertalk@lists.altlinux.ru sisyphus-cybertalk@lists.altlinux.com
	public-inbox-index sisyphus-cybertalk

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-cybertalk


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git