From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <qa@altlinux.org>
DKIM-Filter: OpenDKIM Filter v2.11.0 mskdc-relay.altlinux.org 01B81600D3
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=altlinux.org;
 s=relay-alt2025; t=1764721271;
 bh=zxS7z/4PGWeVHkp4GzoEfCl0DRsaQ7wx9NYSvCfGk14=;
 h=Date:From:To:Subject:From;
 b=oDXSIocSnTM01XbsT2b1TsAiV5BwqeVojoIJz22STRDrJOA6bNPLA+TJ+8mfPXj+7
 Bq1r4/Dxy1Z25w81aXbAkRqY8cuVdisjscex9eA9Voea85S4yK+8GEzNQj0qJo9kAK
 ozxOb72KuyLFlggSi54NBWdznQotg7nhLWZYUjUk=
Date: Wed, 3 Dec 2025 00:21:10 +0000
From: QA Team Robot <qa@altlinux.org>
To: sisyphus-cybertalk@lists.altlinux.org
Message-ID: <aS+Cdr5Y8ODPfuRK@beehive.mskdc.altlinux.org>
Mail-Followup-To: sisyphus-cybertalk@lists.altlinux.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Subject: [cyber] I: p10/branch packages: +1 (19081)
X-BeenThere: sisyphus-cybertalk@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: devel@lists.altlinux.org
List-Id: ALT Linux Sisyphus cybertalk <sisyphus-cybertalk.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/sisyphus-cybertalk>, 
 <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sisyphus-cybertalk>
List-Post: <mailto:sisyphus-cybertalk@lists.altlinux.org>
List-Help: <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sisyphus-cybertalk>, 
 <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Dec 2025 00:21:11 -0000
Archived-At: <http://lore.altlinux.org/sisyphus-cybertalk/aS+Cdr5Y8ODPfuRK@beehive.mskdc.altlinux.org/>
List-Archive: <http://lore.altlinux.org/sisyphus-cybertalk/>

	1 UPDATED package

firefox-esr - The Mozilla Firefox project is a redesign of Mozilla's browser	[639M]
* Mon Nov 24 2025 Pavel Vasenkov <pav@altlinux> 140.5.0-alt0.p10.1
- Backport new version.
* Fri Nov 14 2025 Pavel Vasenkov <pav@altlinux> 140.5.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2025-13012 Race condition in the Graphics component
  + CVE-2025-13016 Incorrect boundary conditions in the JavaScript: WebAssembly component
  + CVE-2025-13017 Same-origin policy bypass in the DOM: Notifications component
  + CVE-2025-13018 Mitigation bypass in the DOM: Security component
  + CVE-2025-13019 Same-origin policy bypass in the DOM: Workers component
  + CVE-2025-13013 Mitigation bypass in the DOM: Core & HTML component
  + CVE-2025-13020 Use-after-free in the WebRTC: Audio/Video component
  + CVE-2025-13014 Use-after-free in the Audio/Video component
  + CVE-2025-13015 Spoofing issue in Firefox
- provides x-www-browser (Closes: #44717).
* Wed Oct 15 2025 Pavel Vasenkov <pav@altlinux> 140.4.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2025-11708 Use-after-free in MediaTrackGraphImpl::GetInstance()
  + CVE-2025-11709 Out of bounds read/write in a privileged process triggered by WebGL textures
  + CVE-2025-11710 Cross-process information leaked due to malicious IPC messages
  + CVE-2025-11711 Some non-writable Object properties could be modified
  + CVE-2025-11712 An OBJECT tag type attribute overrode browser behavior on web resources without a content-type
  + CVE-2025-11713 Potential user-assisted code execution in 'Copy as cURL' command
  + CVE-2025-11714 Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
  + CVE-2025-11715 Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144
* Wed Oct 15 2025 Pavel Vasenkov <pav@altlinux> 140.3.1-alt1
Note: changelog entry for 140.4.0-alt0.p10.1 not found.

Total 19081 source packages.