Hello community, here is the log from the commit of package patchinfo.11825 for openSUSE:Leap:15.1:Update checked in at 2020-01-22 13:57:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.1:Update/patchinfo.11825 (Old) and /work/SRC/openSUSE:Leap:15.1:Update/.patchinfo.11825.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.11825" Wed Jan 22 13:57:07 2020 rev:1 rq:765954 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="11825"> <issue tracker="bnc" id="1160305">VUL-0: MozillaFirefox, MozillaThunderbird: Update Firefox and Thunderbird to 72.0/68.4 esr (MFSA 2020-01 and MFSA 2020-02)</issue> <issue tracker="bnc" id="1160498">EMU: VUL-0: MozillaFirefox, Update Firefox to 72.0.1/68.4.1 esr (MFSA 2020-03)</issue> <issue tracker="cve" id="2019-17017"/> <issue tracker="cve" id="2019-17016"/> <issue tracker="cve" id="2019-17024"/> <issue tracker="cve" id="2019-17022"/> <issue tracker="cve" id="2019-17026"/> <issue tracker="cve" id="2019-17015"/> <issue tracker="cve" id="2019-17021"/> <packager>MSirringhaus</packager> <rating>important</rating> <category>security</category> <summary>Security update for MozillaThunderbird</summary> <description>This update for MozillaThunderbird to version 68.4.1 fixes the following issues: Security issues fixed: - CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement - CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting - CVE-2019-17017: Type Confusion in XPCVariant.cpp - CVE-2019-17022: CSS sanitization does not escape HTML tags - CVE-2019-17024: multiple Memory safety bugs fixed Non-security issues fixed: - Various improvements when setting up an account for a Microsoft Exchange server. For example better detection for Office 365 accounts. This update was imported from the SUSE:SLE-15:Update update project.</description> </patchinfo>
