1 UPDATED package firefox-esr - The Mozilla Firefox project is a redesign of Mozilla's browser [639M] * Mon Nov 24 2025 Pavel Vasenkov <pav@altlinux> 140.5.0-alt0.p10.1 - Backport new version. * Fri Nov 14 2025 Pavel Vasenkov <pav@altlinux> 140.5.0-alt1 - New ESR version. - Security fixes: + CVE-2025-13012 Race condition in the Graphics component + CVE-2025-13016 Incorrect boundary conditions in the JavaScript: WebAssembly component + CVE-2025-13017 Same-origin policy bypass in the DOM: Notifications component + CVE-2025-13018 Mitigation bypass in the DOM: Security component + CVE-2025-13019 Same-origin policy bypass in the DOM: Workers component + CVE-2025-13013 Mitigation bypass in the DOM: Core & HTML component + CVE-2025-13020 Use-after-free in the WebRTC: Audio/Video component + CVE-2025-13014 Use-after-free in the Audio/Video component + CVE-2025-13015 Spoofing issue in Firefox - provides x-www-browser (Closes: #44717). * Wed Oct 15 2025 Pavel Vasenkov <pav@altlinux> 140.4.0-alt1 - New ESR version. - Security fixes: + CVE-2025-11708 Use-after-free in MediaTrackGraphImpl::GetInstance() + CVE-2025-11709 Out of bounds read/write in a privileged process triggered by WebGL textures + CVE-2025-11710 Cross-process information leaked due to malicious IPC messages + CVE-2025-11711 Some non-writable Object properties could be modified + CVE-2025-11712 An OBJECT tag type attribute overrode browser behavior on web resources without a content-type + CVE-2025-11713 Potential user-assisted code execution in 'Copy as cURL' command + CVE-2025-11714 Memory safety bugs fixed in Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 + CVE-2025-11715 Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144 * Wed Oct 15 2025 Pavel Vasenkov <pav@altlinux> 140.3.1-alt1 Note: changelog entry for 140.4.0-alt0.p10.1 not found.
Total 19081 source packages. _______________________________________________ Sisyphus-cybertalk mailing list [email protected] https://lists.altlinux.org/mailman/listinfo/sisyphus-cybertalk
