diff options
| author | Ian Eure <ian@retrospec.tv> | 2025-01-21 19:45:51 -0800 |
|---|---|---|
| committer | Zheng Junjie <zhengjunjie@iscas.ac.cn> | 2025-01-22 18:20:38 +0800 |
| commit | e4e3068124baaffc9b986e7aa3831bc9ac7adf6e (patch) | |
| tree | a953821f480db355fdff99f91fe8917b19231c12 /doc/htmlxref.cnf | |
| parent | fd351356e0f63b9efc5dad7ff06f6b22e000b93f (diff) | |
gnu: librewolf: Update to 134.0.1-1 [security fixes].
New upstream release. Some minor tweaks needed, like switching from gzip to
pigz, updating icu4c, and ensuring it builds with the correct Rust version.
CVE-2025-0237: WebChannel APIs susceptible to confused deputy attack
CVE-2025-0238: Use-after-free when breaking lines in text
CVE-2025-0239: Alt-Svc ALPN validation failure when redirected
CVE-2025-0240: Compartment mismatch when parsing JavaScript JSON
module
CVE-2025-0241: Memory corruption when using JavaScript Text
Segmentation
CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird
134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird
115.19, and Thunderbird 128.6
CVE-2025-0243: Memory safety bugs fixed in Firefox 134, Thunderbird
134, Firefox ESR 128.6, and Thunderbird 128.6
CVE-2025-0244: Address bar spoofing using an invalid protocol scheme
on Firefox for Android
CVE-2025-0245: Lock screen setting bypass in Firefox Focus for Android
CVE-2025-0246: Address bar spoofing using an invalid protocol scheme
on Firefox for Android
CVE-2025-0247: Memory safety bugs fixed in Firefox 134 and Thunderbird
134
* gnu/packages/librewolf.scm (librewolf): Update to 134.0.1-1.
Change-Id: I027bf6f1541b0e7bec9116b2d6b39ab606813b23
Signed-off-by: Zheng Junjie <zhengjunjie@iscas.ac.cn>
Diffstat (limited to 'doc/htmlxref.cnf')
0 files changed, 0 insertions, 0 deletions