When reading from areas partially or fully outside the source resource with WebGL’s <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | edge-community | noarch | firefox-esr | < 68.7.0-r0 | UNKNOWN |
Alpine | edge-community | noarch | firefox | < 75.0-r0 | UNKNOWN |
Alpine | edge-community | noarch | thunderbird | < 68.7.0-r0 | UNKNOWN |
Alpine | 3.11-community | noarch | firefox-esr | < 68.7.0-r0 | UNKNOWN |
Alpine | 3.12-community | noarch | firefox-esr | < 68.7.0-r0 | UNKNOWN |
Alpine | 3.12-community | noarch | firefox | < 75.0-r0 | UNKNOWN |
Alpine | 3.12-community | noarch | mozjs68 | < 68.7.0-r0 | UNKNOWN |
Alpine | 3.13-community | noarch | firefox-esr | < 68.7.0-r0 | UNKNOWN |
Alpine | 3.13-community | noarch | firefox | < 75.0-r0 | UNKNOWN |
Alpine | 3.14-community | noarch | firefox-esr | < 68.7.0-r0 | UNKNOWN |