Lucene search

K
altlinuxHttps://packages.altlinux.org/en/sisyphus/security/F1DDEBBEAE00405B57F1750DCAA7F44C
HistoryDec 21, 2021 - 12:00 a.m.

Security fix for the ALT Linux 10 package thunderbird version 91.4.0-alt1

2021-12-2100:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
18
alt linux 10
thunderbird
security fixes
cve-2021-43536
cve-2021-43537
cve-2021-43538
cve-2021-43539
cve-2021-43541
cve-2021-43542
cve-2021-43543
cve-2021-43545
cve-2021-43546
cve-2021-43528

EPSS

0.019

Percentile

88.8%

91.4.0-alt1 built Dec. 21, 2021 Andrey Cherepanov in task #291741

Dec. 10, 2021 Andrey Cherepanov

- New version.
- Security fixes:
  + CVE-2021-43536 URL leakage when navigating while executing asynchronous function
  + CVE-2021-43537 Heap buffer overflow when using structured clone
  + CVE-2021-43538 Missing fullscreen and pointer lock notification when requesting both
  + CVE-2021-43539 GC rooting failure when calling wasm instance methods
  + CVE-2021-43541 External protocol handler parameters were unescaped
  + CVE-2021-43542 XMLHttpRequest error codes could have leaked the existence of an external protocol handler
  + CVE-2021-43543 Bypass of CSP sandbox directive when embedding
  + CVE-2021-43545 Denial of Service when using the Location API in a loop
  + CVE-2021-43546 Cursor spoofing could overlay user interface when native cursor is zoomed
  + CVE-2021-43528 JavaScript unexpectedly enabled for the composition area