diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2024-03-23 19:34:02 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2024-03-24 13:30:44 +0100 |
commit | fca48db86c9b7dcfd30f40859d2d68b8c546b8ca (patch) | |
tree | 58ca4f0b8dc14ab052440f8e896f48ab5322e6e1 /ChangeLog.txt | |
parent | 7fee55d3d8eecec3b44c753bb5d3fbb87c06a7cb (diff) | |
download | current-20240323193402_15.0.tar.gz current-20240323193402_15.0.tar.xz |
Sat Mar 23 19:34:02 UTC 202420240323193402_15.0
patches/packages/mozilla-firefox-115.9.1esr-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a critical security issue:
An attacker was able to inject an event handler into a privileged object
that would allow arbitrary JavaScript execution in the parent process.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-16/
https://www.cve.org/CVERecord?id=CVE-2024-29944
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 89534b548..00db1a668 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,14 @@ +Sat Mar 23 19:34:02 UTC 2024 +patches/packages/mozilla-firefox-115.9.1esr-x86_64-1_slack15.0.txz: Upgraded. + This update fixes a critical security issue: + An attacker was able to inject an event handler into a privileged object + that would allow arbitrary JavaScript execution in the parent process. + For more information, see: + https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/ + https://www.mozilla.org/security/advisories/mfsa2024-16/ + https://www.cve.org/CVERecord?id=CVE-2024-29944 + (* Security fix *) ++--------------------------+ Wed Mar 20 21:10:30 UTC 2024 patches/packages/bind-9.16.49-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. |