mirror of
https://codeberg.org/guix/guix.git
synced 2026-01-29 04:01:28 -06:00
451169408c
LibreWolf 141.0 contains fixes for:
CVE-2025-8027: JavaScript engine only wrote partial return value to
stack
CVE-2025-8028: Large branch table could lead to truncated instruction
CVE-2025-8041: Incorrect URL truncation in Firefox for Android
CVE-2025-8042: Sandboxed iframe could start downloads
CVE-2025-8029: javascript: URLs executed on object and embed tags
CVE-2025-8036: DNS rebinding circumvents CORS
CVE-2025-8037: Nameless cookies shadow secure cookies
CVE-2025-8030: Potential user-assisted code execution in “Copy as
cURL” command
CVE-2025-8043: Incorrect URL truncation
CVE-2025-8031: Incorrect URL stripping in CSP reports
CVE-2025-8032: XSLT documents could bypass CSP
CVE-2025-8038: CSP frame-src was not correctly enforced for paths
CVE-2025-8039: Search terms persisted in URL bar
CVE-2025-8033: Incorrect JavaScript state machine for generators
CVE-2025-8044: Memory safety bugs fixed in Firefox 141 and Thunderbird
141
CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26, Firefox
ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1,
Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
CVE-2025-8040: Memory safety bugs fixed in Firefox ESR 140.1,
Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13,
Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird
ESR 140.1, Firefox 141 and Thunderbird 141
* gnu/packages/librewolf.scm (librewolf): Update to 141.0-1.
Change-Id: I13a4221178d9d928967fd8e01bd675e034219013
|
||
|---|---|---|
| .. | ||
| bootloader | ||
| build | ||
| home | ||
| installer | ||
| machine | ||
| packages | ||
| services | ||
| system | ||
| tests | ||
| artwork.scm | ||
| bootloader.scm | ||
| ci.scm | ||
| compression.scm | ||
| home.scm | ||
| image.scm | ||
| installer.scm | ||
| local.mk | ||
| machine.scm | ||
| packages.scm | ||
| services.scm | ||
| system.scm | ||
| tests.scm | ||