Mako is a template library written in Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. Security Fix: * mako: REDoS in Lexer class For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For deta ...
A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. Security Fix: * libtasn1: Out-of-bound access in ETYPE_OK For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
A library that provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. Security Fix: * libtasn1: Out-of-bound access in ETYPE_OK For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References ...
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References ...
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-overflow in blendGaussianBlur * Mozilla: Use-after-free of ChannelEventQueue::mOwner * Mozilla: Browser window spoof using fullscreen mode * Mozilla: ...
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-overflow in blendGaussianBlur * Mozilla: Use-after-free of ChannelEventQueue::mOwner * Mozilla: Brows ...
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-overflow in blendGaussianBlur * Mozilla: Use-after-free of ChannelEventQueue::mOwner * Mozilla: Brows ...
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Security Fix: * Mozilla: Iframe sandbox bypass with XSLT * Mozilla: Race condition when playing audio files * Mozilla: Heap-buffer-overflow in blendGaussianBlur * Mozilla: Use-after-free of ChannelEventQueue::mOwner * Mozilla: Browser window spoof using fullscreen mode * Mozilla: ...
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.6.0. Security Fix: * Mozilla: Extensions could have bypassed permission confirmation during update * Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 * Mozilla: Drag and dropping an image could have resulted in the dropped object being an executable * Mozilla: Sandbo ...