ALT-BU-2022-7591-1
Branch sisyphus_riscv64 update bulletin.
Package hasher updated to version 1.7.0-alt1 for branch sisyphus_riscv64.
Closed bugs
duplicate option description in manpage
Package thunderbird updated to version 102.6.1-alt0.1.rv64 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2022-46874
A file with a long filename could have had its filename truncated to remove the valid extension, leaving a malicious extension in its place. This could potentially led to user confusion and the execution of malicious code.
*Note*: This issue was originally included in the advisories for Thunderbird 102.6, but a patch (specific to Thunderbird) was omitted, resulting in it actually being fixed in Thunderbird 102.6.1. This vulnerability affects Firefox < 108, Thunderbird < 102.6.1, Thunderbird < 102.6, and Firefox ESR < 102.6.
- https://bugzilla.mozilla.org/show_bug.cgi?id=1746139
- https://bugzilla.mozilla.org/show_bug.cgi?id=1746139
- GLSA-202305-06
- GLSA-202305-06
- GLSA-202305-13
- GLSA-202305-13
- https://www.mozilla.org/security/advisories/mfsa2022-51/
- https://www.mozilla.org/security/advisories/mfsa2022-51/
- https://www.mozilla.org/security/advisories/mfsa2022-52/
- https://www.mozilla.org/security/advisories/mfsa2022-52/
- https://www.mozilla.org/security/advisories/mfsa2022-53/
- https://www.mozilla.org/security/advisories/mfsa2022-53/
- https://www.mozilla.org/security/advisories/mfsa2022-54/
- https://www.mozilla.org/security/advisories/mfsa2022-54/