From 19ab3bdb0673dd1182d97ac0d765fbdb1db0262b4e1d91a106f5bfafb9db3b2f Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Wed, 9 May 2018 19:58:20 +0000 Subject: [PATCH] MFSA 2018-11 (bsc#1092548) * CVE-2018-5154 (bmo#1443092) Use-after-free with SVG animations and clip paths * CVE-2018-5155 (bmo#1448774) Use-after-free with SVG animations and text paths * CVE-2018-5157 (bmo#1449898) Same-origin bypass of PDF Viewer to view protected PDF files * CVE-2018-5158 (bmo#1452075) Malicious PDF can inject JavaScript into PDF Viewer * CVE-2018-5159 (bmo#1441941) Integer overflow and out-of-bounds write in Skia * CVE-2018-5160 (bmo#1436117) Uninitialized memory use by WebRTC encoder * CVE-2018-5152 (bmo#1415644, bmo#1427289) WebExtensions information leak through webRequest API * CVE-2018-5153 (bmo#1436809) Out-of-bounds read in mixed content websocket messages * CVE-2018-5163 (bmo#1426353) Replacing cached data in JavaScript Start-up Bytecode Cache * CVE-2018-5164 (bmo#1416045) CSP not applied to all multipart content sent with multipart/x-mixed-replace * CVE-2018-5166 (bmo#1437325) WebExtension host permission bypass through filterReponseData * CVE-2018-5167 (bmo#1447969) Improper linkification of chrome: and javascript: content in web console and JavaScript debugger * CVE-2018-5168 (bmo#1449548) Lightweight themes can be installed without user interaction * CVE-2018-5169 (bmo#1319157) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=658 --- MozillaFirefox.changes | 61 ++++++++++++++++++++++++++++++++++++++++++ MozillaFirefox.spec | 4 +-- 2 files changed, 63 insertions(+), 2 deletions(-) diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index ae0361e..3997ed4 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -9,6 +9,67 @@ Mon May 7 08:32:28 UTC 2018 - wr@rosenauer.org * Added support for Web Authentication, allowing the use of USB tokens for authentication to web sites * Locale added: Occitan (oc) + MFSA 2018-11 (bsc#1092548) + * CVE-2018-5154 (bmo#1443092) + Use-after-free with SVG animations and clip paths + * CVE-2018-5155 (bmo#1448774) + Use-after-free with SVG animations and text paths + * CVE-2018-5157 (bmo#1449898) + Same-origin bypass of PDF Viewer to view protected PDF files + * CVE-2018-5158 (bmo#1452075) + Malicious PDF can inject JavaScript into PDF Viewer + * CVE-2018-5159 (bmo#1441941) + Integer overflow and out-of-bounds write in Skia + * CVE-2018-5160 (bmo#1436117) + Uninitialized memory use by WebRTC encoder + * CVE-2018-5152 (bmo#1415644, bmo#1427289) + WebExtensions information leak through webRequest API + * CVE-2018-5153 (bmo#1436809) + Out-of-bounds read in mixed content websocket messages + * CVE-2018-5163 (bmo#1426353) + Replacing cached data in JavaScript Start-up Bytecode Cache + * CVE-2018-5164 (bmo#1416045) + CSP not applied to all multipart content sent with + multipart/x-mixed-replace + * CVE-2018-5166 (bmo#1437325) + WebExtension host permission bypass through filterReponseData + * CVE-2018-5167 (bmo#1447969) + Improper linkification of chrome: and javascript: content in + web console and JavaScript debugger + * CVE-2018-5168 (bmo#1449548) + Lightweight themes can be installed without user interaction + * CVE-2018-5169 (bmo#1319157) + Dragging and dropping link text onto home button can set home page + to include chrome pages + * CVE-2018-5172 (bmo#1436482) + Pasted script from clipboard can run in the Live Bookmarks page + or PDF viewer + * CVE-2018-5173 (bmo#1438025) + File name spoofing of Downloads panel with Unicode characters + * CVE-2018-5174 (bmo#1447080) (Windows-only) + Windows Defender SmartScreen UI runs with less secure behavior + for downloaded files in Windows 10 April 2018 Update + * CVE-2018-5175 (bmo#1432358) + Universal CSP bypass on sites using strict-dynamic in their policies + * CVE-2018-5176 (bmo#1442840) + JSON Viewer script injection + * CVE-2018-5177 (bmo#1451908) + Buffer overflow in XSLT during number formatting + * CVE-2018-5165 (bmo#1451452) + Checkbox for enabling Flash protected mode is inverted in 32-bit + Firefox + * CVE-2018-5180 (bmo#1444086) + heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced + * CVE-2018-5181 (bmo#1424107) + Local file can be displayed in noopener tab through drag and + drop of hyperlink + * CVE-2018-5182 (bmo#1435908) + Local file can be displayed from hyperlink dragged and dropped + on addressbar + * CVE-2018-5151 + Memory safety bugs fixed in Firefox 60 + * CVE-2018-5150 + Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 - removed obsolete patches 0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch mozilla-bmo1005535.patch diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index 4b01a0e..afd2af1 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -415,7 +415,7 @@ install -m 644 %{SOURCE9} %{buildroot}%{progdir}/browser/defaults/preferences/fi %if %localize rm -f %{_tmppath}/translations.* touch %{_tmppath}/translations.{common,other} -for locale in $(cat $RPM_BUILD_DIR/mozilla/browser/locales/shipped-locales) ; do +for locale in $(cat $RPM_BUILD_DIR/%{source_prefix}/browser/locales/shipped-locales) ; do case $locale in ja-JP-mac|en-US|'') ;; @@ -423,7 +423,7 @@ for locale in $(cat $RPM_BUILD_DIR/mozilla/browser/locales/shipped-locales) ; do pushd $RPM_BUILD_DIR/compare-locales PYTHONPATH=lib \ scripts/compare-locales -m ../l10n-merged/$locale \ - ../mozilla/browser/locales/l10n.ini ../l10n $locale + ../%{source_prefix}/browser/locales/l10n.ini ../l10n $locale popd LOCALE_MERGEDIR=$RPM_BUILD_DIR/l10n-merged/$locale \ make -C browser/locales langpack-$locale