Accepting request 619198 from home:AndreasStieger:branches:mozilla:Factory
MFSA 2018-15 for boo#1098998 OBS-URL: https://build.opensuse.org/request/show/619198 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=674
This commit is contained in:
Wolfgang Rosenauer
Git OBS Bridge
parent
206b6f2820
commit
253295ce64
@ -8,6 +8,47 @@ Sat Jun 23 07:25:51 UTC 2018 - wr@rosenauer.org
|
|||||||
* OpenSearch plugins offered by web pages can now be added from the
|
* OpenSearch plugins offered by web pages can now be added from the
|
||||||
page action menu for easier installation
|
page action menu for easier installation
|
||||||
* Improved support for allowing WebExtensions to manage and hide tabs
|
* Improved support for allowing WebExtensions to manage and hide tabs
|
||||||
|
MFSA 2018-15 (bsc#1098998)
|
||||||
|
* CVE-2018-12359 (bmo#1459162)
|
||||||
|
Buffer overflow using computed size of canvas element
|
||||||
|
* CVE-2018-12360 (bmo#1459693)
|
||||||
|
Use-after-free when using focus()
|
||||||
|
* CVE-2018-12361 (bmo#1463244)
|
||||||
|
Integer overflow in SwizzleData
|
||||||
|
* CVE-2018-12358 (bmo#1467852)
|
||||||
|
Same-origin bypass using service worker and redirection
|
||||||
|
* CVE-2018-12362 (bmo#1452375)
|
||||||
|
Integer overflow in SSSE3 scaler
|
||||||
|
* CVE-2018-5156 (bmo#1453127)
|
||||||
|
Media recorder segmentation fault when track type is changed during capture
|
||||||
|
* CVE-2018-12363 (bmo#1464784)
|
||||||
|
Use-after-free when appending DOM nodes
|
||||||
|
* CVE-2018-12364 (bmo#1436241)
|
||||||
|
CSRF attacks through 307 redirects and NPAPI plugins
|
||||||
|
* CVE-2018-12365 (bmo#1459206)
|
||||||
|
Compromised IPC child process can list local filenames
|
||||||
|
* CVE-2018-12371 (bmo#1465686)
|
||||||
|
Integer overflow in Skia library during edge builder allocation
|
||||||
|
* CVE-2018-12366 (bmo#1464039)
|
||||||
|
Invalid data handling during QCMS transformations
|
||||||
|
* CVE-2018-12367 (bmo#1462891)
|
||||||
|
Timing attack mitigation of PerformanceNavigationTiming
|
||||||
|
* CVE-2018-12369 (bmo#1454909)
|
||||||
|
WebExtension security permission checks bypassed by embedded experiments
|
||||||
|
* CVE-2018-12370 (bmo#1456652)
|
||||||
|
SameSite cookie protections bypassed when exiting Reader View
|
||||||
|
* CVE-2018-5186 (bmo#1464872,bmo#1463329,bmo#1419373,bmo#1412882,
|
||||||
|
bmo#1413033,bmo#1444673,bmo#1454448,bmo#1453505,bmo#1438671)
|
||||||
|
Memory safety bugs fixed in Firefox 61
|
||||||
|
* CVE-2018-5187 (1461324,bmo#1414829,bmo#1395246,bmo#1467938,
|
||||||
|
bmo#1461619,bmo#1425930,bmo#1438556,bmo#1454285,bmo#1459568,
|
||||||
|
bmo#1463884)
|
||||||
|
Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
|
||||||
|
* CVE-2018-5188 (bnc#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
|
||||||
|
bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
|
||||||
|
bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
|
||||||
|
bmo#1464079,bmo#1463494,bmo#1458048)
|
||||||
|
Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
|
||||||
- requires NSS 3.37.3
|
- requires NSS 3.37.3
|
||||||
- requires python >= 3.5 to build
|
- requires python >= 3.5 to build
|
||||||
- removed obsolete patches
|
- removed obsolete patches
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user