forked from pool/MozillaFirefox
- update to Firefox 52.2esr (boo#1043960)
MFSA 2017-16 * CVE-2017-5472 (bmo#1365602) Use-after-free using destroyed node when regenerating trees * CVE-2017-7749 (bmo#1355039) Use-after-free during docshell reloading * CVE-2017-7750 (bmo#1356558) Use-after-free with track elements * CVE-2017-7751 (bmo#1363396) Use-after-free with content viewer listeners * CVE-2017-7752 (bmo#1359547) Use-after-free with IME input * CVE-2017-7754 (bmo#1357090) Out-of-bounds read in WebGL with ImageInfo object * CVE-2017-7755 (bmo#1361326) Privilege escalation through Firefox Installer with same directory DLL files (Windows only) * CVE-2017-7756 (bmo#1366595) Use-after-free and use-after-scope logging XHR header errors * CVE-2017-7757 (bmo#1356824) Use-after-free in IndexedDB * CVE-2017-7778, CVE-2017-7778, CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777 Vulnerabilities in the Graphite 2 library * CVE-2017-7758 (bmo#1368490) Out-of-bounds read in Opus encoder * CVE-2017-7760 (bmo#1348645) File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service (Windows only) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=594
This commit is contained in:
parent
1dc1d33afa
commit
09b85d1e80
@ -1,3 +1,58 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jun 14 07:08:29 UTC 2017 - wr@rosenauer.org
|
||||||
|
|
||||||
|
- update to Firefox 52.2esr (boo#1043960)
|
||||||
|
MFSA 2017-16
|
||||||
|
* CVE-2017-5472 (bmo#1365602)
|
||||||
|
Use-after-free using destroyed node when regenerating trees
|
||||||
|
* CVE-2017-7749 (bmo#1355039)
|
||||||
|
Use-after-free during docshell reloading
|
||||||
|
* CVE-2017-7750 (bmo#1356558)
|
||||||
|
Use-after-free with track elements
|
||||||
|
* CVE-2017-7751 (bmo#1363396)
|
||||||
|
Use-after-free with content viewer listeners
|
||||||
|
* CVE-2017-7752 (bmo#1359547)
|
||||||
|
Use-after-free with IME input
|
||||||
|
* CVE-2017-7754 (bmo#1357090)
|
||||||
|
Out-of-bounds read in WebGL with ImageInfo object
|
||||||
|
* CVE-2017-7755 (bmo#1361326)
|
||||||
|
Privilege escalation through Firefox Installer with same
|
||||||
|
directory DLL files (Windows only)
|
||||||
|
* CVE-2017-7756 (bmo#1366595)
|
||||||
|
Use-after-free and use-after-scope logging XHR header errors
|
||||||
|
* CVE-2017-7757 (bmo#1356824)
|
||||||
|
Use-after-free in IndexedDB
|
||||||
|
* CVE-2017-7778, CVE-2017-7778, CVE-2017-7771, CVE-2017-7772,
|
||||||
|
CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776,
|
||||||
|
CVE-2017-7777
|
||||||
|
Vulnerabilities in the Graphite 2 library
|
||||||
|
* CVE-2017-7758 (bmo#1368490)
|
||||||
|
Out-of-bounds read in Opus encoder
|
||||||
|
* CVE-2017-7760 (bmo#1348645)
|
||||||
|
File manipulation and privilege escalation via callback parameter
|
||||||
|
in Mozilla Windows Updater and Maintenance Service (Windows only)
|
||||||
|
* CVE-2017-7761 (bmo#1215648)
|
||||||
|
File deletion and privilege escalation through Mozilla Maintenance
|
||||||
|
Service helper.exe application (Windows only)
|
||||||
|
* CVE-2017-7764 (bmo#1364283)
|
||||||
|
Domain spoofing with combination of Canadian Syllabics and other
|
||||||
|
unicode blocks
|
||||||
|
* CVE-2017-7765 (bmo#1273265)
|
||||||
|
Mark of the Web bypass when saving executable files (Windows only)
|
||||||
|
* CVE-2017-7766 (bmo#1342742)
|
||||||
|
File execution and privilege escalation through updater.ini,
|
||||||
|
Mozilla Windows Updater, and Mozilla Maintenance Service
|
||||||
|
(Windows only)
|
||||||
|
* CVE-2017-7767 (bmo#1336964)
|
||||||
|
Privilege escalation and arbitrary file overwrites through Mozilla
|
||||||
|
Windows Updater and Mozilla Maintenance Service (Windows only)
|
||||||
|
* CVE-2017-7768 (bmo#1336979)
|
||||||
|
32 byte arbitrary file read through Mozilla Maintenance Service
|
||||||
|
(Windows only)
|
||||||
|
* CVE-2017-5470
|
||||||
|
Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
|
||||||
|
- requires NSS 3.28.5
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue May 23 14:00:40 UTC 2017 - wr@rosenauer.org
|
Tue May 23 14:00:40 UTC 2017 - wr@rosenauer.org
|
||||||
|
|
||||||
|
@ -19,9 +19,9 @@
|
|||||||
|
|
||||||
# changed with every update
|
# changed with every update
|
||||||
%define major 52
|
%define major 52
|
||||||
%define mainver %major.1.1
|
%define mainver %major.2
|
||||||
%define update_channel esr52
|
%define update_channel esr52
|
||||||
%define releasedate 20170504000000
|
%define releasedate 20170612000000
|
||||||
|
|
||||||
# PIE, full relro (x86_64 for now)
|
# PIE, full relro (x86_64 for now)
|
||||||
%define build_hardened 1
|
%define build_hardened 1
|
||||||
@ -82,7 +82,7 @@ BuildRequires: libnotify-devel
|
|||||||
BuildRequires: libproxy-devel
|
BuildRequires: libproxy-devel
|
||||||
BuildRequires: makeinfo
|
BuildRequires: makeinfo
|
||||||
BuildRequires: mozilla-nspr-devel >= 4.13.1
|
BuildRequires: mozilla-nspr-devel >= 4.13.1
|
||||||
BuildRequires: mozilla-nss-devel >= 3.28.4
|
BuildRequires: mozilla-nss-devel >= 3.28.5
|
||||||
BuildRequires: nss-shared-helper-devel
|
BuildRequires: nss-shared-helper-devel
|
||||||
BuildRequires: python-devel
|
BuildRequires: python-devel
|
||||||
BuildRequires: startup-notification-devel
|
BuildRequires: startup-notification-devel
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
version https://git-lfs.github.com/spec/v1
|
||||||
oid sha256:e214ffffe1a35265eb8ea61ba630866a252b2402ecbec6e7137868b4edebafe2
|
oid sha256:c120f40aa9fa97dc2e9debb0398514dc5873481b65322b645186a476cd49f555
|
||||||
size 28356
|
size 28380
|
||||||
|
@ -7,8 +7,8 @@
|
|||||||
|
|
||||||
CHANNEL="esr52"
|
CHANNEL="esr52"
|
||||||
BRANCH="releases/mozilla-$CHANNEL"
|
BRANCH="releases/mozilla-$CHANNEL"
|
||||||
RELEASE_TAG="FIREFOX_52_1_1esr_RELEASE"
|
RELEASE_TAG="FIREFOX_52_2_0esr_RELEASE"
|
||||||
VERSION="52.1.1"
|
VERSION="52.2"
|
||||||
|
|
||||||
# mozilla
|
# mozilla
|
||||||
if [ -d mozilla ]; then
|
if [ -d mozilla ]; then
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:1ccdee46cb8d78145281de57501dee34f4e5eb71f6e98746e3d4b1b6faf09920
|
|
||||||
size 222469016
|
|
3
firefox-52.2-source.tar.xz
Normal file
3
firefox-52.2-source.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:298e38ec2f230482e081693ebf27add8b4de68782639ec5446102a5e42847b3b
|
||||||
|
size 222356940
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:a856562b32f7d214bd71f756e2e360c702faebc2b739ddbd2adc77063f893cc0
|
|
||||||
size 45025968
|
|
3
l10n-52.2.tar.xz
Normal file
3
l10n-52.2.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:508eaf325e8fec62e5147c3ade233b7a32afedc06fff2262115174ffab66c36b
|
||||||
|
size 45016424
|
@ -1,2 +1,2 @@
|
|||||||
REV=120111e65bc4
|
REV=f68e0d98a22a
|
||||||
REPO=http://hg.mozilla.org/releases/mozilla-esr52
|
REPO=http://hg.mozilla.org/releases/mozilla-esr52
|
||||||
|
Loading…
Reference in New Issue
Block a user