Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3:Update
patchinfo.7714
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7714
<patchinfo incident="7714"> <issue id="1077291" tracker="bnc">VUL-0: MozillaFirefox: 58 / 52.6.0 ESR release</issue> <issue id="2018-5103" tracker="cve" /> <issue id="2018-5104" tracker="cve" /> <issue id="2018-5117" tracker="cve" /> <issue id="2018-5091" tracker="cve" /> <issue id="2018-5097" tracker="cve" /> <issue id="2018-5096" tracker="cve" /> <issue id="2018-5095" tracker="cve" /> <issue id="2018-5102" tracker="cve" /> <issue id="2018-5099" tracker="cve" /> <issue id="2018-5098" tracker="cve" /> <issue id="2018-5089" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>AndreasStieger</packager> <description>This update for MozillaFirefox fixes the following issues: - update to Firefox 52.6esr (boo#1077291) MFSA 2018-01 * Speculative execution side-channel attack ("Spectre") MFSA 2018-03 * CVE-2018-5091 (bmo#1423086) Use-after-free with DTMF timers * CVE-2018-5095 (bmo#1418447) Integer overflow in Skia library during edge builder allocation * CVE-2018-5096 (bmo#1418922) Use-after-free while editing form elements * CVE-2018-5097 (bmo#1387427) Use-after-free when source document is manipulated during XSLT * CVE-2018-5098 (bmo#1399400) Use-after-free while manipulating form input elements * CVE-2018-5099 (bmo#1416878) Use-after-free with widget listener * CVE-2018-5102 (bmo#1419363) Use-after-free in HTML media elements * CVE-2018-5103 (bmo#1423159) Use-after-free during mouse event handling * CVE-2018-5104 (bmo#1425000) Use-after-free during font face manipulation * CVE-2018-5117 (bmo#1395508) URL spoofing with right-to-left text aligned left-to-right * CVE-2018-5089 Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6 - Added additional patches and configurations to fix builds on s390 and PowerPC. * Added firefox-glibc-getrandom.patch effecting builds on s390 and PowerPC * Added mozilla-s390-bigendian.patch along with icudt58b.dat bigendian ICU data file for running Firefox on bigendian architectures (bmo#1322212 and bmo#1264836) * Added mozilla-s390-nojit.patch to enable atomic operations used by the JS engine when JIT is disabled on s390 * Build configuration options specific to s390 * Requires NSS >= 3.29.5 </description> <summary>Security update for MozillaFirefox</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor