Overview
Request 342308 accepted
- update to xulrunner 38.4.0 (bnc#952810)
* MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
Miscellaneous memory safety hazards
* MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
Trailing whitespace in IP address hostnames can bypass same-origin policy
* MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type headers
are received
* MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1188010, bmo#1204061, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1205157)
NSS and NSPR memory corruption issues
(fixed in mozilla-nspr and mozilla-nss packages)
- requires NSPR 4.10.10 and NSS 3.19.2.1
- Created by wrosenauer
- In state accepted
Request History
wrosenauer created request
- update to xulrunner 38.4.0 (bnc#952810)
* MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
Miscellaneous memory safety hazards
* MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
Trailing whitespace in IP address hostnames can bypass same-origin policy
* MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type headers
are received
* MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1188010, bmo#1204061, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1205157)
NSS and NSPR memory corruption issues
(fixed in mozilla-nspr and mozilla-nss packages)
- requires NSPR 4.10.10 and NSS 3.19.2.1
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
factory-repo-checker reopened review
xulrunner is still building for repository openSUSE_Factory
factory-repo-checker reopened review
Execution plan: mozilla:Factory/openSUSE_Factory
can't install xulrunner-38.4.0-37.2.x86_64:
nothing provides mozilla-nspr >= 4.10.10 needed by xulrunner-38.4.0-37.2.x86_64
(we have mozilla-nspr-4.10.9-1.1.x86_64)
nothing provides mozilla-nss >= 3.20.1 needed by xulrunner-38.4.0-37.2.x86_64
(we have mozilla-nss-3.20-1.1.x86_64)
mlin7442 added openSUSE:Factory:Staging:adi:22 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:22"
mlin7442 accepted review
Picked openSUSE:Factory:Staging:adi:22
dimstar accepted review
ok
factory-repo-checker reopened review
Missing i586 and x86_64 in the repo list
factory-repo-checker reopened review
Execution plan: mozilla:Factory/openSUSE_Factory
can't install xulrunner-38.4.0-37.2.x86_64:
nothing provides mozilla-nspr >= 4.10.10 needed by xulrunner-38.4.0-37.2.x86_64
(we have mozilla-nspr-4.10.9-1.1.x86_64)
nothing provides mozilla-nss >= 3.20.1 needed by xulrunner-38.4.0-37.2.x86_64
(we have mozilla-nss-3.20-1.1.x86_64)
factory-repo-checker reopened review
Execution plan: mozilla:Factory/openSUSE_Factory
can't install xulrunner-38.4.0-37.2.x86_64:
nothing provides mozilla-nss >= 3.20.1 needed by xulrunner-38.4.0-37.2.x86_64
(we have mozilla-nss-3.20-1.1.x86_64)
factory-repo-checker accepted review
Builds for repo mozilla:Factory/openSUSE_Factory
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory