Overview
Request 588116 accepted
yet another small tweak to have really all fixes in place also for ARM (libtremor) which was left out from the upstream Firefox tag (and only applied to the Fennec one)
- update to Firefox 59.0.1 (bsc#1085671)
MFSA 2018-08
* CVE-2018-5146 (bmo#1446062)
Vorbis audio processing out of bounds write
* CVE-2018-5147 (bmo#1446365)
Out of bounds memory write in libtremor
(mozilla-bmo1446062.patch)
- Added patch:
* mozilla-bmo1005535.patch:
Enable skia_gpu on big endian platforms.
- update to Firefox 59.0
* Performance enhancements
* Drag-and-drop to rearrange Top Sites on the Firefox Home page
* added features for Firefox Screenshots
* Enhanced WebExtensions API
* Improved RTC capabilities
MFSA 2018-06 (bsc#1085130)
* CVE-2018-5127 (bmo#1430557)
Buffer overflow manipulating SVG animatedPathSegList
* CVE-2018-5128 (bmo#1431336)
Use-after-free manipulating editor selection ranges
* CVE-2018-5129 (bmo#1428947)
Out-of-bounds write with malformed IPC messages
* CVE-2018-5130 (bmo#1433005)
Mismatched RTP payload type can trigger memory corruption
* CVE-2018-5131 (bmo#1440775)
Fetch API improperly returns cached copies of no-store/no-cache resources
* CVE-2018-5132 (bmo#1408194)
- Created by wrosenauer
- In state accepted
- Supersedes 588012
Request History
wrosenauer created request
yet another small tweak to have really all fixes in place also for ARM (libtremor) which was left out from the upstream Firefox tag (and only applied to the Fennec one)
- update to Firefox 59.0.1 (bsc#1085671)
MFSA 2018-08
* CVE-2018-5146 (bmo#1446062)
Vorbis audio processing out of bounds write
* CVE-2018-5147 (bmo#1446365)
Out of bounds memory write in libtremor
(mozilla-bmo1446062.patch)
- Added patch:
* mozilla-bmo1005535.patch:
Enable skia_gpu on big endian platforms.
- update to Firefox 59.0
* Performance enhancements
* Drag-and-drop to rearrange Top Sites on the Firefox Home page
* added features for Firefox Screenshots
* Enhanced WebExtensions API
* Improved RTC capabilities
MFSA 2018-06 (bsc#1085130)
* CVE-2018-5127 (bmo#1430557)
Buffer overflow manipulating SVG animatedPathSegList
* CVE-2018-5128 (bmo#1431336)
Use-after-free manipulating editor selection ranges
* CVE-2018-5129 (bmo#1428947)
Out-of-bounds write with malformed IPC messages
* CVE-2018-5130 (bmo#1433005)
Mismatched RTP payload type can trigger memory corruption
* CVE-2018-5131 (bmo#1440775)
Fetch API improperly returns cached copies of no-store/no-cache resources
* CVE-2018-5132 (bmo#1408194)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
staging-bot set openSUSE:Factory:Staging:H as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:H"
staging-bot accepted review
Picked openSUSE:Factory:Staging:H
jengelh accepted review
repo-checker accepted review
cycle and install check passed
dimstar_suse changed priority to moderate => important
raising priority for openSUSE:Factory:Staging:H
licensedigger accepted review
ok
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory