Request 715501: Submit MozillaFirefox - openSUSE Build Service

This request is superseded by request 717184 (Show diff)

Overview

Request 715501 superseded

- add fix-build-after-y2038-changes-in-glibc.patch

- Generate langpacks sequentially to avoid file corruption
from racy file writes (boo#1137970)

- Mozilla Firefox 68.0
* Dark mode in reader view
* Improved extension security and discovery
* Cryptomining and fingerprinting protections are added to strict
content blocking settings in Privacy & Security preferences
* Camera and microphone access now require an HTTPS connection
MFSA 2019-21 (bsc#1140868)
* CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
Sandbox escape via installation of malicious languagepack
* CVE-2019-11711 (bmo#1552541)
Script injection within domain through inner window reuse
* CVE-2019-11712 (bmo#1543804)
Cross-origin POST requests can be made with NPAPI plugins by
following 308 redirects
* CVE-2019-11713 (bmo#1528481)
Use-after-free with HTTP/2 cached stream
* CVE-2019-11714 (bmo#1542593)
NeckoChild can trigger crash when accessed off of main thread
* CVE-2019-11729 (bmo#1515342)
Empty or malformed p256-ECDH public keys may trigger a segmentation fault
* CVE-2019-11715 (bmo#1555523)
HTML parsing error can contribute to content XSS
* CVE-2019-11716 (bmo#1552632)
globalThis not enumerable until accessed
* CVE-2019-11717 (bmo#1548306)

Created by wrosenauer almost 5 years ago
In state superseded
Supersedes 714676
Superseded by 717184
Open review for openSUSE:Factory:Staging:C

Submit MozillaFirefox

Comments for request 715501 0

Login required, please login in order to comment

Request History

wrosenauer created request almost 5 years ago

- add fix-build-after-y2038-changes-in-glibc.patch

- Generate langpacks sequentially to avoid file corruption
from racy file writes (boo#1137970)

- Mozilla Firefox 68.0
* Dark mode in reader view
* Improved extension security and discovery
* Cryptomining and fingerprinting protections are added to strict
content blocking settings in Privacy & Security preferences
* Camera and microphone access now require an HTTPS connection
MFSA 2019-21 (bsc#1140868)
* CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
Sandbox escape via installation of malicious languagepack
* CVE-2019-11711 (bmo#1552541)
Script injection within domain through inner window reuse
* CVE-2019-11712 (bmo#1543804)
Cross-origin POST requests can be made with NPAPI plugins by
following 308 redirects
* CVE-2019-11713 (bmo#1528481)
Use-after-free with HTTP/2 cached stream
* CVE-2019-11714 (bmo#1542593)
NeckoChild can trigger crash when accessed off of main thread
* CVE-2019-11729 (bmo#1515342)
Empty or malformed p256-ECDH public keys may trigger a segmentation fault
* CVE-2019-11715 (bmo#1555523)
HTML parsing error can contribute to content XSS
* CVE-2019-11716 (bmo#1552632)
globalThis not enumerable until accessed
* CVE-2019-11717 (bmo#1548306)

staging-bot set openSUSE:Factory:Staging:C as a staging project almost 5 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:C"

staging-bot accepted review almost 5 years ago

Picked openSUSE:Factory:Staging:C

factory-auto added opensuse-review-team as a reviewer almost 5 years ago

Please review sources

factory-auto accepted review almost 5 years ago

Check script succeeded

alarrosa accepted review almost 5 years ago

thanks!

licensedigger accepted review almost 5 years ago

ok

wrosenauer superseded request almost 5 years ago

superseded by 717184

openSUSE Build Service is sponsored by