Overview
Request 742853 superseded
- Disable LTO for now as it consumes ~20GB of RAM, we will reenable
the feature later when some memory consumption fixes land in
GCC
- Adjust LDFLAGS settings for LTO to take memory-constraints into
consideration
- Update to 78.0.3904.70 bsc#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives
- Created by scarabeus_iv
- In state superseded
- Superseded by 743815
- Open review for licensedigger
- Open review for openSUSE:Factory:Staging:adi:62
Request History
scarabeus_iv created request
- Disable LTO for now as it consumes ~20GB of RAM, we will reenable
the feature later when some memory consumption fixes land in
GCC
- Adjust LDFLAGS settings for LTO to take memory-constraints into
consideration
- Update to 78.0.3904.70 bsc#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives
factory-auto added opensuse-review-team as a reviewer
Please review sources
staging-bot added openSUSE:Factory:Staging:adi:62 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:62"
staging-bot accepted review
Picked openSUSE:Factory:Staging:adi:62
factory-auto accepted review
Check script succeeded
namtrac accepted review
scarabeus_iv superseded request
superseded by 743815