Navigation:
Browse pkgsrc
(this page)| 2020-12-19 21:38:04 by Benny Siegert | Files touched by this commit (2) |
Log message: Pullup ticket #6385 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.14 - www/firefox78/distinfo 1.7 --- Module Name: pkgsrc Committed By: nia Date: Thu Dec 17 13:24:30 UTC 2020 Modified Files: pkgsrc/www/firefox78: Makefile distinfo Log message: firefox78: Update to 78.6.0 Security Vulnerabilities fixed in Firefox ESR 78.6 #CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory to be exposed #CVE-2020-26971: Heap buffer overflow in WebGL #CVE-2020-26973: CSS Sanitizer performed incorrect sanitization #CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free #CVE-2020-26978: Internal network hosts could have been probed by a malicious webpage #CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs #CVE-2020-35112: Opening an extension-less download may have inadvertently launched an executable instead #CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 |
| 2020-12-10 20:54:33 by Benny Siegert | Files touched by this commit (1) |
Log message: Pullup ticket #6369 - requested by riastradh www/firefox78: build fix (via patch) Add build dependency to expat Python module. |
| 2020-11-24 19:29:25 by Benny Siegert | Files touched by this commit (4) |
Log message:
Pullup ticket #6370 - requested by nia
www/firefox78: security fix
NOTE: This also includes the changes from pullup tickets #6363 and #6369.
Revisions pulled up:
- www/firefox78/Makefile 1.9,1.13
- www/firefox78/distinfo 1.5-1.6
- www/firefox78/patches/patch-js_src_jit_ProcessExecutableMemory.cpp 1.1
- www/firefox78/patches/patch-js_src_vm_ArrayBufferObject.cpp 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Tue Nov 10 02:59:28 UTC 2020
Modified Files:
pkgsrc/www/firefox78: Makefile distinfo
Added Files:
pkgsrc/www/firefox78/patches:
patch-js_src_jit_ProcessExecutableMemory.cpp
patch-js_src_vm_ArrayBufferObject.cpp
Log message:
firefox78: Update to 78.4.1. Apply MPROTECT patches from mozjs.
Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and \
Thunderbird 78.4.2
#CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Nov 18 12:33:45 UTC 2020
Modified Files:
pkgsrc/www/firefox78: Makefile distinfo
Log message:
firefox78: Update to 78.5.0
Security Vulnerabilities fixed in Firefox ESR 78.5
#CVE-2020-26951: Parsing mismatches could confuse and bypass security
sanitizer for chrome privileged code
#CVE-2020-16012: Variable time processing of cross-origin images during
drawImage calls
#CVE-2020-26953: Fullscreen could be enabled without displaying the security
UI
#CVE-2020-26956: XSS through paste (manual and clipboard API)
#CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME
type restrictions
#CVE-2020-26959: Use-after-free in WebRequestService
#CVE-2020-26960: Potential use-after-free in uses of nsTArray
#CVE-2020-15999: Heap buffer overflow in freetype
#CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
#CVE-2020-26965: Software keyboards may have remembered typed passwords
#CVE-2020-26966: Single-word search queries were also broadcast to local
network
#CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
|
| 2020-10-23 17:36:35 by Benny Siegert | Files touched by this commit (2) |
Log message: Pullup ticket #6348 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.7 - www/firefox78/distinfo 1.4 --- Module Name: pkgsrc Committed By: nia Date: Wed Oct 21 19:23:05 UTC 2020 Modified Files: pkgsrc/www/firefox78: Makefile distinfo Log message: firefox78: Update to 78.4.0 Security Vulnerabilities fixed in Firefox ESR 78.4 #CVE-2020-15969: Use-after-free in usersctp #CVE-2020-15683: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 |
New packages: