Next | Query returned 24 messages, browsing 1 to 10 | Previous

History of commit frequency

CVS Commit History:


   2021-01-19 23:40:26 by Nia Alarie | Files touched by this commit (2)
Log message:
firefox(78): set GCC_REQD
   2021-01-08 20:13:53 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
firefox78: Update to 78.6.1

Changelog:
* Fix: Fixed a crash during video playback on Apple Silicon devices (bug 1683579)
* Secrity fix:
#CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP \ 
chunk
   2021-01-01 13:54:13 by Ryo ONODERA | Files touched by this commit (2)
Log message:
firefox78: Fix build with devel/cbindgen-0.16.0
   2021-01-01 10:52:45 by Ryo ONODERA | Files touched by this commit (357)
Log message:
*: Recursive revbump from audio/pulseaudio-14.0
   2020-12-31 21:04:14 by Nia Alarie | Files touched by this commit (38)
Log message:
Normalize handling packages that require 64-bit atomic ops.
   2020-12-26 11:35:17 by Nia Alarie | Files touched by this commit (6)
Log message:
Remove now-actively-harmful 32-bit ARM hack from Mozilla packages.
   2020-12-17 14:24:30 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
firefox78: Update to 78.6.0

Security Vulnerabilities fixed in Firefox ESR 78.6

#CVE-2020-16042: Operations on a BigInt could have caused uninitialized
memory to be exposed

#CVE-2020-26971: Heap buffer overflow in WebGL

#CVE-2020-26973: CSS Sanitizer performed incorrect sanitization

#CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free

#CVE-2020-26978: Internal network hosts could have been probed by a
malicious webpage

#CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs

#CVE-2020-35112: Opening an extension-less download may have inadvertently
launched an executable instead

#CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
   2020-11-18 23:38:22 by Taylor R Campbell | Files touched by this commit (4)
Log message:
www/firefox*: Use -Og for debug option and -O2 for debug-info option.
   2020-11-18 13:33:45 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
firefox78: Update to 78.5.0

Security Vulnerabilities fixed in Firefox ESR 78.5

    #CVE-2020-26951: Parsing mismatches could confuse and bypass security
    sanitizer for chrome privileged code

    #CVE-2020-16012: Variable time processing of cross-origin images during
    drawImage calls

    #CVE-2020-26953: Fullscreen could be enabled without displaying the security
    UI

    #CVE-2020-26956: XSS through paste (manual and clipboard API)

    #CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME
    type restrictions

    #CVE-2020-26959: Use-after-free in WebRequestService

    #CVE-2020-26960: Potential use-after-free in uses of nsTArray

    #CVE-2020-15999: Heap buffer overflow in freetype

    #CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses

    #CVE-2020-26965: Software keyboards may have remembered typed passwords

    #CVE-2020-26966: Single-word search queries were also broadcast to local
    network

    #CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
   2020-11-16 21:21:30 by Nia Alarie | Files touched by this commit (1)
Log message:
firefox78: Needs py-expat to build (sometimes?)

Reported by Riastradh

Next | Query returned 24 messages, browsing 1 to 10 | Previous