Path to this page:
Subject: CVS commit: [pkgsrc-2018Q1] pkgsrc/www/firefox52
From: S.P.Zeidler
Date: 2018-06-17 22:22:18
Message id: 20180617202218.D4DBAFBEC@cvs.NetBSD.org
Log Message:
Pullup ticket #5767 - requested by bsiegert
www/firefox52: security update
Revisions pulled up:
- www/firefox52/Makefile 1.23
- www/firefox52/distinfo 1.14
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Jun 1 19:43:40 UTC 2018
Modified Files:
pkgsrc/www/firefox52: Makefile distinfo
Log Message:
Update to 52.8.0
Changelog:
Various security fixes
Various stability and regression fixes
Performance improvements to the Safe Browsing service to avoid
slowdowns while updating site classification data
Security fixes:
#CVE-2018-5183: Backport critical security fixes in Skia
#CVE-2018-5154: Use-after-free with SVG animations and clip paths
#CVE-2018-5155: Use-after-free with SVG animations and text paths
#CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
#CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
#CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
#CVE-2018-5168: Lightweight themes can be installed without user interaction
#CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
for downloaded files in Windows 10 April 2018 Update
#CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
through legacy extension
#CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
To generate a diff of this commit:
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/firefox52/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/firefox52/distinfo
Files: