SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for firefox-52esr-branding-upstream-52.9.0-23.137.x86_64.rpm :

* Wed Aug 07 2019 Anonymous Checkouts - Relink to direct parent project (what was previously the grandparent) due to the intermediate project having been deleted- Turn off sending of telemtery (fuck spyware)
* Fri Oct 05 2018 anoncvsAATTmailinator.com- Remove the GTK3 build switch to force building with GTK2 due to bugs in GTK3 support that were not fixed until FF55 and which were never backported by Mozilla during the life of ESR52, and which are pointless to backport given GTK2 is still supported
* Tue Jun 26 2018 wrAATTrosenauer.org- update to Firefox 52.9.0 MFSA 2018-17 (bsc#1098998)
* CVE-2018-12359 (bmo#1459162) Buffer overflow using computed size of canvas element
* CVE-2018-12360 (bmo#1459693) Use-after-free when using focus()
* CVE-2018-12362 (bmo#1452375) Integer overflow in SSSE3 scaler
* CVE-2018-5156 (bmo#1453127) Media recorder segmentation fault when track type is changed during capture
* CVE-2018-12363 (bmo#1464784) Use-after-free when appending DOM nodes
* CVE-2018-12364 (bmo#1436241) CSRF attacks through 307 redirects and NPAPI plugins
* CVE-2018-12365 (bmo#1459206) Compromised IPC child process can list local filenames
* CVE-2018-12366 (bmo#1464039) Invalid data handling during QCMS transformations
* CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739, bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576, bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829, bmo#1464079,bmo#1463494,bmo#1458048) Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
* Wed Jun 13 2018 wrAATTrosenauer.org- update to Firefox 52.8.1 (bsc#1096449)
* MFSA 2018-14/CVE-2018-6126 (bmo#1462682) Heap buffer overflow rasterizing paths in SVG with Skia
* Wed May 09 2018 wrAATTrosenauer.org- update to Firefox 52.8.0:
* Various stability and regression fixes
* Performance improvements to the Safe Browsing service to avoid slowdowns while updating site classification data- Security fixes (bsc#1092548, MFSA 2018-12):
* CVE-2018-5183 (bmo#1454692) Backport critical security fixes in Skia
* CVE-2018-5154 (bmo#1443092) Use-after-free with SVG animations and clip paths
* CVE-2018-5155 (bmo#1448774) Use-after-free with SVG animations and text paths
* CVE-2018-5157 (bmo#1449898) Same-origin bypass of PDF Viewer to view protected PDF files
* CVE-2018-5158 (bmo#1452075) Malicious PDF can inject JavaScript into PDF Viewer
* CVE-2018-5159 (bmo#1441941) Integer overflow and out-of-bounds write in Skia
* CVE-2018-5168 (bmo#1449548) Lightweight themes can be installed without user interaction
* CVE-2018-5178 (bmo#1443891) Buffer overflow during UTF-8 to Unicode string conversion through legacy extension
* CVE-2018-5150 (bmo#1388020,bmo#1433609,bmo#1409440,bmo#1448705, bmo#1451376,bmo#1452202,bmo#1444668,bmo#1393367,bmo#1411415, bmo#1426129) Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
* Wed Mar 28 2018 astiegerAATTsuse.com- fix release tag and tarball to correctly identify 52.7.3esr
* Tue Mar 27 2018 wrAATTrosenauer.org- update to Firefox 52.7.3 MFSA 2018-10 (bsc#1087059)
* CVE-2018-5148 (bmo#1440717) Use-after-free in compositor- removed obsolete patch mozilla-bmo1446062.patch
* Fri Mar 16 2018 wrAATTrosenauer.org- update to Firefox 52.7.2 (bsc#1085671) MFSA 2018-08
* CVE-2018-5146 (bmo#1446062) Out of bounds memory write in libvorbis
* CVE-2018-5147 (bmo#1446365) Out of bounds memory write in libtremor (in mozilla-bmo1446062.patch)- Firefox 52.7.1 fixes - issues with the IT locale (bmo#1445278)
* Tue Mar 13 2018 astiegerAATTsuse.com- update to Firefox 52.7esr (bsc#1085130, MFSA 2018-07):
* CVE-2018-5127 (bmo#1430557) Buffer overflow manipulating SVG animatedPathSegList
* CVE-2018-5129 (bmo#1428947) Out-of-bounds write with malformed IPC messages
* CVE-2018-5130 (bmo#1433005) Mismatched RTP payload type can trigger memory corruption
* CVE-2018-5131 (bmo#1440775) Fetch API improperly returns cached copies of no-store/no-cache resources
* CVE-2018-5144 (bmo#1440926) Integer overflow during Unicode conversion
* CVE-2018-5125 (bmo1416529,bmo#1434580,bmo#1434384,bmo#1437450, bmo#1437507,bmo#1426988,bmo#1438425,bmo#1324042,bmo#1437087, bmo#1443865,bmo#1425520) Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
* CVE-2018-5145 (bmo#1261175,bmo#1348955) Memory safety bugs fixed in Firefox ESR 52.7
* Fri Feb 09 2018 wrAATTrosenauer.org- correct requires and provides handling (boo#1076907)
  
ICM