pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/firefox52 Update to 52.5.0
details: https://anonhg.NetBSD.org/pkgsrc/rev/2ba61b2b579f
branches: trunk
changeset: 371673:2ba61b2b579f
user: ryoon <ryoon%pkgsrc.org@localhost>
date: Fri Nov 17 00:19:01 2017 +0000
description:
Update to 52.5.0
Changelog:
Security fixes:
#CVE-2017-7828: Use-after-free of PressShell while restyling layout
Reporter
Nils
Impact
critical
Description
A use-after-free vulnerability can occur when flushing and resizing
layout because the PressShell object has been freed while still
in use. This results in a potentially exploitable crash during
these operations.
References
Bug 1406750
Bug 1412252
#CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
Reporter
Jun Kokatsu
Impact
high
Description
The Resource Timing API incorrectly revealed navigations in cross-origin
iframes. This is a same-origin policy violation and could allow for
data theft of URLs loaded by users.
References
Memory safety bugs fixed in Firefox 57
#CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
Reporter
Mozilla developers and community
Impact
critical
Description
Mozilla developers and community members Christian Holler, David
Keeler, Jon Coppeard, Julien Cristau, Jan de Mooij, Jason Kratzer,
Philipp, Nicholas Nethercote, Oriol Brufau, Andr? Bargull, Bob Clary,
Jet Villegas, Randell Jesup, Tyson Smith, Gary Kwong, and Ryan VanderMeulen
reported memory safety bugs present in Firefox 56 and Firefox ESR 52.4.
Some of these bugs showed evidence of memory corruption and we presume
that with enough effort that some of these could be exploited to
run arbitrary code.
References
Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
diffstat:
www/firefox52/Makefile | 6 +++---
www/firefox52/distinfo | 10 +++++-----
2 files changed, 8 insertions(+), 8 deletions(-)
diffs (33 lines):
diff -r 0db01c459c6f -r 2ba61b2b579f www/firefox52/Makefile
--- a/www/firefox52/Makefile Thu Nov 16 22:36:34 2017 +0000
+++ b/www/firefox52/Makefile Fri Nov 17 00:19:01 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.10 2017/11/09 19:17:19 ryoon Exp $
+# $NetBSD: Makefile,v 1.11 2017/11/17 00:19:01 ryoon Exp $
FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH= 52.4
-MOZ_BRANCH_MINOR= .1esr
+MOZ_BRANCH= 52.5
+MOZ_BRANCH_MINOR= .0esr
DISTNAME= firefox-${FIREFOX_VER}.source
PKGNAME= firefox52-${MOZ_BRANCH}${MOZ_BRANCH_MINOR:S/b/beta/:S/esr//}
diff -r 0db01c459c6f -r 2ba61b2b579f www/firefox52/distinfo
--- a/www/firefox52/distinfo Thu Nov 16 22:36:34 2017 +0000
+++ b/www/firefox52/distinfo Fri Nov 17 00:19:01 2017 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.8 2017/11/09 19:17:19 ryoon Exp $
+$NetBSD: distinfo,v 1.9 2017/11/17 00:19:01 ryoon Exp $
-SHA1 (firefox-52.4.1esr.source.tar.xz) = c9ab3441780518ed9a57206d5f88445e38adb4f5
-RMD160 (firefox-52.4.1esr.source.tar.xz) = ca192f10ba393eecc023c55cfcfbc11a7d18dcf9
-SHA512 (firefox-52.4.1esr.source.tar.xz) = d80c7219548391d8a47b6e404662ea41e6acfa264a67d69365e76dd8943077e388ab24b030850919f8fc6681c11486bdbaaf170d441c861f4a12cedbe08955ab
-Size (firefox-52.4.1esr.source.tar.xz) = 211950124 bytes
+SHA1 (firefox-52.5.0esr.source.tar.xz) = 4941f498f8ec838b1bdc70fc8f13c8fde379ddce
+RMD160 (firefox-52.5.0esr.source.tar.xz) = c451c1c7cbb5ba8cdf1e35d48f08725cc8bd329c
+SHA512 (firefox-52.5.0esr.source.tar.xz) = fe724108ba538e590b87a5c1b817471d3cca9b038ba2755642e4d7b8ebb6174322be1fe074f24ef181946f9a027106b50b500d2fa541d8a99ef44905822eda18
+Size (firefox-52.5.0esr.source.tar.xz) = 214241184 bytes
SHA1 (patch-aa) = c1084caa275e57b716c3499301f7fc3f99ef5026
SHA1 (patch-ao) = 8b7125ef3b193fca4d03386142887b2f8d5015c5
SHA1 (patch-as) = 632ebd35287f8f97d18721d39a0514d4cdbb12cc
Home |
Main Index |
Thread Index |
Old Index