| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes #8701
CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR
52.7
CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
CVE-2018-5129: Out-of-bounds write with malformed IPC messages
CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption
CVE-2018-5131: Fetch API improperly returns cached copies of
no-store/no-cache resources
CVE-2018-5144: Integer overflow during Unicode conversion
CVE-2018-5145: Memory safety bugs fixed in Firefox ESR 52.7
|
| | |
|
| |
|
|
|
|
| |
CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096
CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102
CVE-2018-5103 CVE-2018-5104 CVE-2018-5117
|
| |
|
|
| |
Fixes #8326
|
| | |
|
| |
|
|
|
| |
Contains fixes for font rendering issues caused by changes in freetype
2.8.1
|
| |
|
|
| |
it seems to build again
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixes #7673
CVE-2017-7753: Out-of-bounds read with cached style data and
pseudo-elements
CVE-2017-7779: Memory safety bugs
CVE-2017-7784: Use-after-free with image observers
CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM
CVE-2017-7786: Buffer overflow while painting non-displayable SVG
CVE-2017-7787: Same-origin policy bypass with iframes through page
reloads
CVE-2017-7791: Spoofing following page navigation with data: protocol
and modal alerts
CVE-2017-7792: Buffer overflow viewing certificates with an extremely
long OID
CVE-2017-7798: XUL injection in the style editor in devtools
CVE-2017-7800: Use-after-free in WebSockets during disconnection
CVE-2017-7801: Use-after-free with marquee during window resizing
CVE-2017-7802: Use-after-free resizing image elements
CVE-2017-7803: CSP containing 'sandbox' improperly applied
CVE-2017-7807: Domain hijacking through AppCache fallback
CVE-2017-7809: Use-after-free while deleting attached editor DOM node
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Bug introduced since 52.1.0-esr
|
| | |
|
| |
|
|
|
|
|
|
| |
('Error while running startup cache precompilation') at
resource://gre/modules/addons/XPIProviderUtils.js
Previously this error was mitigated by lowering optimization level to
-O1 on s390x but no more with new esr release.
|
| | |
|
| |
|
|
| |
firefox needs libcrmf.a from nss-static
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
xattrs does not make it to the underlying filesystem in fakeroot so we
paxmark outside fakeroot.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7
CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP
CVE-2017-5376: Use-after-free in XSL
CVE-2017-5378: Pointer and frame data leakage of Javascript objects
CVE-2017-5380: Potential use-after-free during DOM manipulations
CVE-2017-5383: Location bar spoofing with unicode characters
CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions
CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer
CVE-2017-5396: Use-after-free with Media Decoder
|
| |
|
|
| |
This reverts commit 6d514467a0bfbb33c9b68424855c624f2068191b.
|
| |
|
|
|
| |
with icu-58 firefox segfaults when typing anything in the search box. we
disable the system icu til we figured out what is going wrong.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Our armhf builder doesn't have enough memory to build it, so we must
disable it for now.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
fixes #5737
|
| | |
|
| | |
|
| |
|
