From a8f61ee835d9aa73954e0b4069ced00e05a56ca3 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Fri, 11 Aug 2017 15:16:03 +0000 Subject: community/firefox-esr: security upgrade to 52.3.0 fixes #7673 CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements CVE-2017-7779: Memory safety bugs CVE-2017-7784: Use-after-free with image observers CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM CVE-2017-7786: Buffer overflow while painting non-displayable SVG CVE-2017-7787: Same-origin policy bypass with iframes through page reloads CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID CVE-2017-7798: XUL injection in the style editor in devtools CVE-2017-7800: Use-after-free in WebSockets during disconnection CVE-2017-7801: Use-after-free with marquee during window resizing CVE-2017-7802: Use-after-free resizing image elements CVE-2017-7803: CSP containing 'sandbox' improperly applied CVE-2017-7807: Domain hijacking through AppCache fallback CVE-2017-7809: Use-after-free while deleting attached editor DOM node --- community/firefox-esr/APKBUILD | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/community/firefox-esr/APKBUILD b/community/firefox-esr/APKBUILD index 83f2ba0c42..5678f3457f 100644 --- a/community/firefox-esr/APKBUILD +++ b/community/firefox-esr/APKBUILD @@ -1,10 +1,10 @@ # Contributor: William Pitcock # Maintainer: Natanael Copa pkgname=firefox-esr -pkgver=52.2.0 +pkgver=52.3.0 _pkgver=$pkgver _xulver=$pkgver -pkgrel=1 +pkgrel=0 pkgdesc="Firefox web browser - Extended Support Release" url="https://www.mozilla.org/en-US/firefox/organizations/faq/" arch="all !aarch64" @@ -229,7 +229,7 @@ dev() { default_dev } -sha512sums="62a2bd47c9f4b325199b8a0b155a7a412ffbd493e8ca6ff246ade5b10aacea22bc806bc646824059f7c97b71d27e167025c600293c781fbad3fdefb8bbc8d18e firefox-52.2.0esr.source.tar.xz +sha512sums="36da8f14b50334e36fca06e09f15583101cadd10e510268255587ea9b09b1fea918da034d6f1d439ab8c34612f6cebc409a0b8d812dddb3f997afebe64d09fe9 firefox-52.3.0esr.source.tar.xz 0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127 stab.h 7e123144bc2b1efed149dfb41b255c447d43ea93a63ebe114d01945e6a6d69edc2f2a3c36980a93279106c1842355851b8b6c1d96679ee6be7b9b30513e0b1a8 0002-Use-C99-math-isfinite.patch 09bc32cf9ee81b9cc6bb58ddbc66e6cc5c344badff8de3435cde5848e5a451e0172153231db85c2385ff05b5d9c20760cb18e4138dfc99060a9e960de2befbd5 fix-fortify-inline.patch -- cgit v1.2.3