Request 445658: Submit MozillaFirefox - openSUSE Build Service

Overview

Request 445658 accepted

- update to Firefox 50.1.0 (boo#1015422)
* MFSA 2016-94
CVE-2016-9894: Buffer overflow in SkiaGL (bmo#1306628)
CVE-2016-9899: Use-after-free while manipulating DOM events and
audio elements (bmo#1317409)
CVE-2016-9895: CSP bypass using marquee tag (bmo#1312272)
CVE-2016-9896: Use-after-free with WebVR (bmo#1315543)
CVE-2016-9897: Memory corruption in libGLES (bmo#1301381)
CVE-2016-9898: Use-after-free in Editor while manipulating
DOM subtrees (bmo#1314442)
CVE-2016-9900: Restricted external resources can be loaded by
SVG images through data URLs (bmo#1319122)
CVE-2016-9904: Cross-origin information leak in shared atoms
(bmo#1317936)
CVE-2016-9901: Data from Pocket server improperly sanitized
before execution (bmo#1320057)
CVE-2016-9902: Pocket extension does not validate the origin
of events (bmo#1320039)
CVE-2016-9903: XSS injection vulnerability in add-ons SDK
(bmo#1315435)
CVE-2016-9080: Memory safety bugs fixed in Firefox 50.1
CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and
Firefox ESR 45.6

- added patch mozilla-aarch64-startup-crash.patch (bsc#1011922)

Created by wrosenauer almost 8 years ago
In state accepted

Submit MozillaFirefox

Comments for request 445658 0

Login required, please login in order to comment

Request History

wrosenauer created request almost 8 years ago

- update to Firefox 50.1.0 (boo#1015422)
* MFSA 2016-94
CVE-2016-9894: Buffer overflow in SkiaGL (bmo#1306628)
CVE-2016-9899: Use-after-free while manipulating DOM events and
audio elements (bmo#1317409)
CVE-2016-9895: CSP bypass using marquee tag (bmo#1312272)
CVE-2016-9896: Use-after-free with WebVR (bmo#1315543)
CVE-2016-9897: Memory corruption in libGLES (bmo#1301381)
CVE-2016-9898: Use-after-free in Editor while manipulating
DOM subtrees (bmo#1314442)
CVE-2016-9900: Restricted external resources can be loaded by
SVG images through data URLs (bmo#1319122)
CVE-2016-9904: Cross-origin information leak in shared atoms
(bmo#1317936)
CVE-2016-9901: Data from Pocket server improperly sanitized
before execution (bmo#1320057)
CVE-2016-9902: Pocket extension does not validate the origin
of events (bmo#1320039)
CVE-2016-9903: XSS injection vulnerability in add-ons SDK
(bmo#1315435)
CVE-2016-9080: Memory safety bugs fixed in Firefox 50.1
CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and
Firefox ESR 45.6

- added patch mozilla-aarch64-startup-crash.patch (bsc#1011922)

factory-auto added opensuse-review-team as a reviewer almost 8 years ago

Please review sources

factory-auto added factory-repo-checker as a reviewer almost 8 years ago

Please review build success

factory-auto accepted review almost 8 years ago

Check script succeeded

licensedigger accepted review almost 8 years ago

AndreasStieger accepted review almost 8 years ago

hg source matches http://ftp.mozilla.org/pub/firefox/releases/50.1.0/source/firefox-50.1.0.source.tar.xz except for expected changes

factory-repo-checker reopened review almost 8 years ago

MozillaFirefox is still building for repository openSUSE_Factory

factory-repo-checker accepted review almost 8 years ago

Builds for repo mozilla:Factory/openSUSE_Factory

maxlin_factory set openSUSE:Factory:Staging:J as a staging project almost 8 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:J"

maxlin_factory accepted review almost 8 years ago

Picked openSUSE:Factory:Staging:J

dimstar_suse accepted review almost 8 years ago

ready to accept

dimstar_suse approved review almost 8 years ago

ready to accept

dimstar_suse accepted request almost 8 years ago

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by