Request 605931: Submit MozillaFirefox - openSUSE Build Service

This request supersedes: request 605381 (Show diff)

Overview

Request 605931 accepted

- update to Firefox 60.0esr
* Added a policy engine that allows customized Firefox deployments
in enterprise environments, using Windows Group Policy or a
cross-platform JSON file
* Applied Quantum CSS to render browser UI
* Added support for Web Authentication, allowing the use of USB
tokens for authentication to web sites
* Locale added: Occitan (oc)
MFSA 2018-11 (bsc#1092548)
* CVE-2018-5154 (bmo#1443092)
Use-after-free with SVG animations and clip paths
* CVE-2018-5155 (bmo#1448774)
Use-after-free with SVG animations and text paths
* CVE-2018-5157 (bmo#1449898)
Same-origin bypass of PDF Viewer to view protected PDF files
* CVE-2018-5158 (bmo#1452075)
Malicious PDF can inject JavaScript into PDF Viewer
* CVE-2018-5159 (bmo#1441941)
Integer overflow and out-of-bounds write in Skia
* CVE-2018-5160 (bmo#1436117)
Uninitialized memory use by WebRTC encoder
* CVE-2018-5152 (bmo#1415644, bmo#1427289)
WebExtensions information leak through webRequest API
* CVE-2018-5153 (bmo#1436809)
Out-of-bounds read in mixed content websocket messages
* CVE-2018-5163 (bmo#1426353)
Replacing cached data in JavaScript Start-up Bytecode Cache
* CVE-2018-5164 (bmo#1416045)
CSP not applied to all multipart content sent with
multipart/x-mixed-replace

Created by lnussel_factory over 6 years ago
In state accepted
Supersedes 605381

Submit MozillaFirefox

Comments for request 605931 2
Comments for request 605381 1

Leap Reviewbot (leaper) - over 6 years ago

reviewer

openSUSE:Leap:15.0:SLE-workarounds/MozillaFirefox@3 -> openSUSE:Leap:15.0/MozillaFirefox

expected origin is 'SUSE:SLE-15:GA' (changed)

found package in openSUSE:Leap:15.0:SLE-workarounds

sr#605919 to openSUSE:Factory has different sources

Comment (at)leaper override accept to force accept.

the submitted sources are NOT in Factory

Ludwig Nussel (lnussel_factory) - over 6 years ago

author source maintainer target maintainer

@leaper override accept

Login required, please login in order to comment

Leap Reviewbot (leaper) - over 6 years ago

reviewer

openSUSE:Leap:15.0:SLE-workarounds/MozillaFirefox@7abefe4164a367b4d6dcc3e76637e198 -> openSUSE:Leap:15.0/MozillaFirefox

expected origin is 'SUSE:SLE-15:GA' (changed)

found package in openSUSE:Leap:15.0:SLE-workarounds

sr#605347 waiting for review by legal-auto

submission is waiting for a Factory request to complete

Login required, please login in order to comment

Request History

lnussel_factory created request over 6 years ago

- update to Firefox 60.0esr
* Added a policy engine that allows customized Firefox deployments
in enterprise environments, using Windows Group Policy or a
cross-platform JSON file
* Applied Quantum CSS to render browser UI
* Added support for Web Authentication, allowing the use of USB
tokens for authentication to web sites
* Locale added: Occitan (oc)
MFSA 2018-11 (bsc#1092548)
* CVE-2018-5154 (bmo#1443092)
Use-after-free with SVG animations and clip paths
* CVE-2018-5155 (bmo#1448774)
Use-after-free with SVG animations and text paths
* CVE-2018-5157 (bmo#1449898)
Same-origin bypass of PDF Viewer to view protected PDF files
* CVE-2018-5158 (bmo#1452075)
Malicious PDF can inject JavaScript into PDF Viewer
* CVE-2018-5159 (bmo#1441941)
Integer overflow and out-of-bounds write in Skia
* CVE-2018-5160 (bmo#1436117)
Uninitialized memory use by WebRTC encoder
* CVE-2018-5152 (bmo#1415644, bmo#1427289)
WebExtensions information leak through webRequest API
* CVE-2018-5153 (bmo#1436809)
Out-of-bounds read in mixed content websocket messages
* CVE-2018-5163 (bmo#1426353)
Replacing cached data in JavaScript Start-up Bytecode Cache
* CVE-2018-5164 (bmo#1416045)
CSP not applied to all multipart content sent with
multipart/x-mixed-replace

lnussel_factory added opensuse-review-team as a reviewer over 6 years ago

please review

lnussel_factory added openSUSE:Leap:15.0:Staging:E as a reviewer over 6 years ago

Being evaluated by staging project "openSUSE:Leap:15.0:Staging:E"

lnussel_factory accepted review over 6 years ago

Picked openSUSE:Leap:15.0:Staging:E

lnussel_factory changed priority to moderate => important over 6 years ago

raising priority for openSUSE:Leap:15.0:Staging:E

factory-auto added repo-checker as a reviewer over 6 years ago

Please review build success

factory-auto accepted review over 6 years ago

Check script succeeded

leaper added MozillaFirefox as a reviewer over 6 years ago

Submission for MozillaFirefox by someone who is not maintainer in the devel project (mozilla:Factory). Please review

leaper added leap-reviewers as a reviewer over 6 years ago

lnussel_factory added legal-auto as a reviewer over 6 years ago

please review

lnussel_factory changed priority to important => important over 6 years ago

wrosenauer accepted review over 6 years ago

repo-checker accepted review over 6 years ago

cycle and install check passed

mrdocs accepted review over 6 years ago

OK

lnussel accepted review over 6 years ago

licensedigger accepted review over 6 years ago

ok

leaper accepted review over 6 years ago

overridden by lnussel_factory

lnussel_factory accepted review over 6 years ago

ready to accept

lnussel_factory approved review over 6 years ago

ready to accept

lnussel_factory accepted request over 6 years ago

Accept to openSUSE:Leap:15.0

openSUSE Build Service is sponsored by