Bug 39497 - обновление до версии 78.6.0
Summary: обновление до версии 78.6.0
Status: CLOSED FIXED
Alias: None
Product: Branch p9
Classification: Distributions
Component: firefox-esr (show other bugs)
Version: не указана
Hardware: x86_64 Linux
: P5 normal
Assignee: qa-team@altlinux.org
QA Contact: qa-p9@altlinux.org
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-01-02 12:09 MSK by saber
Modified: 2021-01-26 19:10 MSK (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description saber 2021-01-02 12:09:01 MSK 

    


    


      



        
          Comment 1
        

        
          Repository Robot

        

        
        

        
          2021-01-26 19:10:35 MSK
        

      






firefox-esr-78.6.1-alt0.1.p9 -> p9:

 Thu Jan 07 2021 Andrey Cherepanov <cas@altlinux> 78.6.1-alt0.1.p9
 - Backport new version to p9 branch (ALT #39497).
 Wed Jan 06 2021 Andrey Cherepanov <cas@altlinux> 78.6.1-alt1
 - New version (78.6.1).
 - Security fixes:
   + CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
 Mon Dec 14 2020 Andrey Cherepanov <cas@altlinux> 78.6.0-alt1
 - New version (78.6.0).
 - Fixes:
   + CVE-2020-16042 Operations on a BigInt could have caused uninitialized memory to be exposed
   + CVE-2020-26971 Heap buffer overflow in WebGL
   + CVE-2020-26973 CSS Sanitizer performed incorrect sanitization
   + CVE-2020-26974 Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
   + CVE-2020-26978 Internal network hosts could have been probed by a malicious webpage
   + CVE-2020-35111 The proxy.onRequest API did not catch view-source URLs
   + CVE-2020-35112 Opening an extension-less download may have inadvertently launched an executable instead
   + CVE-2020-35113 Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
 Thu Dec 03 2020 Andrey Cherepanov <cas@altlinux> 78.5.0-alt2
 - Fix build against rust-1.48.