Bug 39497

Summary: обновление до версии 78.6.0
Product: Branch p9 Reporter: saber <79625490833>
Component: firefox-esrAssignee: qa-team <qa-team>
Status: CLOSED FIXED QA Contact: qa-p9 <qa-p9>
Severity: normal    
Priority: P5 CC: 79625490833, aen, sbolshakov
Version: не указана   
Hardware: x86_64   
OS: Linux   

Description saber 2021-01-02 12:09:01 MSK 

    


    


      



        
          Comment 1
        

        
          Repository Robot

        

        
        

        
          2021-01-26 19:10:35 MSK
        

      






firefox-esr-78.6.1-alt0.1.p9 -> p9:

 Thu Jan 07 2021 Andrey Cherepanov <cas@altlinux> 78.6.1-alt0.1.p9
 - Backport new version to p9 branch (ALT #39497).
 Wed Jan 06 2021 Andrey Cherepanov <cas@altlinux> 78.6.1-alt1
 - New version (78.6.1).
 - Security fixes:
   + CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
 Mon Dec 14 2020 Andrey Cherepanov <cas@altlinux> 78.6.0-alt1
 - New version (78.6.0).
 - Fixes:
   + CVE-2020-16042 Operations on a BigInt could have caused uninitialized memory to be exposed
   + CVE-2020-26971 Heap buffer overflow in WebGL
   + CVE-2020-26973 CSS Sanitizer performed incorrect sanitization
   + CVE-2020-26974 Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
   + CVE-2020-26978 Internal network hosts could have been probed by a malicious webpage
   + CVE-2020-35111 The proxy.onRequest API did not catch view-source URLs
   + CVE-2020-35112 Opening an extension-less download may have inadvertently launched an executable instead
   + CVE-2020-35113 Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
 Thu Dec 03 2020 Andrey Cherepanov <cas@altlinux> 78.5.0-alt2
 - Fix build against rust-1.48.