firefox-esr-78.6.1-alt0.1.p9 -> p9:
Thu Jan 07 2021 Andrey Cherepanov <cas@altlinux> 78.6.1-alt0.1.p9
- Backport new version to p9 branch (ALT #39497).
Wed Jan 06 2021 Andrey Cherepanov <cas@altlinux> 78.6.1-alt1
- New version (78.6.1).
- Security fixes:
+ CVE-2020-16044 Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
Mon Dec 14 2020 Andrey Cherepanov <cas@altlinux> 78.6.0-alt1
- New version (78.6.0).
+ CVE-2020-16042 Operations on a BigInt could have caused uninitialized memory to be exposed
+ CVE-2020-26971 Heap buffer overflow in WebGL
+ CVE-2020-26973 CSS Sanitizer performed incorrect sanitization
+ CVE-2020-26974 Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free
+ CVE-2020-26978 Internal network hosts could have been probed by a malicious webpage
+ CVE-2020-35111 The proxy.onRequest API did not catch view-source URLs
+ CVE-2020-35112 Opening an extension-less download may have inadvertently launched an executable instead
+ CVE-2020-35113 Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
Thu Dec 03 2020 Andrey Cherepanov <cas@altlinux> 78.5.0-alt2
- Fix build against rust-1.48.