Commit 51afc274 authored by Sergei Lukin's avatar Sergei Lukin Committed by Natanael Copa

community/firefox-esr: security upgrade to 45.7.0 - fixes #6746

CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7
CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP
CVE-2017-5376: Use-after-free in XSL
CVE-2017-5378: Pointer and frame data leakage of Javascript objects
CVE-2017-5380: Potential use-after-free during DOM manipulations
CVE-2017-5383: Location bar spoofing with unicode characters
CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions
CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer
CVE-2017-5396: Use-after-free with Media Decoder
parent 48e58460
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: William Pitcock <nenolod@dereferenced.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=firefox-esr
pkgver=45.6.0
pkgver=45.7.0
_pkgver=$pkgver
_xulver=$pkgver
pkgrel=3
pkgrel=0
pkgdesc="Firefox web browser"
url="https://www.mozilla.org/en-US/firefox/organizations/faq/"
arch="all"
......@@ -170,7 +171,7 @@ dev() {
default_dev
}
md5sums="ee3cf2401a5716cebacaae5fb70d133f firefox-45.6.0esr.source.tar.xz
md5sums="15b8cd3c400b2c754a8350f311eda986 firefox-45.7.0esr.source.tar.xz
1f4c60e662ed93784431bd06c5141719 mozconfig
99b27aeac58923f318d083e5e71879ba vendor.js
6ab77b80c8c7d6fd07ab53c54561f4df 0002-Use-C99-math-isfinite.patch
......@@ -191,7 +192,7 @@ b8b2a3cdb38f402e4eb4885908233811 libavutil.patch
c35d743dd706093ff5aa7dbb7e6168bb gcc6-fix-compilation.patch
ba96924ece1d77453e462429037a2ce5 firefox.desktop
6f38a5899034b7786cb1f75ad42032b8 firefox-safe.desktop"
sha256sums="c1e7ddf6efb0f54c8071131b6395f4942a422c2ab70f2e9a81b588373d6fbf5b firefox-45.6.0esr.source.tar.xz
sha256sums="4b5610691d32b77dd0dec25902f0d19e530c184cedc11babb530621cbdd33143 firefox-45.7.0esr.source.tar.xz
23c2b4535ce83c92ba978e15ce328c9f140def155d12523c00df30baf41b98dc mozconfig
afecb8c17a2bedafe600dd572d24eff24e540cda02f675705d11168040379ce6 vendor.js
080a55182b865471a86fa4b70a66ed9495f1e536f7fdc4060cb8c675b4749c6e 0002-Use-C99-math-isfinite.patch
......@@ -212,7 +213,7 @@ a1ba79ec0c50c19edcfb24bb2686a718a77b02035e412989b9208b9b818abe14 allow-utf8-fal
5ae2edf65b65a29c8d266343230c0ba9268f864697fc1f984d79e980a365a8fc gcc6-fix-compilation.patch
b571c4a49884a3c98806246c9cc3e60c73d5a8f4aeb7f96217db0be1d6210eda firefox.desktop
4b6de45753856a890f4482055666e77f9b01bdfb7e0df08bafaa3a4d9937eed3 firefox-safe.desktop"
sha512sums="b96c71aeed8a1185a085512f33d454a1735237cd9ddf37c8caa9cc91892eafab0615fc0ca6035f282ca8101489fa84c0de1087d1963c05b64df32b0c86446610 firefox-45.6.0esr.source.tar.xz
sha512sums="6424101b6958191ce654d0619950dfbf98d4aa6bdd979306a2df8d6d30d3fecf1ab44638061a2b4fb1af85fe972f5ff49400e8eeda30cdcb9087c4b110b97a7d firefox-45.7.0esr.source.tar.xz
e14b4a646230f7a752ef864b0e6a074fdac74d6c4abde2c31656eb10ac6f002a5c664d257bf3f4bd22544f10103e38d5fae49f84fcaae402b81940e72bcfe0e5 mozconfig
cc10dba32d9c7faf1d99b8fdebc71bf0200ad10b976105edb45df696bf64a668b2b7aa8c3892a8056eb71fb071b0e0ae51c3ce2fb75acfb7e7035104c0e4fce3 vendor.js
7e123144bc2b1efed149dfb41b255c447d43ea93a63ebe114d01945e6a6d69edc2f2a3c36980a93279106c1842355851b8b6c1d96679ee6be7b9b30513e0b1a8 0002-Use-C99-math-isfinite.patch
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment