due to https://www.mozilla.org/en-US/security/advisories/mfsa2018-05/ --- Mozilla developer Johann Hofmann reported that unsanitized output in the browser UI can lead to arbitrary code execution. --- states this is fixed in 58.0.1
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e06f388a5c544c4a2ec148a57e4603ff926d9bff commit e06f388a5c544c4a2ec148a57e4603ff926d9bff Author: Ian Stakenvicius <axs@gentoo.org> AuthorDate: 2018-01-30 03:55:02 +0000 Commit: Ian Stakenvicius <axs@gentoo.org> CommitDate: 2018-01-30 03:57:23 +0000 www-client/firefox: bump to 58.0.1 for security bug 646080 Also surpressed notify-send to hopefully prevent OOM sandbox violations, enabled verbose build output, moved rust dependency atoms to mozconfig.eclass, and expanded the rust atoms to include rust[extended] per Arfrever's suggestions in bug 646078 Bug: http://bugs.gentoo.org/646080 Bug: http://bugs.gentoo.org/646078 Package-Manager: Portage-2.3.13, Repoman-2.3.3 eclass/mozconfig-v6.58.eclass | 13 +- www-client/firefox/Manifest | 184 ++++++++++----------- .../{firefox-58.0.ebuild => firefox-58.0.1.ebuild} | 12 +- 3 files changed, 104 insertions(+), 105 deletions(-)}
