Summary: | <www-client/firefox{,-bin}-{45.3.0,48.0}, <mail-client/thunderbird{,-bin}-45.3.0: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Nikolay Edigaryev <edigaryev> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ab4bd, carlphilippreh, gentoo, mozilla, mstomich |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 594616 | ||
Bug Blocks: |
Description
Nikolay Edigaryev
2016-08-02 19:40:06 UTC
Ebuilds for both versions are in the gentoo repo. I know I'm getting a little ahead of the security team, but: ATs, please stabilize www-client/firefox-45.3.0 for Target KEYWORDS="amd64 ppc ppc64 x86" Thanks! amd64 stable Stable for PPC64. Since this bug hasn't been processed by security yet, I'd like to usurp it to add thunderbird-45.3.0 (with the same CVE list). Arches, please also stabilize mail-client/thunderbird-45.3.0 for target KEYWORDS="ppc ppc64 x86" (I've already done amd64) (In reply to Agostino Sarubbo from comment #2) > amd64 stable I can't compile thunderbird 45.3.0. It gives me the following error: /usr/lib/gcc/x86_64-pc-linux-gnu/4.9.3/../../../../x86_64-pc-linux-gnu/bin/ld: ../../xpcom/components/nsComponentManager.o: relocation R_X86_64_PC32 against protected symbol `end_kPStaticModules_NSModule' can not be used when making a shared object /usr/lib/gcc/x86_64-pc-linux-gnu/4.9.3/../../../../x86_64-pc-linux-gnu/bin/ld: final link failed: Bad value collect2: error: ld returned 1 exit status /var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/mozilla/config/rules.mk:824: recipe for target 'libxul.so' failed make[4]: *** [libxul.so] Error 1 make[4]: Leaving directory '/var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/tbird/toolkit/library' /var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/mozilla/config/recurse.mk:71: recipe for target 'toolkit/library/target' failed make[3]: *** [toolkit/library/target] Error 2 make[3]: Leaving directory '/var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/tbird' /var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/mozilla/config/recurse.mk:32: recipe for target 'compile' failed make[2]: *** [compile] Error 2 make[2]: Leaving directory '/var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/tbird' /var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/mozilla/config/rules.mk:547: recipe for target 'default' failed make[1]: *** [default] Error 2 make[1]: Leaving directory '/var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/tbird' /var/tmp/portage/mail-client/thunderbird-45.3.0/work/thunderbird-45.3.0/client.mk:404: recipe for target 'build' failed make: *** [build] Error 2 Compilation environment: CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=native" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /etc/stunnel/stunnel.conf /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified. txt /usr/share/maven-bin-3.0/conf /usr/share/maven-bin-3.3/conf /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/ap ache2-php5.6/ext-active/ /etc/php/cgi-php5.6/ext-active/ /etc/php/cli-php5.6/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/term info /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -pipe -march=native" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--quiet --jobs=20 --load-average=13.00 --keep-going=y --with-bdeps=y --buildpkg-exclude 'virtual/* sys-kernel/*- sources'" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs buildpkg ccache collision-protect compressdebug config-protect-if-modified distlocks ebuild-lock s fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmer ge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" LDFLAGS="-Wl,-O1 -Wl,--as-needed" Active use flags: crypt dbus ffmpeg gstreamer jemalloc3 jit ldap lightning minimal pulseaudio Any help would be great, since this is also a security update to thunderbird. Thanks Any chance of getting www-client/firefox-45.3.0 stable for x86. Now 45.2.0 has been removed stable falls back to 38.8 for x86. Further Changes in bug 594616 CVE's will be modified for the correct version. x86 stable ppc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. This issue was resolved and addressed in GLSA 201701-15 at https://security.gentoo.org/glsa/201701-15 by GLSA coordinator Thomas Deutschmann (whissi). |