Summary: | <www-client/firefox{,-bin}-{52.4.0,56.0}: multiple vulnerabilities (MFSA-2017-22) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | kensington, mozilla, slyfox |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.mozilla.org/en-US/security/advisories/mfsa2017-22/ | ||
Whiteboard: | A2 [glsa+ cve] | ||
Package list: |
=www-client/firefox-52.4.0
|
Runtime testing required: | --- |
Bug Depends on: | 632462 | ||
Bug Blocks: |
Description
Thomas Deutschmann (RETIRED)
2017-09-29 16:27:33 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d073955b8c98453225918518c04777e5c1f5d959 commit d073955b8c98453225918518c04777e5c1f5d959 Author: Ian Stakenvicius <axs@gentoo.org> AuthorDate: 2017-09-29 19:30:30 +0000 Commit: Ian Stakenvicius <axs@gentoo.org> CommitDate: 2017-09-29 19:49:04 +0000 www-client/firefox: stabilize 52.4 for amd64 by maintainer ..for security bug 632400 Bug: http://bugs.gentoo.org/632400 Package-Manager: Portage-2.3.8, Repoman-2.3.1 www-client/firefox/firefox-52.4.0.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)} www-client/firefox-bin-{52.4.0,56.0} are in the gentoo repo, and firefox-bin-52.4.0 has been stabilized by maintainer. www-client/firefox-{52.4.0,56.0} are also in the gentoo repo. 52.4 has been stabilized for amd64 by maintainer. Arches, please stabilize www-client/firefox-52.4.0 for Target KEYWORDS="amd64 ppc ppc64 x86" I reverted amd64 stabilisation due to bug #632462 - failure during src_prepare. (In reply to Michael Palimaka (kensington) from comment #3) > I reverted amd64 stabilisation due to bug #632462 - failure during > src_prepare. Thanks. That bug's been addressed, but instead of re-stabilizing myself, amd64 arch team could you take care of it please? x86 stable Adding to an existing GLSA Request. amd64 tested, ok. Gentoo Security Padawan ChrisADR amd64 stable ppc64 stable @ppc, ping ppc Builds and runs ok with following USE-flags: [ebuild R ] www-client/firefox-52.4.0 USE="custom-optimization dbus gmp-autoupdate jemalloc pulseaudio startup-notification system-harfbuzz system-icu system-jpeg system-libevent system-libvpx system-sqlite {test} -bindist -custom-cflags -debug -eme-free -gtk2 -hardened -hwaccel -jack (-neon) (-pgo) (-rust) (-selinux) (-system-cairo) -wifi" Superseded by bug 639854. Oh no, we can proceed thanks ernsteiswuerfel. @ Maintainer(s): Please cleanup and drop =www-client/firefox-52.4.0! This issue was resolved and addressed in GLSA 201802-03 at https://security.gentoo.org/glsa/201802-03 by GLSA coordinator Thomas Deutschmann (whissi). |