Summary: | <www-client/firefox{,-bin}-60.1.0: multiple vulnerabilities (MFSA-2018-{15,16,17}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Vlad K. <vk-gentoo-bugs> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexander, iskatu, mozilla, viklevin2, whissi |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | https://www.mozilla.org/en-US/security/advisories/mfsa2018-16/ | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
www-client/firefox-60.1.0
www-client/firefox-52.9.0
dev-libs/nspr-4.19
dev-libs/nss-3.37.3
|
Runtime testing required: | --- |
Description
Vlad K.
2018-06-27 20:21:22 UTC
Vulnerabilities specific to 52 ESR (Fixed in 52.9) ================================================== https://www.mozilla.org/en-US/security/advisories/mfsa2018-17/ * CVE-2018-12359 * CVE-2018-12360 * CVE-2018-12362 * CVE-2018-12363 * CVE-2018-12364 * CVE-2018-12365 * CVE-2018-12366 * CVE-2018-12368 * CVE-2018-5156 * CVE-2018-5188 firefox-60.1.0 can be marked stable, Whissi are you okay with -bin same version being marked stable? (In reply to Jory A. Pratt from comment #2) > firefox-60.1.0 can be marked stable, Whissi are you okay with -bin same > version being marked stable? Yes, -bin is already done. firefox-60.1 is failing to apply this patch: /var/tmp/portage/www-client/firefox-60.1.0/work/firefox/2005_ffmpeg4.patch Is there a bug tracking this? (In reply to devsk from comment #4) > firefox-60.1 is failing to apply this patch: > > /var/tmp/portage/www-client/firefox-60.1.0/work/firefox/2005_ffmpeg4.patch > > Is there a bug tracking this? Your tree is out of date, I have already addressed the issue. Superseded by bug 665496. Added to an existing GLSA request. This issue was resolved and addressed in GLSA 201810-01 at https://security.gentoo.org/glsa/201810-01 by GLSA coordinator Thomas Deutschmann (whissi). |