Please, bump firefox-bin to version 29. Here's working ebuild: http://pastebin.com/4P2i0RAf Reproducible: Always
Please attach unified diffs (diff -u) to bugzilla when you did changes to an ebuild. That would be much more handy for our devs.
I didn't modify ebuild, I took latest ebuild from firefox-bin-28-r1 and renamed it to firefox-bin-29-r1. It works for version 29.
Thank you for the submission; we're going a different way with the mozilla ebuilds and eclasses starting with version 29, however. Version bumps will be in the tree shortly. FYI, if all you need to do is rename the ebuild to a new version, this is called a "trivial bump", and generally you just need to state as such (that you just renamed the ebuild) rather than attaching a file. Thank you for contributing, though; please keep it up!
Source build is in the overlay, I need to double check the deps then we can move it to the tree. you will also find tb-24.5 in the overlay, it will move to tree at same time.
April 29, 2014 MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript MFSA 2014-46 Use-after-free in nsHostResolve MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates MFSA 2014-44 Use-after-free in imgLoader while resizing images MFSA 2014-43 Cross-site scripting (XSS) using history navigations MFSA 2014-42 Privilege escalation through Web Notification API MFSA 2014-41 Out-of-bounds write in Cairo MFSA 2014-40 Firefox for Android addressbar suppression MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video MFSA 2014-38 Buffer overflow when using non-XBL object as XBL MFSA 2014-37 Out of bounds read while decoding JPG images MFSA 2014-36 Web Audio memory corruption issues MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
I don't understand. The bug was about bumping firefox to version 29, why was the title totally changed to security fixes for several packages ??
*** This bug has been marked as a duplicate of bug 509188 ***
*** Bug 509188 has been marked as a duplicate of this bug. ***
509188 is not a duplicate ?? This ticket is about bumping firefox version to the recently released '29' ??
(In reply to Thomas Capricelli from comment #9) > 509188 is not a duplicate ?? This ticket is about bumping firefox version to > the recently released '29' ?? This ticket was filed for version-bumping. That's effectively what security tickets are for, too, they just have more information about things that are wrong with the older versions. This bug *is* the one to track for firefox-29 entering the tree, and you can unsubscribe once that happens if the rest of the notices are too noisy for you.
Ok, but how will people know ? I for example, as a careful bugtracker user, first checked if such a bug existed and then just added myself to cc list. Now that title is changed, people will not understand that hidden behind security stuff there's what they're looking for.
(In reply to Thomas Capricelli from comment #11) > Ok, but how will people know ? This was no problem for me (In reply to Jory A. Pratt from comment #4) > Source build is in the overlay FF & TB from mozilla-overlay builds and working fine on amd64
Everything is in the tree except seamonkey{-bin}-2.26 which has not made its final release. Soon as that happens we will be able to move forward with stabilizing.
+*seamonkey-2.26 (03 May 2014) + + 03 May 2014; Lars Wendler <polynomial-c@gentoo.org> +seamonkey-2.26.ebuild, + +files/pixman-supplement.patch: + Security bump (bug #509050). + +*seamonkey-bin-2.26 (03 May 2014) + + 03 May 2014; Lars Wendler <polynomial-c@gentoo.org> + -seamonkey-bin-2.24.ebuild, +seamonkey-bin-2.26.ebuild: + Security bump (bug #509050). Removed old. +
Arches, please test and mark stable: =www-client/firefox-{24.5,29} Target Keywords: "amd64 hppa ppc ppc64 x86" =mail-client/thunderbird-24.5 Target Keywords: "amd64 ppc ppc64 x86" =www-client/firefox-bin-{24.5,29} =www-client/seamonkey-2.26 =www-client/seamonkey-bin-2.26 =mail-client/thunderbird-bin-24.5 Target Keywords : "amd64 x86" Thank you!
With the Long list of bugs comes a long list of CVE's, and URL's as a reference. CVE-2014-{1492,1518,1519,1520,1522,1523,1524,1525,1526,1527,1528,1529,1530,1531,1532} Seamonkey URL: http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html Thunderbird: https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html Firefox: https://www.mozilla.org/security/known-vulnerabilities/firefox.html https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
Stable for HPPA.
(In reply to Yury German from comment #15) > Arches, please test and mark stable: > > =www-client/firefox-{24.5,29} > Target Keywords: "amd64 hppa ppc ppc64 x86" > > =mail-client/thunderbird-24.5 > > Target Keywords: "amd64 ppc ppc64 x86" > > =www-client/firefox-bin-{24.5,29} > =www-client/seamonkey-2.26 > =www-client/seamonkey-bin-2.26 > =mail-client/thunderbird-bin-24.5 > > Target Keywords : "amd64 x86" > > Thank you! Please be careful with the target keywords. Firefox and Thunderbird are stable on arm.
amd64 stable
x86 stable
I am little bit surprised that you started stabilizing non-esr versions. Is there any special reason for this?
(In reply to Fabian Köster from comment #21) > I am little bit surprised that you started stabilizing non-esr versions. Is > there any special reason for this? Dunno. This was not authorized by mozilla team and thus I have reverted stabilization of firefox-29.
Remaining arches, please test and only mark stable the versions given here: =www-client/firefox-24.5 Target Keywords: "amd64 hppa ppc ppc64 x86" =mail-client/thunderbird-24.5 Target Keywords: "amd64 ppc ppc64 x86" =www-client/firefox-bin-24.5 =www-client/seamonkey{,-bin}-2.26 =mail-client/thunderbird-bin-24.5 Target Keywords : "amd64 x86"
Without adding back amd64 and x86 you won't see much progress here ...
There was just a misunderstanding between all. amd64 and x86 stable.
ppc stable
ppc64 stable
Please ensure you are marking all ebuilds that are required at once so we do not need to add archs back please. Thunderbird-24.5.0 has not been marked stable when it is required for security reasons.
CVE-2014-1532 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1532): Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution. CVE-2014-1531 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1531): Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation. CVE-2014-1530 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1530): The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation. CVE-2014-1529 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1529): The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted. CVE-2014-1526 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1526): The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects. CVE-2014-1525 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1525): The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document. CVE-2014-1524 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1524): The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object. CVE-2014-1523 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1523): Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. CVE-2014-1522 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1522): The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content. CVE-2014-1519 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1519): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. CVE-2014-1518 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1518): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Could I have a full list with real/existent versions in the tree?
Thunderbird is now stable on both x86/amd64.
CVE-2014-1492 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1492): The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
Merging multiple bugs for www-client/firefox{,-bin}, mail-client/thunderbird{,-bin}, www-client/seamonkey{,-bin) under the latest bug 531408 which is undergoing stabilization with each bug either needing cleanup or some stabilization.
Setting blocker to Bug 541506, stabilization of version: 31.5.0 Arm stabilization was not completed as part of this build.
Added to an existing GLSA Request.
This issue was resolved and addressed in GLSA 201504-01 at https://security.gentoo.org/glsa/201504-01 by GLSA coordinator Kristian Fiskerstrand (K_F).