Bug 52160 - firefox-esr: Multiple issues (4.4)
firefox-esr: Multiple issues (4.4)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.4
All Linux
: P3 normal (vote)
: UCS 4.4-6-errata
Assigned To: Erik Damrose
Felix Botner
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-09-29 17:12 CEST by Quality Assurance
Modified: 2020-10-07 14:32 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 7.5 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2020-09-29 17:12:39 CEST
New Debian firefox-esr 78.3.0esr-1~deb9u1 fixes:
This update addresses the following issues:
* Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3  (CVE-2020-15673)
* XSS when pasting attacker-controlled data into a contenteditable element  (CVE-2020-15676)
* Download origin spoofing via redirect (CVE-2020-15677)
* When recursing through layers while scrolling, an iterator may have become  invalid, resulting in a potential use-after-free scenario (CVE-2020-15678)
Comment 1 Quality Assurance univentionstaff 2020-09-29 19:00:37 CEST
--- mirror/ftp/4.4/unmaintained/4.4-6/source/firefox-esr_68.12.0esr-1~deb9u1.dsc
+++ apt/ucs_4.4-0-errata4.4-6/source/firefox-esr_78.3.0esr-1~deb9u1.dsc
@@ -1,113 +1,293 @@
-68.12.0esr-1~deb9u1 [Thu, 27 Aug 2020 09:46:39 +0200] Emilio Pozuelo Monfort <pochu@debian.org>:
-
-  * New upstream release.
-  * Fixes for mfsa2020-37, also known as CVE-2020-15664 and CVE-2020-15669.
-
-68.11.0esr-1~deb9u1 [Wed, 29 Jul 2020 07:23:16 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release
-  * Fixes for mfsa2020-31, also known as:
-    CVE-2020-15652, CVE-2020-6514, CVE-2020-6463, CVE-2020-15659.
-
-68.10.0esr-1~deb9u1 [Wed, 01 Jul 2020 09:08:58 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release
-  * Fixes for mfsa2020-25, also known as:
-    CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420,
-    CVE-2020-12421.
-
-68.9.0esr-1~deb9u1 [Wed, 03 Jun 2020 06:11:28 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release
-  * Fixes for mfsa2020-21, also known as:
-    CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410.
-
-  * debian/rules: Force using old PKCS11 API when building against newer NSS
-    releases. Closes: #961762.
-  * debian/control*: Bump nss build dependencies.
-
-68.8.0esr-1~deb9u1 [Wed, 06 May 2020 05:29:30 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release
-  * Fixes for mfsa2020-17, also known as:
-    CVE-2020-12387, CVE-2020-6831, CVE-2020-12392, CVE-2020-12395.
-
-68.7.0esr-1~deb9u1 [Wed, 08 Apr 2020 07:54:16 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release
-  * Fixes for mfsa2020-13, also known as:
-    CVE-2020-6821, CVE-2020-6822, CVE-2020-6825.
-
-68.6.1esr-1~deb9u1 [Sat, 04 Apr 2020 06:41:17 +0900] Mike Hommey <glandium@debian.org>:
+78.3.0esr-1~deb9u1 [Wed, 23 Sep 2020 11:03:28 +0200] Emilio Pozuelo Monfort <pochu@debian.org>:
+
+  * Non-maintainer upload.
+  * Backport to stretch.
+  * debian/l10n/gen: open iso-codes files as unicode.
+  * Build with LLVM 7, 4.0 doesn't support -std=gnu++17.
+  * Build with GCC 7 from gcc-mozilla.
+
+78.3.0esr-1 [Wed, 23 Sep 2020 07:25:27 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2020-43, also known as:
+    CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673.
+
+  * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp: Add
+    CodeGenerator::visitWasmRegisterResult function. bz#1649655.
+  * js/src/jit/none/MacroAssembler-none.h: Bump CodeAlignment to 8.
+    bz#1666646.
+
+78.2.0esr-1 [Thu, 03 Sep 2020 09:30:52 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2020-32 and mfsa2020-38, also known as:
+    CVE-2020-15652, CVE-2020-6514, CVE-2020-15655, CVE-2020-15653,
+    CVE-2020-6463, CVE-2020-15656, CVE-2020-15658, CVE-2020-15654,
+    CVE-2020-15659, CVE-2020-15664, CVE-2020-15670.
+
+78.0.2-1 [Fri, 10 Jul 2020 09:37:04 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fix for mfsa2020-28.
+
+78.0.1-1 [Fri, 03 Jul 2020 17:07:38 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+
+  * debian/rules:
+    - Replace --disable-ion with --disable-jit.
+    - Don't generated the ICU data file for big-endian manually.
+
+  * js/src/jit/mips-shared/MacroAssembler-mips-shared-inl.h,
+    js/src/jit/mips64/MacroAssembler-mips64-inl.h: Add branchTestSymbol
+    and fallibleUnboxPtr. bz#1642265.
+  * config/external/icu/data/*icudata*, config/external/icu/data/moz.build,
+    js/moz.configure: Unify the includion of the ICU data file. bz#1650299.
+  * config/external/icu/common/moz.build,
+    config/external/icu/common/sources.mozbuild,
+    config/external/icu/data/convert_icudata.py,
+    config/external/icu/data/moz.build,
+    config/external/icu/defs.mozbuild,
+    config/external/icu/i18n/moz.build,
+    config/external/icu/i18n/sources.mozbuild,
+    config/external/icu/icupkg/moz.build,
+    config/external/icu/icupkg/sources.mozbuild,
+    config/external/icu/moz.build,
+    config/external/icu/toolutil/moz.build,
+    config/external/icu/toolutil/sources.mozbuild,
+    config/recurse.mk,
+    intl/icu_sources_data.py: Automatically convert the little-endian ICU data
+    file for big-endian builds.
+
+78.0-1 [Wed, 01 Jul 2020 10:14:06 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release
+  * Fixes for mfsa2020-24, also known as:
+    CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418,
+    CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12422,
+    CVE-2020-12424, CVE-2020-12425, CVE-2020-12426.
+
+  * debian/control*: Bump nss build dependency.
+  * debian/control*, debian/rules: Remove build dependency on python2.7.
+  * debian/browser.mozconfig.in: Remove obsolete configure options.
+
+  * build/virtualenv_packages.txt: Don't install enum and enum34 virtualenv
+    packages in python3 virtualenvs. bz#1632429.
+
+77.0-1 [Wed, 03 Jun 2020 07:53:04 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release
+  * Fixes for mfsa2020-20, also known as:
+    CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12407,
+    CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, CVE-2020-12411.
+
+  * debian/l10n/gen, debian/l10n_revs.py, debian/latest_nightly.py,
+    debian/rules, debian/symbols.mk: Convert to python 3.
+  * debian/control*: Bump nss and cbindgen build dependencies.
+  * debian/rules:
+    - Revert PKCS11 API change from 76.0.1-1 because the new API is
+      now explicitly used by upstream code.
+    - Stop passing -fno-schedule-insns2 -fno-lifetime-dse and
+      -fno-delete-null-pointer-checks to GCC.
+
+76.0.1-2 [Fri, 15 May 2020 09:10:36 +0900] Mike Hommey <glandium@debian.org>:
+
+  * debian/browser.mozconfig.in: Allow addon sideload. Closes: #960084.
+  * debian/control*: Bump nasm build dependency to 2.14.
+
+76.0.1-1 [Wed, 13 May 2020 09:09:57 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release
+
+  * debian/rules: Force using old PKCS11 API when building against newer
+    NSS releases. Closes: #960012.
+
+76.0-2 [Wed, 06 May 2020 14:27:30 +0900] Mike Hommey <glandium@debian.org>:
+
+  * Cargo.lock, third_party/rust/typenum/*: Upgrade typename to 1.12.0.
+    bz#1635671. Fixes FTBFS on i386.
+
+76.0-1 [Wed, 06 May 2020 05:41:56 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release
+  * Fixes for mfsa2020-16, also known as:
+    CVE-2020-12387, CVE-2020-6831, CVE-2020-12390, CVE-2020-12391,
+    CVE-2020-12392, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396.
+
+  * debian/control*: Bump nss build dependency.
+  * debian/browser.install.in: Don't install blocklist.xml, it's not there
+    anymore.
+
+  * config/recurse.mk: Don't depend on in-tree NSS/NSPR when building against
+    system NSS/NSPR. bz#1634926.
+
+75.0-2 [Sun, 19 Apr 2020 09:03:28 +0900] Mike Hommey <glandium@debian.org>:
+
+  * build/moz.configure/util.configure: In configure, pass extra compiler
+    flags after source path. Fixes FTBFS with --with-system-libvpx with
+    gcc-9 >= 9-20190125-2.
+
+75.0-1 [Wed, 08 Apr 2020 09:41:38 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release
+  * Fixes for mfsa2020-12, also known as:
+    CVE-2020-6821, CVE-2020-6822, CVE-2020-6823, CVE-2020-6824,
+    CVE-2020-6825, CVE-2020-6826.
+
+  * debian/control*: Bump nss, rustc, cargo, cbindgen and nodejs build
+    dependencies.
+  * debian/control*, debian/rules: Build against libvpx >= 1.8. We used
+    to build-conflicts with that version, but that's not necessary now
+    that upstream needs that version.
+  * debian/browser.install.in: Don't install .chk files, they aren't
+    produced anymore.
+  * debian/browser.install.in, debian/browser.mozconfig.in, debian/control*,
+    debian/rules: Don't build against system sqlite. This is not supported
+    anymore.
+
+  * python/mozbuild/mozbuild/nodeutil.py: Allow to build with older
+    versions of nodejs 10.
+
+74.0.1-1 [Sat, 04 Apr 2020 06:42:37 +0900] Mike Hommey <glandium@debian.org>:
 
   * New upstream release
   * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820.
 
-68.6.0esr-1~deb9u1 [Wed, 11 Mar 2020 06:59:57 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release
-  * Fixes for mfsa2020-09, also known as:
-    CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811,
-    CVE-2019-20503, CVE-2020-6812, CVE-2020-6814.
-
-68.5.0esr-1~deb9u1 [Wed, 12 Feb 2020 06:50:33 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release
-  * Fixes for mfsa2020-06, also known as:
-    CVE-2020-6796, CVE-2020-6798, CVE-2020-6800.
-
-68.4.1esr-1~deb9u1 [Thu, 09 Jan 2020 06:40:28 +0900] Mike Hommey <glandium@debian.org>:
+74.0-1 [Wed, 11 Mar 2020 12:15:37 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2020-08, also known as:
+    CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6808,
+    CVE-2020-6809, CVE-2020-6810, CVE-2020-6811, CVE-2019-20503,
+    CVE-2020-6812, CVE-2020-6813, CVE-2020-6814, CVE-2020-6815.
+
+  * debian/rules:
+    - Use the -o flag to redirect preprocessor output rather than shell
+      redirection to work around bz#1621465.
+    - Remove obj-*/.mozbuild on clean.
+  * debian/control*: Bump nspr, nss, sqlite and cbindgen build dependencies.
+
+  * config/mozunit/mozunit/mozunit.py,
+    python/mozbuild/mozbuild/action/langpack_manifest.py,
+    python/mozbuild/mozbuild/jar.py, python/mozbuild/mozbuild/preprocessor.py,
+    python/mozbuild/mozbuild/test/backend/test_build.py: Use io.open() rather
+    than open() in mozbuild/preprocessor.py. bz#1613263.
+  * dom/canvas/ClientWebGLContext.h, dom/canvas/WebGLContext.h: Fix build
+    errors with -Werror=format-security with GCC.
+
+73.0.1-1 [Thu, 20 Feb 2020 09:07:58 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+
+  * gfx/2d/SwizzleNEON.cpp: Fix NEON compile error with gcc and RGB unpacking.
+    bz#1610814.
+
+73.0-1 [Wed, 12 Feb 2020 06:57:23 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2020-05, also known as:
+    CVE-2020-6796, CVE-2020-6798, CVE-2020-6800, CVE-2020-6801.
+
+  * debian/control*: Bump nss, rustc, cargo and cbindgen build dependencies.
+  * debian/browser.install.in: Do not install now removed chrome.manifest
+    and libnssdbm3.* files.
+
+72.0.2-1 [Wed, 22 Jan 2020 12:06:25 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+
+72.0.1-1 [Thu, 09 Jan 2020 06:46:44 +0900] Mike Hommey <glandium@debian.org>:
 
   * New upstream release.
   * Fix for mfsa2020-03, also known as CVE-2019-17026.
 
-68.4.0esr-1~deb9u1 [Wed, 08 Jan 2020 08:54:04 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release.
-  * Fixes for mfsa2020-02, also known as:
-    CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024.
-
-  * debian/rules: Don't build with --compress-debug-sections on jessie.
-  * debian/rules: Use sourcestamp.txt for MOZ_BUILD_DATE. Closes: #946193.
-
-  * sourcestamp.txt: Fill with the missing info.
-
-68.3.0esr-1~deb9u1 [Sat, 07 Dec 2019 08:58:01 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release.
-  * Fixes for mfsa2019-37, also known as:
-    CVE-2019-17008, CVE-2019-11745, CVE-2019-17010, CVE-2019-17005,
-    CVE-2019-17011, CVE-2019-17012.
-
-  * debian/control.in: Bump nss build dependencies.
-  * intl/icu_sources_data.py:
-    - Revert change from 68.2.0esr-1~deb9u2.
-    - Don't build ICU in parallel.
-  * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around
-    GCC ICEs on arm.
+72.0-1 [Wed, 08 Jan 2020 08:54:04 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2020-01, also known as:
+    CVE-2019-17016, CVE-2019-17017, CVE-2019-17020, CVE-2019-17022,
+    CVE-2019-17023, CVE-2019-17024, CVE-2019-17025.
+
+  * debian/rules:
+    - Don't build with --compress-debug-sections on jessie.
+    - Use sourcestamp.txt for MOZ_BUILD_DATE.
+    - Avoid running dh_update_autotools_config. We're dealing with this
+      manually and we don't want config.* files being touched under
+      third_party/rust.
+  * debian/control*:
+    - Bump nspr, nss and sqlite build dependencies.
+    - Add missing dependency on libdrm-dev.
+  * debian/browser.mozconfig.in: Explicitly build with wayland support
+    enabled.
+
+  * intl/icu_sources_data.py: Don't build ICU in parallel.
+  * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around older
+    GCC ICE on arm.
     (Thanks Emilio Pozuelo Monfort)
 
-68.2.0esr-1~deb9u2 [Wed, 06 Nov 2019 12:22:11 +0100] Emilio Pozuelo Monfort <pochu@debian.org>:
-
-  * Don't set the NASM make variable on architectures without nasm, fixes
-    FTBFS on !x86.
-  * Output icu build log to stdout rather than to a file.
-
-68.2.0esr-1~deb9u1 [Thu, 31 Oct 2019 10:22:07 +0100] Emilio Pozuelo Monfort <pochu@debian.org>:
-
-  * New upstream release.
-  * Fixes for mfsa2019-33, also known as:
-    CVE-2019-15903, CVE-2019-11757, CVE-2019-11758, CVE-2019-11759,
+71.0-2 [Thu, 12 Dec 2019 09:38:33 +0900] Mike Hommey <glandium@debian.org>:
+
+  * dom/indexedDB/ActorsParent.cpp: Work around lack of support for
+    http://eel.is/c++draft/class.temporary#6.7 in compilers. bz#1601707
+    Closes: #946249, #946547.
+  * layout/generic/WritingModes.h, servo/ports/geckolib/cbindgen.toml:
+    Fix build with newer cbindgen. bz#1602358.
+
+71.0-1 [Wed, 04 Dec 2019 10:09:38 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2019-36, also known as:
+    CVE-2019-11756, CVE-2019-17008, CVE-2019-11745, CVE-2019-17014,
+    CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012,
+    CVE-2019-17013.
+
+  * debian/l10n/gen: Add support for ca-valencia.
+  * debian/control*: Bump nspr, nss, rustc and cargo build dependencies.
+  * debian/rules, debian/control.in:
+    - Build with nodejs-mozilla on jessie and stretch.
+    - Build with nasm-mozilla on jessie and stretch.
+    - Don't build with system libvpx on stretch.
+    (Thanks Emilio Pozuelo Monfort)
+
+70.0.1-1 [Sat, 09 Nov 2019 07:53:49 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+
+70.0-1 [Wed, 23 Oct 2019 07:30:42 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2019-34, also known as:
+    CVE-2018-6156, CVE-2019-15903, CVE-2019-11757, CVE-2019-11759,
     CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763,
+    CVE-2019-11765, CVE-2019-17000, CVE-2019-17001, CVE-2019-17002,
     CVE-2019-11764.
 
-68.1.0esr-1 [Wed, 04 Sep 2019 10:22:21 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream release.
-  * Fixes for mfsa2019-26, also known as
+  * debian/control*: Bump nss, sqlite, rustc, cargo, and cbindgen build
+    dependencies.
+
+69.0.2-1 [Tue, 08 Oct 2019 08:06:31 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+
+69.0.1-1 [Tue, 24 Sep 2019 06:39:36 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fix for mfsa2019-31, also known as CVE-2019-11754.
+
+  * debian/control*:
+    - Bump nss, rustc, cargo and cbindgen build dependencies. Closes: #939412.
+    - Remove build dependency versions where Debian has had the right version
+      since Jessie.
+  * debian/source/lintian-overrides: Adjust DotZlib.chm path.
+
+69.0-1 [Wed, 04 Sep 2019 13:48:54 +0900] Mike Hommey <glandium@debian.org>:
+
+  * New upstream release.
+  * Fixes for mfsa2019-25, also known as:
     CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752,
-    CVE-2019-9812, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749,
-    CVE-2019-11750, CVE-2019-11738, CVE-2019-11747, CVE-2019-11735,
+    CVE-2019-9812, CVE-2019-11741, CVE-2019-11743, CVE-2019-11748,
+    CVE-2019-11749, CVE-2019-5849, CVE-2019-11750, CVE-2019-11737,
+    CVE-2019-11738, CVE-2019-11747, CVE-2019-11734, CVE-2019-11735,
     CVE-2019-11740.
 
   * debian/upstream.mk: Read source repo and revision from json when
@@ -117,13 +297,20 @@
     - Remove unused build dependency against python-ply.
     - Remove python-minimal build dependency. All supported versions
       of Debian have a new enough version.
+    - Remove build dependency against libjsoncpp-dev.
   * debian/l10n/gen, debian/latest_nightly.py, debian/rules,
     debian/symbols.mk, debian/upstream.mk, debian/watch: Use explicit
     python2.7 instead of python.
-
-68.0.2esr-1 [Sun, 18 Aug 2019 22:27:52 +0900] Mike Hommey <glandium@debian.org>:
-
-  * New upstream ESR release.
+  * debian/rules: Use `mach python --no-virtualenv` to invoke the
+    preprocessor.
+
+  * config/system-headers,
+    toolkit/crashreporter/jsoncpp/src/lib_json/moz.build,
+    toolkit/crashreporter/minidump-analyzer/moz.build: Revert hack to
+    build against libjsoncpp. It was fine when it was only used by
+    the crash reporter, but that's not the case anymore, and it breaks
+    the build. Also, the bundled version is newer than what is available
+    in Debian.
 
 68.0.2-3 [Sun, 18 Aug 2019 20:47:26 +0900] Mike Hommey <glandium@debian.org>:
 

<http://10.200.17.11/4.4-6/#5413035401497204776>
Comment 2 Philipp Hahn univentionstaff 2020-09-30 07:31:28 CEST
OK: yaml
OK: announce_errata
OK: patch
~OK: piuparts
 new language packages

[4.4-6] 4957efba75 Bug #52160: firefox-esr 78.3.0esr-1~deb9u1
 doc/errata/staging/firefox-esr.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

[4.4-6] 333ceac3a6 Bug #52160: firefox-esr 78.3.0esr-1~deb9u1
 doc/errata/staging/firefox-esr.yaml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
Comment 3 Erik Damrose univentionstaff 2020-09-30 11:21:32 CEST
Reopen: DVD Installation fails. With this new firefox version it is possible to show the firefox interface when moving the mouse to the top of the screen.
Comment 4 Erik Damrose univentionstaff 2020-09-30 13:19:41 CEST
New firefox versions do not load the userChrome.css file by default, has to be enabled with
user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
see https://support.mozilla.org/de/kb/firefox-enterprise-78-release-notes

Fixed in
univention-system-setup 12.0.2-28A~4.4.0.202009301314
1b3cff2a Add userpref option to make new firefox esr versions load userChrome.css
17ba1608 univention-system-setup.yaml (also release for 4.4-5-errata, just as firefox security update)
Comment 6 Felix Botner univentionstaff 2020-09-30 20:38:00 CEST
OK - univention-system-setup (install tests worked for me)
OK - yaml
OK - merge request
Comment 7 Felix Botner univentionstaff 2020-10-02 17:25:16 CEST
The merge request is empty?
Comment 8 Felix Botner univentionstaff 2020-10-05 09:41:26 CEST
(In reply to Felix Botner from comment #7)
> The merge request is empty?

no, was already merged
Comment 9 Erik Damrose univentionstaff 2020-10-07 12:45:36 CEST
OK: yaml
OK: announce_errata
OK: patch
FAIL: piuparts
~ new language packs

[4.4-6] 1794e1d1c9 Bug #52160: yaml
 doc/errata/staging/firefox-esr.yaml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

[4.4-6] 7493e9a957 Bug #52160: firefox-esr 78.3.0esr-1~deb9u2
 doc/errata/staging/firefox-esr.yaml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

[4.4-6] 4957efba75 Bug #52160: firefox-esr 78.3.0esr-1~deb9u1
 doc/errata/staging/firefox-esr.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

[4.4-6] 333ceac3a6 Bug #52160: firefox-esr 78.3.0esr-1~deb9u1
 doc/errata/staging/firefox-esr.yaml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)