Univention Bugzilla – Bug 48779
firefox-esr: Multiple issues (4.3)
Last modified: 2019-02-27 13:29:24 CET
New Debian firefox-esr 60.5.1esr-1~deb9u1 fixes: This update addresses the following issues: * Use after free in Skia (CVE-2018-18356) * Integer overflow in Skia (CVE-2019-5785)
--- mirror/ftp/4.3/unmaintained/component/4.3-3-errata/source/firefox-esr_60.5.0esr-1~deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-3/source/firefox-esr_60.5.1esr-1~deb9u1.dsc @@ -1,3 +1,14 @@ +60.5.1esr-1~deb9u1 [Thu, 14 Feb 2019 18:35:06 +0900] Mike Hommey <glandium@debian.org>: + + * New upstream release. + * Fixes for mfsa2019-05, also known as: + CVE-2018-18356, CVE-2019-5785. + + * debian/rules, debian/upstream.mk: Manually set the update channel. + Closes: #921381, #921121, #921654. + * debian/rules: Disable ion JIT on mips and mipsel. This should fix the + FTBFS. + 60.5.0esr-1~deb9u1 [Wed, 30 Jan 2019 09:53:01 +0900] Mike Hommey <glandium@debian.org>: * New upstream release. <http://10.200.17.11/4.3-3/#5991334533045986112>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-3] 73e3a303b3 Bug #48779: firefox-esr 60.5.1esr-1~deb9u1 doc/errata/staging/firefox-esr.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<http://errata.software-univention.de/ucs/4.3/434.html>