diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2024-03-23 19:34:02 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2024-03-24 13:30:44 +0100 |
commit | fca48db86c9b7dcfd30f40859d2d68b8c546b8ca (patch) | |
tree | 58ca4f0b8dc14ab052440f8e896f48ab5322e6e1 /patches | |
parent | 7fee55d3d8eecec3b44c753bb5d3fbb87c06a7cb (diff) | |
download | current-20240323193402_15.0.tar.gz current-20240323193402_15.0.tar.xz |
Sat Mar 23 19:34:02 UTC 202420240323193402_15.0
patches/packages/mozilla-firefox-115.9.1esr-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a critical security issue:
An attacker was able to inject an event handler into a privileged object
that would allow arbitrary JavaScript execution in the parent process.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.9.1esr/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-16/
https://www.cve.org/CVERecord?id=CVE-2024-29944
(* Security fix *)
Diffstat (limited to 'patches')
-rw-r--r-- | patches/packages/mozilla-firefox-115.9.1esr-x86_64-1_slack15.0.txt (renamed from patches/packages/mozilla-firefox-115.9.0esr-x86_64-1_slack15.0.txt) | 0 | ||||
-rwxr-xr-x | patches/source/mozilla-firefox/mozilla-firefox.SlackBuild | 3 |
2 files changed, 3 insertions, 0 deletions
diff --git a/patches/packages/mozilla-firefox-115.9.0esr-x86_64-1_slack15.0.txt b/patches/packages/mozilla-firefox-115.9.1esr-x86_64-1_slack15.0.txt index 9d8594319..9d8594319 100644 --- a/patches/packages/mozilla-firefox-115.9.0esr-x86_64-1_slack15.0.txt +++ b/patches/packages/mozilla-firefox-115.9.1esr-x86_64-1_slack15.0.txt diff --git a/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild b/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild index b2da5322e..d2b31fb95 100755 --- a/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild +++ b/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild @@ -273,7 +273,10 @@ if [ ! -z $MOZLOCALIZE ]; then browser/installer/package-manifest.in || exit 1 fi +# They say to use the second line, not the first. +# But they're not the boos of me. export MACH_USE_SYSTEM_PYTHON="1" +#export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system export MOZILLA_OFFICIAL="1" export BUILD_OFFICIAL="1" export MOZ_PHOENIX="1" |