Mailinglist Archive: opensuse-factory (439 mails)

< Previous Next >
[opensuse-factory] Leap 15.1 Build 442.2 released!

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.1&build=442.2&groupid=50
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&query_format=advanced&resolution=---&version=Leap%2015.1

When you reply to discuss some issues, make sure to change the subject.
Please use the test plan at
https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m1p6gXPc/edit#gid=94909276
to record your testing efforts and use bugzilla to report bugs.

Packages changed:
MozillaFirefox (60.5.1 -> 60.6.1)
xfce4-session

=== Details ===

==== MozillaFirefox ====
Version update (60.5.1 -> 60.6.1)
Subpackages: MozillaFirefox-translations-common
MozillaFirefox-translations-other

- Mozilla Firefox 60.6.1esr
MFSA 2019-10 (bsc#1130262)
* CVE-2019-9810 (bmo#1537924)
IonMonkey MArraySlice has incorrect alias information
* CVE-2019-9813 (bmo#1538006)
Ionmonkey type confusion with __proto__ mutations
- Mozilla Firefox 60.6.0esr
MFSA 2019-08 (bsc#1129821)
* CVE-2019-9790 bmo#1525145
Use-after-free when removing in-use DOM elements
* CVE-2019-9791 bmo#1530958
Type inference is incorrect for constructors entered through on-stack
replacement with IonMonkey
* CVE-2019-9792 bmo#1532599
IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
* CVE-2019-9793 bmo#1528829
Improper bounds checks when Spectre mitigations are disabled
* CVE-2019-9794 bmo#1530103
Command line arguments not discarded during execution
* CVE-2019-9795 bmo#1514682
Type-confusion in IonMonkey JIT compiler
* CVE-2019-9796 bmo#1531277
Use-after-free with SMIL animation controller
* CVE-2018-18506 bmo#1503393
Proxy Auto-Configuration file can define localhost access to be proxied
* CVE-2019-9788 bmo#1518001 bmo#1521304 bmo#1521214 bmo#1506665 bmo#1516834
bmo#1518774 bmo#1524755 bmo#1523362 bmo#1524214 bmo#1529203
Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6
- Mozilla Firefox 60.5.2esr:
* Fix a frequent crash when reading various Reuters news articles
(bmo#1505844)

==== xfce4-session ====
Subpackages: libxfsm-4_6-0 xfce4-session-lang

- Remove a hunk from xinitrd. Upstream already sets
XDG_CURRENT_DESKTOP with commit 4daf68eb
xfce4-session-adapt-session-scripts.patch
- Use autosetup for simpler quilt setup
refresh add-light-locker-support.patch


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages