diff options
| author | Adrien Nader <adrien@notk.org> | 2019-10-22 21:40:15 +0200 |
|---|---|---|
| committer | Adrien Nader <adrien@notk.org> | 2019-10-22 21:40:15 +0200 |
| commit | 29ada8cfd92ef048db916ba7da12bdbc6ce2b52c (patch) | |
| tree | 8e6d3e285c8f37558dfc9808bc127c35f6e97044 /slackware64-current/source/xap | |
| parent | 2de6e79f127ef059bdc7b827dc86dbfe39a4310d (diff) | |
Tue Oct 22 18:48:37 UTC 2019
a/btrfs-progs-5.3-x86_64-1.txz: Upgraded.
a/kernel-firmware-20191022_2b016af-noarch-1.txz: Upgraded.
d/parallel-20191022-noarch-1.txz: Upgraded.
l/glib2-2.62.2-x86_64-1.txz: Upgraded.
l/python-pillow-6.2.1-x86_64-1.txz: Upgraded.
n/php-7.3.11-x86_64-1.txz: Upgraded.
This update fixes bugs and a security issue:
FPM: env_path_info underflow in fpm_main.c can lead to RCE.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043
(* Security fix *)
x/xkeyboard-config-2.28-noarch-1.txz: Upgraded.
xap/mozilla-firefox-68.2.0esr-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/68.2.0/releasenotes/
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
(* Security fix *)
Diffstat (limited to 'slackware64-current/source/xap')
3 files changed, 31 insertions, 2 deletions
diff --git a/slackware64-current/source/xap/mozilla-firefox/firefox-68.1.0esr.source.tar.xz.asc b/slackware64-current/source/xap/mozilla-firefox/firefox-68.1.0esr.source.tar.xz.asc deleted file mode 100644 index f503e8f76..000000000 --- a/slackware64-current/source/xap/mozilla-firefox/firefox-68.1.0esr.source.tar.xz.asc +++ /dev/null @@ -1 +0,0 @@ -cbe133ecb7be4a458c9a91521348cc90d4e98afa diff --git a/slackware64-current/source/xap/mozilla-firefox/firefox-68.2.0esr.source.tar.xz.asc b/slackware64-current/source/xap/mozilla-firefox/firefox-68.2.0esr.source.tar.xz.asc new file mode 100644 index 000000000..3c610fa77 --- /dev/null +++ b/slackware64-current/source/xap/mozilla-firefox/firefox-68.2.0esr.source.tar.xz.asc @@ -0,0 +1 @@ +dceb1226ca201336f5319f5105ca60396d9e7203 diff --git a/slackware64-current/source/xap/mozilla-firefox/mozilla-firefox.SlackBuild b/slackware64-current/source/xap/mozilla-firefox/mozilla-firefox.SlackBuild index 0e11e04cc..b4863b518 100755 --- a/slackware64-current/source/xap/mozilla-firefox/mozilla-firefox.SlackBuild +++ b/slackware64-current/source/xap/mozilla-firefox/mozilla-firefox.SlackBuild @@ -42,6 +42,16 @@ MOZLOCALIZE=${MOZLOCALIZE:-} # "UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 36: ordinal not in range(128)" LANG=C +# Add a shell script to start the firefox binary with MOZ_ALLOW_DOWNGRADE=1 +# to avoid backing up (and disabling) the user profile if a browser downgrade +# is detected. We made it fine for years without this feature, and all the +# feedback we've seen suggests that it is causing more problems than it +# solves. For example, this feature causes a profile reset trying to switch +# between a 32-bit and 64-bit browser on installations that share a common +# /home directory. If you want to build with the stock default behavior, set +# this to something other than "YES": +MOZ_ALLOW_DOWNGRADE=${MOZ_ALLOW_DOWNGRADE:-YES} + # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -366,6 +376,26 @@ install -m 644 browser/branding/official/default16.png \ # Copy over the LICENSE install -p -c -m 644 LICENSE $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$RELEASEVER/ +# If MOZ_ALLOW_DOWNGRADE=YES, replace the /usr/bin/firefox symlink with a +# shell script that sets the MOZ_ALLOW_DOWNGRADE=1 environment variable so +# that a detected browser downgrade does not reset the user profile: +if [ "$MOZ_ALLOW_DOWNGRADE" = "YES" ]; then + rm -f $PKG/usr/bin/firefox + cat << EOF > $PKG/usr/bin/firefox +#!/bin/sh +# +# Shell script to start Mozilla Firefox. +# +# Don't reset the user profile on a detected browser downgrade: +export MOZ_ALLOW_DOWNGRADE=1 + +# Start Firefox: +exec /usr/lib${LIBDIRSUFFIX}/firefox/firefox "\$@" +EOF + chown root:root $PKG/usr/bin/firefox + chmod 755 $PKG/usr/bin/firefox +fi + mkdir $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc @@ -375,4 +405,3 @@ if [ -z $MOZLOCALIZE ]; then else /sbin/makepkg -l y -c n $TMP/mozilla-firefox-$VERSION-$ARCH-${BUILD}_$MOZLOCALIZE.txz fi - |