Project

General

Profile

Bug #2595

[iceweasel]: upgrade to v72.0.1

eliotime3000 - 6 months ago - . Updated 5 months ago.

Status:
in progress
Priority:
bug
Assignee:
% Done:

0%


Description

Zero-day report (CVE-2019-17026) for Firefox 72 and below

On Thursday, January 9th, Mozilla reported a bug that has been classified as CVE-2019-17026, which has been applied into the release and ESR branches of Firefox. The versions of Firefox that has been applied this zero-day patches are:

#Release branch:
##72.0.1

#ESR branch:
##62.4.1

The bug details a failure of SpiderMonkey that makes it vulnerable to attacks.

Anyway, please update Iceweasel ASAP (if could be possible, also in 32-bit and ARMv7 builds, too).

Thanks.

History

#1

Updated by bill-auger 6 months ago

  • Assignee set to bill-auger
  • Status changed from unconfirmed to in progress
  • Description updated (diff)
  • Subject changed from [iceweasel] Zero-day report (CVE-2019-17026) for Firefox 72 and below to [iceweasel]: upgrade to v72.0.1
#2

Updated by bill-auger 5 months ago

forgot to update this ticket - x86_64 and i686 were successful but ARM is still FTB

it keeps freezing around 400 minutes into the build - the third time i tried it, i let it run for 5 days, but the build never ended, and it never moved past that point - i watched htop for quite a while and the processes appeared to be busy - thats why i let it run - but whatever it was doing was obviously never going to complete

this is the build log - i dont see anything interesting in it though http://termbin.com/70tda - the only thing i did differently than the archarm PKGBUILD (which i can remember 7 days later) was that they had -j1 set explicitly - the note was related to their build farm though, so i removed that

Also available in: Atom PDF