#14564 closed enhancement (fixed)
firefox-78.7.0
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | high | Milestone: | 10.1 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Now available.
It looks to me as if both the JS78 part and firefox itself contain security fixes in this version.
When I was looking at thunderbird in Arch's AUR I noticed that ./mach build was preceded by ./mach configure. Doing that separates the configuration (everything up to 'reticulating splines' which is where the generated (Python) 'config.status' reads all the moz.build files and invokes the build back-end generator). It seems to me that since these stages can be separated, that is a more educational way to go.
Change History (4)
comment:1 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 3 years ago
follow-up: 4 comment:3 by , 3 years ago
| Priority: | normal → high |
|---|---|
| Resolution: | → fixed |
| Status: | assigned → closed |
Security fixes listed at https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ Some are rated 'high', the JS78 fix appears to be the "use after poison" fix which is rated moderate.
Fixed in r24138.
comment:4 by , 3 years ago
Replying to ken@…:
Security fixes listed at https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ Some are rated 'high', the JS78 fix appears to be the "use after poison" fix which is rated moderate.
I'm now generally regarding crashes as High severity even when NVD, and in this case upstream, mark them as Moderate or Low.
r24138, still waiting for the release notes.