Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#14246 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: ken@…
Priority: high Milestone: 10.1
Component: BOOK Version: SVN
Severity: normal Keywords:

Description (last modified by ken@…)

New point version.

Belatedly marking as high priority, there are other security fixes beyond what we had in patched 2.53.4.

Change History (6)

comment:1 by ken@…, 3 years ago

SeaMonkey 2.53.5 contains (among other changes) the following major changes relative to SeaMonkey 2.53.4:

Provide WebP support bug 1653869. Add as a search engine available to all locales bug 1655283. Added av1 support. Included latest version of freetype2. Added support for the resizeObserver web API. Support for rust 1.47.0 on Linux and macOS platforms. Dropped support for use of system sqlite. Various security and general platform fixes.

Since they don't detail any security fixes, I compared this to our patched version: fixed, but in a slightly different way.

comment:2 by ken@…, 3 years ago

Owner: changed from blfs-book to ken@…
Status: newassigned

I've started looking at this, so I suppose I'd better take it ;-)

Changes so far: --enable-system-sqlite no longer accepted, it looks for nasm as well as yasm (needed for dav1D, i.e. playing av1 videos) - it looks as if it might build without that so I propose to add it as recommended, as for firefox.

comment:3 by ken@…, 3 years ago

The diff from 2.53.4 is enormous, much like a diff from one latest version of firefox to the next. among the changes, shipped libjpeg (which we don't build) has been updated through versions 1.5.2, 2.0.0, 2.0.3 to 2.0.4). We don't use the shipped updated libfreetype2. Shipped libvpx has also been updated - as with firefox, I guess we are stuck with the system version (ditto brotli which was also updated).

comment:4 by ken@…, 3 years ago

Also updates to security/sandbox/chromium which might be security-related.

Various changes in third_party rust code.

Shipped sqlite3 updated to 3.33.0.

It looks as thought we can use --with-system-webp, rebuilding to confirm that.

comment:5 by ken@…, 3 years ago

Resolution: fixed
Status: assignedclosed

comment:6 by ken@…, 3 years ago

Description: modified (diff)
Priority: normalhigh
Note: See TracTickets for help on using tickets.