Opened 6 months ago

Closed 6 months ago

Last modified 6 months ago

#14564 closed enhancement (fixed)

firefox-78.7.0

Reported by: ken@… Owned by: ken@…
Priority: high Milestone: 10.1
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

Now available.

It looks to me as if both the JS78 part and firefox itself contain security fixes in this version.

When I was looking at thunderbird in Arch's AUR I noticed that ./mach build was preceded by ./mach configure. Doing that separates the configuration (everything up to 'reticulating splines' which is where the generated (Python) 'config.status' reads all the moz.build files and invokes the build back-end generator). It seems to me that since these stages can be separated, that is a more educational way to go.

Change History (4)

comment:1 by ken@…, 6 months ago

Owner: changed from blfs-book to ken@…
Status: newassigned

comment:2 by ken@…, 6 months ago

r24138, still waiting for the release notes.

comment:3 by ken@…, 6 months ago

Priority: normalhigh
Resolution: fixed
Status: assignedclosed

Security fixes listed at https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ Some are rated 'high', the JS78 fix appears to be the "use after poison" fix which is rated moderate.

Fixed in r24138.

in reply to:  3 comment:4 by ken@…, 6 months ago

Replying to ken@…:

Security fixes listed at https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ Some are rated 'high', the JS78 fix appears to be the "use after poison" fix which is rated moderate.

I'm now generally regarding crashes as High severity even when NVD, and in this case upstream, mark them as Moderate or Low.

Note: See TracTickets for help on using tickets.