guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNU IceCat 45 beta now available in Guix

From: Leo Famulari
Subject: Re: GNU IceCat 45 beta now available in Guix
Date: Wed, 12 Oct 2016 10:32:21 -0400
User-agent: Mutt/1.7.0 (2016-08-17) 
On Wed, Oct 12, 2016 at 01:42:26AM -0400, Mark H Weaver wrote:
> Hello Guix,
> 
> I'm pleased to announce the availability of GNU IceCat 45.3.0-gnu1-beta
> with selected fixes cherry-picked from upstream, including all security
> fixes introduced in Firefox ESR 45.4.0, specifically:
> 
>   CVE-2016-5250 - Resource Timing API is storing resources sent by
>                   the previous page
>   CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
>   CVE-2016-5261 - Integer overflow and memory corruption in WebSocketChannel
>   CVE-2016-5270 - Heap-buffer-overflow in
>                   nsCaseTransformTextRunFactory::TransformString
>   CVE-2016-5272 - Bad cast in nsImageGeometryMixin
>   CVE-2016-5274 - use-after-free in nsFrameManager::CaptureFrameState
>   CVE-2016-5276 - Heap-use-after-free in
>                   mozilla::a11y::DocAccessible::ProcessInvalidationList
>   CVE-2016-5277 - Heap-use-after-free in nsRefreshDriver::Tick
>   CVE-2016-5278 - Heap-buffer-overflow in nsBMPEncoder::AddImageFrame
>   CVE-2016-5280 - Use-after-free in
>                   mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
>   CVE-2016-5281 - use-after-free in DOMSVGLength
>   CVE-2016-5284 - Add-on update site certificate pin expiration

Thanks a lot for your work on this!
reply via email to
[Prev in Thread] Current Thread [Next in Thread]