#10557: firefox-59.0.1 --------------------+----------------------- Reporter: ken@… | Owner: blfs-book Type: defect | Status: new Priority: high | Milestone: 8.3 Component: BOOK | Version: SVN Severity: normal | Keywords: --------------------+----------------------- This was apparently announced on 16th March. It contains one security fix: CVE-2018-5146 An out of bounds memory write in libvorbis was reported through the Pwn2Own contest. (Also a similar flaw in libtremor which is used in android and arm platforms).
I'm not sure if this means we should just drop system vorbis from the 59.0 build, or whether we need 59.0.1. Source is [https://hg.mozilla.org/releases/mozilla- release/archive/3db9e3d52b17563efca181ccbb50deb8660c59ae.tar.bz2] Tinyurl gives me https://tinyurl.com/firefox-59-0-1 -- Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/10557> BLFS Trac <http://wiki.linuxfromscratch.org/blfs> Beyond Linux From Scratch -- http://lists.linuxfromscratch.org/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page