X-Original-To: alpine-aports@lists.alpinelinux.org
Received: from mail-lf0-f66.google.com (mail-lf0-f66.google.com [209.85.215.66])
	by lists.alpinelinux.org (Postfix) with ESMTP id B7A515C4990
	for <alpine-aports@lists.alpinelinux.org>; Thu, 26 Jan 2017 12:36:16 +0000 (GMT)
Received: by mail-lf0-f66.google.com with SMTP id q89so23593908lfi.1
        for <alpine-aports@lists.alpinelinux.org>; Thu, 26 Jan 2017 04:36:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id;
        bh=Rx0J58SizwINj6x9Mgy8m2/dtgEpesQ/qsc+MOlezV8=;
        b=rDgJLz3CzSl0I0afqj7S2Md6ULWX2g09HQBSnpAM3Nl7Zgge3qfxeiYMfHphWRpjmk
         If1nhsiU8Sl+JKM2CZ2SBuxeXIgPSFznWZ8LySoioOttEAmZWjK/MAEeCc0nYX0t5WI1
         15IdqmDh5jxrE9zD+3HyXJIbYWdJgSC0MqA/EPHXsnEmTwA79uGcZEfTE+XL9Hu8VKeH
         mNJCb0hjcRdN8Y8iqBjto7V1903wzyaKVUaWsfPBQR0q3f6EE0mbjNurvScEbltsnfdA
         /nk3ttl+y1wLexvk8gUYpk9duJJ+RGo5ZVfS17DRRFRAu+PkMsJalXynYUzCNMtmGRKQ
         qMjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id;
        bh=Rx0J58SizwINj6x9Mgy8m2/dtgEpesQ/qsc+MOlezV8=;
        b=VM6nfAJ6xt1YePR0CdsRJm/gcAFCmHtfbYd/BWeuveGfg0AA8TKZCZtBaPyTpTfa0U
         m1QlfSkEUloZYp6ogIY7rFkHl64bez3lSP1sET/uWbO9QAGxwbHcdT5Deh3Nh0gcNKzT
         /Se++1ZFpAf0uzvk0bK4iBZszW/dPxYSGnU29k0IWdL3g2eu0AtFB3OtgU1fCkvfwsKo
         6PNxGEP2b+2+QlVrUD+0wJka8rlosnFR2XK002XCDIACIWgxZs4BVFGPC+S7OotiE/se
         JcZ2RRJzVavT8kBOVl3zgsn/WVC3MgdC3aAE4ZnAXpM8HVxKT9J96MjXLe24RjpjfrN8
         9NoQ==
X-Gm-Message-State: AIkVDXKCz58uInu+2zyHCIwuJagyj05tm+oi8MCXe9JtoNf/OY/TnaFUqy7YjPaGhYYE7g==
X-Received: by 10.25.77.83 with SMTP id a80mr936352lfb.140.1485434175452;
        Thu, 26 Jan 2017 04:36:15 -0800 (PST)
Received: from edge.util.wtbts.net ([83.145.235.199])
        by smtp.gmail.com with ESMTPSA id a71sm442783lfe.36.2017.01.26.04.36.14
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 26 Jan 2017 04:36:14 -0800 (PST)
From: Sergei Lukin <sergej.lukin@gmail.com>
To: alpine-aports@lists.alpinelinux.org
Cc: Sergei Lukin <sergej.lukin@gmail.com>
Subject: [alpine-aports] [PATCH edge] community/firefox-esr: security upgrade to 45.7.0 - fixes #6746
Date: Thu, 26 Jan 2017 12:36:05 +0000
Message-Id: <20170126123605.3748-1-sergej.lukin@gmail.com>
X-Mailer: git-send-email 2.11.0
X-Mailinglist: alpine-aports
Precedence: list
List-Id: Alpine Development <alpine-aports.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-aports+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-aports@lists.alpinelinux.org>
List-Help: <mailto:alpine-aports+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-aports+subscribe@lists.alpinelinux.org?subject=subscribe>

CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7
CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP
CVE-2017-5376: Use-after-free in XSL
CVE-2017-5378: Pointer and frame data leakage of Javascript objects
CVE-2017-5380: Potential use-after-free during DOM manipulations
CVE-2017-5383: Location bar spoofing with unicode characters
CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions
CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer
CVE-2017-5396: Use-after-free with Media Decoder
---
 community/firefox-esr/APKBUILD | 33 +++++++++++++++++++++++----------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/community/firefox-esr/APKBUILD b/community/firefox-esr/APKBUILD
index 3466cf8ce3..54c7ea3a17 100644
--- a/community/firefox-esr/APKBUILD
+++ b/community/firefox-esr/APKBUILD
@@ -1,10 +1,11 @@
+# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
 # Contributor: William Pitcock <nenolod@dereferenced.org>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=firefox-esr
-pkgver=45.6.0
+pkgver=45.7.0
 _pkgver=$pkgver
 _xulver=$pkgver
-pkgrel=3
+pkgrel=0
 pkgdesc="Firefox web browser"
 url="https://www.mozilla.org/en-US/firefox/organizations/faq/"
 arch="all"
@@ -76,7 +77,19 @@ source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox
 	firefox.desktop
 	firefox-safe.desktop"
 
-_builddir="${srcdir}/firefox-${pkgver}esr"
+# secfixes:
+#   45.7.0-r0:
+#   - CVE-2017-5373
+#   - CVE-2017-5375
+#   - CVE-2017-5376
+#   - CVE-2017-5378
+#   - CVE-2017-5380
+#   - CVE-2017-5383
+#   - CVE-2017-5386
+#   - CVE-2017-5390
+#   - CVE-2017-5396
+
+builddir="${srcdir}/firefox-${pkgver}esr"
 _mozappdir=/usr/lib/firefox-$pkgver
 _mozappdirdev=/usr/lib/firefox-devel-$pkgver
 
@@ -86,7 +99,7 @@ ldpath="$_mozappdir"
 prepare() {
 	local i
 
-	cd "$_builddir" || return 1
+	cd "$builddir" || return 1
 
 	for i in $source; do
 		case $i in
@@ -99,7 +112,7 @@ prepare() {
 }
 
 build() {
-	cd "$_builddir"
+	cd "$builddir"
 
 	# mozilla's buildsystem is on drugs
 	export CFLAGS="$(echo $CFLAGS | sed -e 's/-Wall//' -e 's/-fexceptions/-fno-exceptions/g')"
@@ -114,7 +127,7 @@ build() {
 }
 
 package() {
-	cd "$_builddir"
+	cd "$builddir"
 
 	# only used for startupcache creation.
 	local paxflags="-msp"
@@ -127,7 +140,7 @@ package() {
 
 	install -m755 -d ${pkgdir}/usr/share/applications
 	install -m755 -d ${pkgdir}/usr/share/pixmaps
-	install -m644 "$_builddir"/browser/branding/official/default48.png \
+	install -m644 "$builddir"/browser/branding/official/default48.png \
 		${pkgdir}/usr/share/pixmaps/firefox.png || return 1
 	install -m644 ${srcdir}/firefox.desktop ${pkgdir}/usr/share/applications/firefox.desktop
 	install -m644 ${srcdir}/firefox-safe.desktop ${pkgdir}/usr/share/applications/firefox-safe.desktop
@@ -170,7 +183,7 @@ dev() {
 	default_dev
 }
 
-md5sums="ee3cf2401a5716cebacaae5fb70d133f  firefox-45.6.0esr.source.tar.xz
+md5sums="15b8cd3c400b2c754a8350f311eda986  firefox-45.7.0esr.source.tar.xz
 1f4c60e662ed93784431bd06c5141719  mozconfig
 99b27aeac58923f318d083e5e71879ba  vendor.js
 6ab77b80c8c7d6fd07ab53c54561f4df  0002-Use-C99-math-isfinite.patch
@@ -191,7 +204,7 @@ b8b2a3cdb38f402e4eb4885908233811  libavutil.patch
 c35d743dd706093ff5aa7dbb7e6168bb  gcc6-fix-compilation.patch
 ba96924ece1d77453e462429037a2ce5  firefox.desktop
 6f38a5899034b7786cb1f75ad42032b8  firefox-safe.desktop"
-sha256sums="c1e7ddf6efb0f54c8071131b6395f4942a422c2ab70f2e9a81b588373d6fbf5b  firefox-45.6.0esr.source.tar.xz
+sha256sums="4b5610691d32b77dd0dec25902f0d19e530c184cedc11babb530621cbdd33143  firefox-45.7.0esr.source.tar.xz
 23c2b4535ce83c92ba978e15ce328c9f140def155d12523c00df30baf41b98dc  mozconfig
 afecb8c17a2bedafe600dd572d24eff24e540cda02f675705d11168040379ce6  vendor.js
 080a55182b865471a86fa4b70a66ed9495f1e536f7fdc4060cb8c675b4749c6e  0002-Use-C99-math-isfinite.patch
@@ -212,7 +225,7 @@ a1ba79ec0c50c19edcfb24bb2686a718a77b02035e412989b9208b9b818abe14  allow-utf8-fal
 5ae2edf65b65a29c8d266343230c0ba9268f864697fc1f984d79e980a365a8fc  gcc6-fix-compilation.patch
 b571c4a49884a3c98806246c9cc3e60c73d5a8f4aeb7f96217db0be1d6210eda  firefox.desktop
 4b6de45753856a890f4482055666e77f9b01bdfb7e0df08bafaa3a4d9937eed3  firefox-safe.desktop"
-sha512sums="b96c71aeed8a1185a085512f33d454a1735237cd9ddf37c8caa9cc91892eafab0615fc0ca6035f282ca8101489fa84c0de1087d1963c05b64df32b0c86446610  firefox-45.6.0esr.source.tar.xz
+sha512sums="6424101b6958191ce654d0619950dfbf98d4aa6bdd979306a2df8d6d30d3fecf1ab44638061a2b4fb1af85fe972f5ff49400e8eeda30cdcb9087c4b110b97a7d  firefox-45.7.0esr.source.tar.xz
 e14b4a646230f7a752ef864b0e6a074fdac74d6c4abde2c31656eb10ac6f002a5c664d257bf3f4bd22544f10103e38d5fae49f84fcaae402b81940e72bcfe0e5  mozconfig
 cc10dba32d9c7faf1d99b8fdebc71bf0200ad10b976105edb45df696bf64a668b2b7aa8c3892a8056eb71fb071b0e0ae51c3ce2fb75acfb7e7035104c0e4fce3  vendor.js
 7e123144bc2b1efed149dfb41b255c447d43ea93a63ebe114d01945e6a6d69edc2f2a3c36980a93279106c1842355851b8b6c1d96679ee6be7b9b30513e0b1a8  0002-Use-C99-math-isfinite.patch
-- 
2.11.0



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---