Bug 19441

Summary: Firefox 45.4
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: andrewsfarm, brtians1, davidwhodgins, lewyssmith, marja11, sysadmin-bugs, wrw105
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/701347/
Whiteboard: has_procedure mga5-64-ok mga5-32-ok advisory
Source RPM: firefox CVE:
Status comment:
Bug Depends on: 19170    
Bug Blocks:    

Description David Walser 2016-09-22 13:57:09 CEST 
RedHat has issued an advisory on September 21:
https://rhn.redhat.com/errata/RHSA-2016-1912.html

So far, we have been unable to get this to build in Cauldron.

Once we're able to, there will be a rootcerts update (and nss rebuild) going with it.
Marja Van Waes 2016-09-22 15:53:08 CEST

CC: (none) => marja11
Assignee: bugsquad => pkg-bugs

David Walser 2016-09-23 22:02:27 CEST

Depends on: (none) => 19170

Comment 1 David Walser 2016-09-23 22:10:27 CEST 
Updated packages uploaded for Mageia 5 and Cauldron.

Advisory to come.

Updated packages in core/updates_testing:
================
rootcerts-20160826.00-1.mga5
rootcerts-java-20160826.00-1.mga5
nss-3.26.0-1.1.mga5
nss-doc-3.26.0-1.1.mga5
libnss3-3.26.0-1.1.mga5
libnss-devel-3.26.0-1.1.mga5
libnss-static-devel-3.26.0-1.1.mga5
firefox-45.4.0-2.mga5
firefox-af-45.4.0-1.mga5
firefox-an-45.4.0-1.mga5
firefox-ar-45.4.0-1.mga5
firefox-as-45.4.0-1.mga5
firefox-ast-45.4.0-1.mga5
firefox-az-45.4.0-1.mga5
firefox-be-45.4.0-1.mga5
firefox-bg-45.4.0-1.mga5
firefox-bn_BD-45.4.0-1.mga5
firefox-bn_IN-45.4.0-1.mga5
firefox-br-45.4.0-1.mga5
firefox-bs-45.4.0-1.mga5
firefox-ca-45.4.0-1.mga5
firefox-cs-45.4.0-1.mga5
firefox-cy-45.4.0-1.mga5
firefox-da-45.4.0-1.mga5
firefox-de-45.4.0-1.mga5
firefox-devel-45.4.0-2.mga5
firefox-el-45.4.0-1.mga5
firefox-en_GB-45.4.0-1.mga5
firefox-en_US-45.4.0-1.mga5
firefox-en_ZA-45.4.0-1.mga5
firefox-eo-45.4.0-1.mga5
firefox-es_AR-45.4.0-1.mga5
firefox-es_CL-45.4.0-1.mga5
firefox-es_ES-45.4.0-1.mga5
firefox-es_MX-45.4.0-1.mga5
firefox-et-45.4.0-1.mga5
firefox-eu-45.4.0-1.mga5
firefox-fa-45.4.0-1.mga5
firefox-ff-45.4.0-1.mga5
firefox-fi-45.4.0-1.mga5
firefox-fr-45.4.0-1.mga5
firefox-fy_NL-45.4.0-1.mga5
firefox-ga_IE-45.4.0-1.mga5
firefox-gd-45.4.0-1.mga5
firefox-gl-45.4.0-1.mga5
firefox-gu_IN-45.4.0-1.mga5
firefox-he-45.4.0-1.mga5
firefox-hi_IN-45.4.0-1.mga5
firefox-hr-45.4.0-1.mga5
firefox-hsb-45.4.0-1.mga5
firefox-hu-45.4.0-1.mga5
firefox-hy_AM-45.4.0-1.mga5
firefox-id-45.4.0-1.mga5
firefox-is-45.4.0-1.mga5
firefox-it-45.4.0-1.mga5
firefox-ja-45.4.0-1.mga5
firefox-kk-45.4.0-1.mga5
firefox-km-45.4.0-1.mga5
firefox-kn-45.4.0-1.mga5
firefox-ko-45.4.0-1.mga5
firefox-lij-45.4.0-1.mga5
firefox-lt-45.4.0-1.mga5
firefox-lv-45.4.0-1.mga5
firefox-mai-45.4.0-1.mga5
firefox-mk-45.4.0-1.mga5
firefox-ml-45.4.0-1.mga5
firefox-mr-45.4.0-1.mga5
firefox-ms-45.4.0-1.mga5
firefox-nb_NO-45.4.0-1.mga5
firefox-nl-45.4.0-1.mga5
firefox-nn_NO-45.4.0-1.mga5
firefox-or-45.4.0-1.mga5
firefox-pa_IN-45.4.0-1.mga5
firefox-pl-45.4.0-1.mga5
firefox-pt_BR-45.4.0-1.mga5
firefox-pt_PT-45.4.0-1.mga5
firefox-ro-45.4.0-1.mga5
firefox-ru-45.4.0-1.mga5
firefox-si-45.4.0-1.mga5
firefox-sk-45.4.0-1.mga5
firefox-sl-45.4.0-1.mga5
firefox-sq-45.4.0-1.mga5
firefox-sr-45.4.0-1.mga5
firefox-sv_SE-45.4.0-1.mga5
firefox-ta-45.4.0-1.mga5
firefox-te-45.4.0-1.mga5
firefox-th-45.4.0-1.mga5
firefox-tr-45.4.0-1.mga5
firefox-uk-45.4.0-1.mga5
firefox-uz-45.4.0-1.mga5
firefox-vi-45.4.0-1.mga5
firefox-xh-45.4.0-1.mga5
firefox-zh_CN-45.4.0-1.mga5
firefox-zh_TW-45.4.0-1.mga5

from SRPMS:
rootcerts-20160826.00-1.mga5.src.rpm
nss-3.26.0-1.1.mga5.src.rpm
firefox-45.4.0-2.mga5.src.rpm
firefox-l10n-45.4.0-1.mga5.src.rpm

Assignee: pkg-bugs => qa-bugs

Comment 3 Lewis Smith 2016-09-24 12:00:26 CEST 
Testing M5 x64 real hardware.
firefox-45.4.0-2.mga5
firefox-cy-45.4.0-1.mga5
firefox-fr-45.4.0-1.mga5
firefox-en_GB-45.4.0-1.mga5
nss-3.26.0-1.1.mga5
rootcerts-java-20160826.00-1.mga5
rootcerts-20160826.00-1.mga5

With a mixture of usage including Bugzilla, BBC, videos, sound, all looks OK. Better to have more confirmation before OK'ing this, though.

CC: (none) => lewyssmith

Comment 4 Bill Wilkinson 2016-09-25 16:52:29 CEST 
Tested general browsing, javascript (jetstream), Java and flash plugins, acid3, all OK.

CC: (none) => wrw105
Whiteboard: (none) => has_procedure mga5-64-ok

Comment 5 Thomas Andrews 2016-09-26 03:13:35 CEST 
All looks OK on x64 HP Probook 6550b.

CC: (none) => andrewsfarm

Comment 6 Thomas Andrews 2016-09-27 04:55:44 CEST 
Looks good in both 32 and 64 bit on AMD processor and nvidia video. Tried several websites, all OK.
Thomas Andrews 2016-09-27 04:56:19 CEST

Whiteboard: has_procedure mga5-64-ok => has_procedure mga5-64-ok mga5-32-ok

Comment 7 Brian Rockwell 2016-09-27 19:10:45 CEST 
Tested with 32 bit VM on AMD hardware and AMI video.  No issues.

CC: (none) => brtians1

Dave Hodgins 2016-09-28 03:44:47 CEST

Keywords: (none) => validated_update
Whiteboard: has_procedure mga5-64-ok mga5-32-ok => has_procedure mga5-64-ok mga5-32-ok advisory
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 8 Mageia Robot 2016-09-28 08:00:33 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0329.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED