Mozilla has released Firefox 52.8.1 on June 6: https://www.mozilla.org/en-US/firefox/52.8.1/releasenotes/ Security fix is listed here: https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/ Mageia 5 Firefox still fails to build. Advisory: ======================== Updated firefox packages fix security vulnerability: A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file with anti-aliasing turned off. This results in a potentially exploitable crash (CVE-2018-6126). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6126 https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/ https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ ======================== Updated packages in core/updates_testing: ======================== firefox-52.8.1-1.mga6 firefox-devel-52.8.1-1.mga6 firefox-af-52.8.1-1.mga6 firefox-an-52.8.1-1.mga6 firefox-ar-52.8.1-1.mga6 firefox-as-52.8.1-1.mga6 firefox-ast-52.8.1-1.mga6 firefox-az-52.8.1-1.mga6 firefox-bg-52.8.1-1.mga6 firefox-bn_IN-52.8.1-1.mga6 firefox-bn_BD-52.8.1-1.mga6 firefox-br-52.8.1-1.mga6 firefox-bs-52.8.1-1.mga6 firefox-ca-52.8.1-1.mga6 firefox-cs-52.8.1-1.mga6 firefox-cy-52.8.1-1.mga6 firefox-da-52.8.1-1.mga6 firefox-de-52.8.1-1.mga6 firefox-el-52.8.1-1.mga6 firefox-en_GB-52.8.1-1.mga6 firefox-en_US-52.8.1-1.mga6 firefox-en_ZA-52.8.1-1.mga6 firefox-eo-52.8.1-1.mga6 firefox-es_AR-52.8.1-1.mga6 firefox-es_CL-52.8.1-1.mga6 firefox-es_ES-52.8.1-1.mga6 firefox-es_MX-52.8.1-1.mga6 firefox-et-52.8.1-1.mga6 firefox-eu-52.8.1-1.mga6 firefox-fa-52.8.1-1.mga6 firefox-ff-52.8.1-1.mga6 firefox-fi-52.8.1-1.mga6 firefox-fr-52.8.1-1.mga6 firefox-fy_NL-52.8.1-1.mga6 firefox-ga_IE-52.8.1-1.mga6 firefox-gd-52.8.1-1.mga6 firefox-gl-52.8.1-1.mga6 firefox-gu_IN-52.8.1-1.mga6 firefox-he-52.8.1-1.mga6 firefox-hi_IN-52.8.1-1.mga6 firefox-hr-52.8.1-1.mga6 firefox-hsb-52.8.1-1.mga6 firefox-hu-52.8.1-1.mga6 firefox-hy_AM-52.8.1-1.mga6 firefox-id-52.8.1-1.mga6 firefox-is-52.8.1-1.mga6 firefox-it-52.8.1-1.mga6 firefox-ja-52.8.1-1.mga6 firefox-kk-52.8.1-1.mga6 firefox-km-52.8.1-1.mga6 firefox-kn-52.8.1-1.mga6 firefox-ko-52.8.1-1.mga6 firefox-lij-52.8.1-1.mga6 firefox-lt-52.8.1-1.mga6 firefox-lv-52.8.1-1.mga6 firefox-mai-52.8.1-1.mga6 firefox-mk-52.8.1-1.mga6 firefox-ml-52.8.1-1.mga6 firefox-mr-52.8.1-1.mga6 firefox-ms-52.8.1-1.mga6 firefox-nb_NO-52.8.1-1.mga6 firefox-nl-52.8.1-1.mga6 firefox-nn_NO-52.8.1-1.mga6 firefox-or-52.8.1-1.mga6 firefox-pa_IN-52.8.1-1.mga6 firefox-pl-52.8.1-1.mga6 firefox-pt_BR-52.8.1-1.mga6 firefox-pt_PT-52.8.1-1.mga6 firefox-ro-52.8.1-1.mga6 firefox-ru-52.8.1-1.mga6 firefox-si-52.8.1-1.mga6 firefox-sk-52.8.1-1.mga6 firefox-sl-52.8.1-1.mga6 firefox-sq-52.8.1-1.mga6 firefox-sr-52.8.1-1.mga6 firefox-sv_SE-52.8.1-1.mga6 firefox-ta-52.8.1-1.mga6 firefox-te-52.8.1-1.mga6 firefox-th-52.8.1-1.mga6 firefox-tr-52.8.1-1.mga6 firefox-uk-52.8.1-1.mga6 firefox-uz-52.8.1-1.mga6 firefox-vi-52.8.1-1.mga6 firefox-xh-52.8.1-1.mga6 firefox-zh_CN-52.8.1-1.mga6 firefox-zh_TW-52.8.1-1.mga6 from SRPMS: firefox-52.8.1-1.mga6.src.rpm firefox-l10n-52.8.1-1.mga6.src.rpm
Whiteboard: (none) => has_procedure mga6-64-okCC: (none) => wrw105
Tested mga6-64 general browsing, video (YouTube), java plugin, jetstream, acid3 all OK
Mageia 6, x86_64. Fine here as well. Tried jetstream, Guardian newspaper, Cassini site, Exoplanet catalog with forward link, Youtube scifi. Acid tests behaved as before the update; Acid 2 did not match perfectly and Acid 3 returned 99/100 (one grey rectangle). Tested local php file at localhost:8000 with apache-mod_php after starting the server. That worked.
CC: (none) => tarazed25
64 bit some simple tests OK here too, keep using it. Plasma, Swedish.
CC: (none) => fri
on mga6-64 plasma installed: firefox-en_GB-52.8.1-1.mga6.noarch firefox-52.8.1-1.mga6.x86_64 no regressions noted OK for mga6-64
CC: (none) => jim
on mga6-32 plasma in vbox VM installed: - firefox-52.8.1-1.mga6.i586 - firefox-en_GB-52.8.1-1.mga6.noarch no regressions noted OK for mga6-32
Whiteboard: has_procedure mga6-64-ok => has_procedure mga6-64-ok MGA6-32-OK
Used the 64-bit version to read my morning newspaper and to write this comment. Working OK here, as well.
CC: (none) => andrewsfarm
There is one site I visit where I can crash Firefox 52.x at will. It freezes up if I scroll in a certain way. As long as I avoid that situation, it's fine. Since it's this one site, it's probably their coding that's at fault, but I was hoping that this would fix it, anyway. It didn't. Maybe, when we finally go to Firefox 60 ESR, it will. Maybe not.
tested mga6-32 under virtual box. Tested as above for 64 bit, all ok (with the acid3 caveat of going to 99%) Validating, ready for push when advisory uploaded to svn.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0282.html
Status: NEW => RESOLVEDResolution: (none) => FIXED