(Mozilla 1462682, changeset 467911:784deba19077) (MFSA 2018-14) (CVE-2018-6126) Skia path bounds rounding fix | r=rhunt, a=RyanVM #609
Comments
grahamperrin
changed the title
|
@grahamperrin you might want to check the other security bugs fixed on ESR channel to see if applicable to Waterfox. Compare branch Some of these are security bugs but not listed in https://github.com/mozilla/foundation-security-advisories |
|
@PandaCodex thanks, I made this issue specific to CVE-2018-6126 primarily in response to the concern that was raised in Reddit. On one hand, a pull request to fix this (one) issue might aim to also address other security issues. On the other hand, mindful of both:
– I should lean towards a focused PR that will be actionable with minimal perceived delay. That's just my two-penneth, as an interested observer. Whilst I'm not well-placed to open the PR (I'm a muddler), https://hg.mozilla.org/mozilla-unified/rev/784deba19077 does (from my uneducated PoV) appear simple, so I should encourage anyone who has, or would like, the skill set to have a go at a PR :-) |
|
Off-topic: Any chance of porting InternalError503/cyberfox@23f3219 and InternalError503/cyberfox@a2745ef over? Having those two features would be great. |
Off-topic: @Peacock365 Sure i can do that currently working on a security bug in another program but once done will create PR's for waterfox. |
|
@MrAlex94 Were all the other security bugs applied to the latest release of Waterfox. Some were not posted in the advisories but were patched in latest Firefox release so if you only patched the security bug from https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/ then some are missing in current Waterfox release |
|
Let's aim for discussion of open issues in the open area (not under a closed issue). Thanks. |
www/waterfox/files/patch-bug1462682at freebsd/freebsd-ports-kde@26d58ab#diff-65d123a91cc0e06c9fb71d68b3e3a83f is one of three files changed in www/waterfox: apply some FF61 fixes · freebsd/freebsd-ports-kde@26d58ab committed by @jbeichUsers of Waterfox on other platforms (Linux, Mac OS X, Windows) may consider the preferences at:
Additional information
Skia Graphics Library
Skia has just been updated to match release branch. Please build and test! · Issue #553 · MrAlex94/Waterfox (2018-05-12, closed 2018-05-23)
mozilla-unified: changeset 467911:784deba19077 (2018-05-25
Security vulnerabilities fixed in Firefox 60.0.2, ESR 60.0.2, and ESR 52.8.1 — Mozilla (2018-06-06) refers to one vulnerability and one Mozilla bug:
https://redd.it/8pkxqr (2018-06-08)
Meta, tracking
#538
The text was updated successfully, but these errors were encountered: