Security:
- CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement
- CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
- CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
- CVE-2019-17017: Type Confusion in XPCVariant.cpp
- CVE-2019-17019: Python files could be inadvertently executed upon opening a download
- CVE-2019-17020: Content Security Policy not applied to XSL stylesheets applied to XML documents
- CVE-2019-17022: CSS sanitization does not escape HTML tags
- CVE-2019-17023: NSS may negotiate TLS 1.2 or below after a TLS 1.3 HelloRetryRequest had been sent
- CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
- CVE-2019-17025: Memory safety bugs fixed in Firefox 72
Packaging:
- Replace Mozilla Location Service API key [see here](https://blog.mozilla.org/services/2019/09/03/a-new-policy-for-mozilla-location-service/)
- Do not force `layers.acceleration.force-enable` to `false` anymore in the default preferences
Resolves T8588
Signed-off-by: Pierre-Yves <pyu@riseup.net>
Summary:
Security:
- CVE-2019-9810: IonMonkey MArraySlice has incorrect alias information
- CVE-2019-9813: Ionmonkey type confusion with __proto__ mutations
- CVE-2019-9790: Use-after-free when removing in-use DOM elements
- CVE-2019-9791: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey
- CVE-2019-9792: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
- CVE-2019-9793: Improper bounds checks when Spectre mitigations are disabled
- CVE-2019-9794: Command line arguments not discarded during execution
- CVE-2019-9795: Type-confusion in IonMonkey JIT compiler
- CVE-2019-9796: Use-after-free with SMIL animation controller
- CVE-2019-9797: Cross-origin theft of images with createImageBitmap
- CVE-2019-9798: Library is loaded from world writable APITRACE_LIB location
- CVE-2019-9799: Information disclosure via IPC channel messages
- CVE-2019-9802: Chrome process information leak
- CVE-2019-9803: Upgrade-Insecure-Requests incorrectly enforced for same-origin navigation
- CVE-2019-9805: Potential use of uninitialized memory in Prio
- CVE-2019-9806: Denial of service through successive FTP authorization prompts
- CVE-2019-9807: Text sent through FTP connection can be incorporated into alert messages
- CVE-2019-9809: Denial of service through FTP modal alert error messages
- CVE-2019-9808: WebRTC permissions can display incorrect origin with data: and blob: URLs
- CVE-2019-9789: Memory safety bugs fixed in Firefox 66
- CVE-2019-9788: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6
Packaging:
- Set `widget.content.gtk-theme-override` to `Adwaita:light` in the preferences to workaround unreadable dark input fields
Release notes available [here](https://www.mozilla.org/en-US/firefox/66.0/releasenotes/)
Resolves T7722
Signed-off-by: Pierre-Yves <pyu@riseup.net>
Test Plan: Browse a few web sites, check input fields
Reviewers: #triage_team, JoshStrobl
Reviewed By: #triage_team, JoshStrobl
Subscribers: JoshStrobl
Maniphest Tasks: T7722
Differential Revision: https://dev.getsol.us/D5831
Summary: Signed-off-by: Pierre-Yves <pyu@riseup.net>
Test Plan: @Girtablulu reported problem fixed for him when HW acceleration is disabled
Reviewers: #triage_team, JoshStrobl
Reviewed By: #triage_team, JoshStrobl
Subscribers: JoshStrobl, Girtablulu
Differential Revision: https://dev.getsol.us/D4404
Summary:
- Games using WebGL (created in Unity) get stucks after very short time of gameplay
- Slow page loading for some users with specific proxy configurations
- Disable HTTP response throttling by default for causing bugs with videos in background tabs
- Opening magnet links no longer works
- Crash fixes
Signed-off-by: Pierre-Yves <pyu@riseup.net>
Test Plan: Browse a few web sites and play a video on YT
Reviewers: #triage_team, DataDrake
Reviewed By: #triage_team, DataDrake
Subscribers: DataDrake
Differential Revision: https://dev.getsol.us/D4374
It has usability issues under Plasma where it is impossible to manually
resize with the edges (common to all CSD apps under KWin it would seem),
and under Budgie we see weird pixelation around the CSD edges.
Long story short CSD support in Firefox isn't *completely* baked yet, so
we'll allow users to turn it on if they wish, just don't make it default.
Signed-off-by: Ikey Doherty <ikey@solus-project.com>
Summary:
[Security fixes](https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/) to address the Meltdown and Spectre timing attacks
Packaging:
- Enable Mozilla location service
Signed-off-by: Pierre-Yves <pyu@riseup.net>
Test Plan: Browsed a few websites and played a video
Reviewers: #triage_team, JoshStrobl
Reviewed By: #triage_team, JoshStrobl
Tags: #security
Differential Revision: https://dev.solus-project.com/D1880
Summary:
- Remove default theme from Mozilla Firefox
Fixes T4036
Signed-off-by: Pierre-Yves <pyu@riseup.net>
Test Plan:
- Open firefox with a new profile
- Default theme is displayed
- In add-ons -> apparence, only the Default & 2 Compact themes are shown
Reviewers: #triage_team, ikey
Reviewed By: #triage_team, ikey
Subscribers: ikey
Maniphest Tasks: T4036
Differential Revision: https://dev.solus-project.com/D565
This change forces Firefox onto the release channel so that it is
considered for e10s. As our Firefox build includes the e10srollout
extension by default, we ensure it's activated first by overriding
the remote autostart property. Testing shows this wasn't always the
case with a fresh profile.
As an aside, we do not disable or alter the extension checking logic,
so if Firefox deems the extensions as non compliant, we'll not force
it on and break anything. With the current beta channel of Firefox
54, multiprocessing is enabled by default, so it stands to reason
that on the next update this pref override is unnecessary, and then
we'll be working with 4 minimum processes.
Signed-off-by: Ikey Doherty <ikey@solus-project.com>
