3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/pkgs/applications/networking/browsers
Andreas Rammhold e7785f1148
firefox: 62.0.2 -> 62.0.3 [critical security fixes]
This update bumps the package to the latest stable version containing a
few security fixes:

- CVE-2018-12386: Type confusion in JavaScript
  A vulnerability in register allocation in JavaScript can lead to type
  confusion, allowing for an arbitrary read and write. This leads to
  remote code execution inside the sandboxed content process when
  triggered.

- CVE-2018-12387
  A vulnerability where the JavaScript JIT compiler inlines
  Array.prototype.push with multiple arguments that results in the stack
  pointer being off by 8 bytes after a bailout. This leaks a memory
  address to the calling function which can be used as part of an
  exploit inside the sandboxed content process.

Source: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
2018-10-03 09:51:13 +02:00
..
arora arora: use fetchFromGitHub 2017-11-03 19:18:58 +00:00
browsh browsh: 1.4.10 -> 1.4.13 2018-09-28 15:32:02 -07:00
chromium flashplayer: 30.0.0.154 -> 31.0.0.108 2018-09-14 08:12:12 +09:00
conkeror conkeror: 1.0.3 -> 1.0.4 2018-03-03 14:19:39 +11:00
dillo Merge branch 'master' into staging-next 2018-08-12 10:33:41 +02:00
elinks elinks: Simplify cross, no crossAttrs or crossConfig 2017-09-05 13:25:21 -04:00
eolie eolie: 0.9.36 -> 0.9.37 (#47345) 2018-09-25 20:16:03 +02:00
falkon pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
firefox firefox: 62.0.2 -> 62.0.3 [critical security fixes] 2018-10-03 09:51:13 +02:00
firefox-bin firefox-bin: 62.0.2 -> 62.0.3 [critical security fixes] 2018-10-03 09:35:54 +02:00
google-chrome google-chrome: fix native inputs, otherwise uses wrong patchelf 2018-09-28 11:43:16 -05:00
links2 links2: 2.16 -> 2.17 2018-09-20 08:34:23 -07:00
luakit luakit: init at 2018.08.10 2018-03-18 12:17:59 +01:00
lynx pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
midori tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
mozilla-plugins mozilla-plugins/trezor: remove applications/networking/browsers/mozilla-plugins/trezor 2018-09-29 12:24:43 +02:00
opera gnome3.gconf: remove 2018-07-10 12:14:40 +02:00
otter otter-browser: 0.9.96 -> 0.9.99.3 (#46217) 2018-09-28 21:09:26 +02:00
palemoon Palemoon: 27.9.2 -> 27.9.4 (#44502) 2018-08-07 23:38:14 +02:00
qtchan qtchan: Fixes build from Qt upgrade. (#46082) 2018-09-05 08:23:29 +02:00
qutebrowser qutebrowser: patch all python scripts 2018-09-12 03:35:26 +02:00
surf tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
tor-browser-bundle treewide: write better docstrings for tor-browser things 2018-08-31 03:33:25 +00:00
tor-browser-bundle-bin tor-browser-bundle-bin: 8.0 -> 8.0.1 2018-09-22 20:13:55 +02:00
uzbl treewide: fix derivation names 2018-05-28 05:59:57 -07:00
vimb tree-wide: autorename gnome packages to use dashes 2018-02-25 17:41:16 +01:00
vimprobable2 pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
vivaldi vivaldi: 1.15.1147.64-1 -> 2.0.1309.29-2 2018-09-27 00:50:57 +02:00
w3m w3m: add license 2018-08-04 16:08:03 +02:00