tis-config-for-firefox 4

  • package : tis-config-for-firefox
  • version : 4
  • description : Config for Mozilla Firefox
  • maintainer : TIS <technique@tranquil-it-systems.fr>
  • date : 2018-02-27 18:58:29
  • Depends :

setup.py

# -*- coding: UTF-8 -*-
from setuphelpers import *

uninstallkey = []

def install():

    for firefox in installed_softwares('Mozilla Firefox'):
        locfirefox = firefox['install_location']

        filecopyto("mozilla.cfg",locfirefox)
        filecopyto("local-settings.js",makepath(locfirefox,"defaults","pref"))

        print ("Disabling profile migration from ie")
        filecopyto("override.ini",makepath(locfirefox,"browser"))

        print ("Override User UI")
        ensure_dir(makepath(locfirefox,"browser","defaults","profile","chrome",""))
        filecopyto("userChrome.css",makepath(locfirefox,"browser","defaults","profile","chrome"))

    

Changelog

Fixed in Firefox ESR 45.6.0
https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/


Fixed in Firefox ESR 38.4
2015-133 NSS and NSPR memory corruption issues
2015-132 Mixed content WebSocket policy bypass through workers
2015-131 Vulnerabilities found through code inspection
2015-130 JavaScript garbage collection crash with Java applet
2015-128 Memory corruption in libjar through zip files
2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
2015-123 Buffer overflow during image interactions in canvas
2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy
2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)

Fixed in Firefox ESR 38.3
2015-113 Memory safety errors in libGLES in the ANGLE graphics library
2015-112 Vulnerabilities found through code inspection
2015-111 Errors in the handling of CORS preflight request headers
2015-110 Dragging and dropping images exposes final URL after redirects
2015-106 Use-after-free while manipulating HTML media content
2015-105 Buffer overflow while decoding WebM video
2015-101 Buffer overflow in libvpx while parsing vp9 format video
2015-100 Arbitrary file manipulation by local user through Mozilla updater
2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)

Fixed in Firefox ESR 38.2.1
2015-95 Add-on notification bypass through data URLs
2015-94 Use-after-free when resizing canvas element during restyling

Fixed in Firefox ESR 38.2
2015-92 Use-after-free in XMLHttpRequest with shared workers
2015-90 Vulnerabilities found through code inspection
2015-89 Buffer overflows on Libvpx when decoding WebM video
2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
2015-87 Crash when using shared memory in JavaScript
2015-85 Out-of-bounds write with Updater and malicious MAR file
2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links
2015-83 Overflow issues in libstagefright
2015-82 Redefinition of non-configurable JavaScript object properties
2015-80 Out-of-bounds read with malformed MP3 file
2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
    

manifest.sha256

[["override.ini", "3c930ba0fce98f0a232101b76885a8fade8edd4a6ea19a00d372aaff426f0125"], ["local-settings.js", "78498a0d8c1e6b137e93081a785aacf63fccc3fb8f7ea04354d48224f5e1b357"], ["WAPT/icon.png", "2c69e9dbacc4844ced213e19c38f684055f22ca6e1047d15b692891239bb0b17"], ["WAPT/certificate.crt", "79e5388683c0b6cb03f4f81e4e58e3a11463b2b6cf169dd9c453098027dcfaa4"], ["WAPT/wapt.psproj", "c5a1697bf6e134989a9870764995725626a8f5055b640e541b569d1a927363fc"], ["setup.py", "df314ba67b0955036a3f8b85edf92f946053a4ba19b344de0be9a8d2733d76a8"], ["mozilla.cfg", "06192b7ac05676889700ae2f00cc8d65ea08e66a64cf41259548d0967fe3f1f9"], ["userChrome.css", "46620dc25abe0400e625a0f078fc3ad9c4a668e0f880a7b451feb7d4fc084c26"], ["WAPT/control", "41ed12e066f4f42d882011f3fa26a80defaaf432eb27a3298333aeb34c03ddfa"], ["WAPT/changelog.txt", "c275155909106d4a99ffcddd80b2905b6f2bc10a10a8d1be26f167e5797e0e4d"]]
    

Forum feed

WAPT Packages / Paquets WAPT • Re: chiffrer ses pass wapt
Dans ce cas Il faut faire un script python à coté qui tourne en tâche planifiée.

Ne pas le faire dans un paquet. Sinon on est justement obligé de mettre les mots de passe dans le paquet.

Algo du script:

- Parcours de la base de donnée
- Pour chaque poste, analyser l'inventaire pour savoir ce qu'il faut ajouter en dépendance.

CODE :

data = json.loads(wgets('https://%s:%s@%s/api/v1/hosts?columns=host_certificate&limit=10000' % (user,password,urlserver)))for value in data['result']:blabalba
- Editer le paquet machine.
- ajouter les dépendances
- uploader le paquet machine.

CODE :

    myWapt = Wapt(config_filename=makepath(r'C:\Users\Administrateur\AppData\Local\waptconsole\waptconsole.ini'))    tmpdir = 'c:/dummy'    myWapt.edit_host(machine,target_directory=tmpdir,append_depends='tis-firefox')    myWapt.build_upload(r'c:\waptdev\test',private_key_passwd=ur'passwordkey',wapt_server_user='admin',wapt_server_passwd=ur'passwordserver')

Statistiques: Posté par sfonteneau — 19 juillet 2018, 16:34


WAPT Packages / Paquets WAPT • Re: chiffrer ses pass wapt
Je suis d'accord que stocker le mot de passe dans un script d'un paquet c'est contre productif. Je vous explique :
Je voulais créer mes groupes d'utilisateurs en fonctions de leur nom d’hôte. J'ai donc créé mes paquets groupes et codé mon script. En fonction du hostname du client le package mnt-dispatch install le package groupe correspondant. Dans un premier temps j'ai utilisé Wapt.install(nom_du_groupe) mais cela pose un problème : le paquet est installé sur le poste mais ne devient pas une dépendance ! Voila pourquoi j'ai voulu remplacer Wapt.install() par Wapt.edit_host() & Wapt.build_upload() car edit_host, contrairement à install me permet d'ajouter une dépendance au paquet host.

Voila le code du setup.py du paquet mnt-dispatch :

CODE :

def install():    print('Start dispatching')    myWapt = Wapt(config_filename = makepath('c:', programfiles32, 'wapt', 'wapt-get.ini'))    print("write into ini file")    inifile_writestring(WAPT.config_filename, 'global', 'personal_certificate_path', '\\\\**************\c$\private\********.crt')    print("get hostname and computername")    computer_name = environ['COMPUTERNAME']    print('computer name = %s'%computer_name)    host_name = myWapt.host_packagename()    print('host name = %s'%host_name)    pathToTempDirectory = r'C:\Temp\%s'%computer_name    if isdir(pathToTempDirectory):        print('remove temp tree : ' + pathToTempDirectory)        remove_tree(pathToTempDirectory)    print('site name :')    site_name = computer_name[0:4]    print("site name is : %s" %site_name)    group_name = alias_groupe.get(switcher.get(site_name, 0), 'hors-lot')    print("group name is : %s"%group_name)    myWapt.edit_host(host_name, target_directory = "C:\Temp\%s"%computer_name, append_depends = group_name)    myWapt.build_upload(r'C:\Temp\%s'%(computer_name), private_key_passwd = '***', wapt_server_user = 'admin', wapt_server_passwd = '***')    return 0
Comprenez vous un peu mieux mon problème ? Pardon si ce n'est pas clair.

Statistiques: Posté par louisinger — 19 juillet 2018, 15:51


WAPT Packages / Paquets WAPT • Re: [OK] Impossible d'éditer un paquet host à travers un script

CODE :

    myWapt = Wapt(config_filename=makepath(r'C:\Users\Administrateur\AppData\Local\waptconsole\waptconsole.ini'))    tmpdir = 'c:/dummy'    myWapt.edit_host('dummy.tranquilit.local',target_directory=tmpdir,append_depends='tis-firefox')    myWapt.build_upload(r'c:\waptdev\test',private_key_passwd=ur'passwordkey',wapt_server_user='admin',wapt_server_passwd=ur'passwordserver')

Statistiques: Posté par sfonteneau — 18 juillet 2018, 23:49