tis-firefox-esr-en 52.4.1-19

  • package : tis-firefox-esr-en
  • version : 52.4.1-19
  • description : Web browser english US Web Firefox ESR extended support
  • maintainer : TIS <technique@tranquil-it-systems.fr>
  • date : 2018-02-27 18:59:54


# -*- coding: UTF-8 -*-
from setuphelpers import *

uninstallkey = []

def install():
    version = control.version.split('-',1)[0]
    ukey = 'Mozilla Firefox %s ESR (x86 en-US)'%version

    exe = 'Firefox Setup %sesr.exe'%version

def update_package():
    """updates the package / control version with the latest stable firefox version"""
    import re,requests,urlparse,glob

    # get index of all dowloads
    url = requests.head('https://download.mozilla.org/?product=firefox-esr-latest&os=win&lang=en-US',proxies={}).headers['Location']
    filename = urlparse.unquote(url.rsplit('/',1)[1])

    if not isfile(filename):
        print('Downloading %s from %s'%(filename,url))

        # updates control version from filename, increment package version.
        control = PackageEntry().load_control_from_wapt ('.')
        control.version = '%s-%s'%(re.findall('Firefox Setup (.*)esr\.exe',filename)[0],int(control.version.split('-',1)[1])+1)

    # removes old exe
    if isfile(filename):
        exes = glob.glob('Firefox*.exe')
        for fn in exes:
            if fn != filename:

if __name__ == '__main__':



Fixed in Firefox ESR 45.6.0

Fixed in Firefox ESR 38.4
2015-133 NSS and NSPR memory corruption issues
2015-132 Mixed content WebSocket policy bypass through workers
2015-131 Vulnerabilities found through code inspection
2015-130 JavaScript garbage collection crash with Java applet
2015-128 Memory corruption in libjar through zip files
2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
2015-123 Buffer overflow during image interactions in canvas
2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy
2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)

Fixed in Firefox ESR 38.3
2015-113 Memory safety errors in libGLES in the ANGLE graphics library
2015-112 Vulnerabilities found through code inspection
2015-111 Errors in the handling of CORS preflight request headers
2015-110 Dragging and dropping images exposes final URL after redirects
2015-106 Use-after-free while manipulating HTML media content
2015-105 Buffer overflow while decoding WebM video
2015-101 Buffer overflow in libvpx while parsing vp9 format video
2015-100 Arbitrary file manipulation by local user through Mozilla updater
2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)

Fixed in Firefox ESR 38.2.1
2015-95 Add-on notification bypass through data URLs
2015-94 Use-after-free when resizing canvas element during restyling

Fixed in Firefox ESR 38.2
2015-92 Use-after-free in XMLHttpRequest with shared workers
2015-90 Vulnerabilities found through code inspection
2015-89 Buffer overflows on Libvpx when decoding WebM video
2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
2015-87 Crash when using shared memory in JavaScript
2015-85 Out-of-bounds write with Updater and malicious MAR file
2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links
2015-83 Overflow issues in libstagefright
2015-82 Redefinition of non-configurable JavaScript object properties
2015-80 Out-of-bounds read with malformed MP3 file
2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)


[["WAPT/icon.png", "2c69e9dbacc4844ced213e19c38f684055f22ca6e1047d15b692891239bb0b17"], ["WAPT/certificate.crt", "79e5388683c0b6cb03f4f81e4e58e3a11463b2b6cf169dd9c453098027dcfaa4"], ["WAPT/wapt.psproj", "795d36d10109ca85357285f79090fac2be856e5830ea31fa913cc55cb825807b"], ["setup.py", "c3ac5638d90a76e79115a1226c76bf7f5fd226712d69df1ac2018eee9cfc0b25"], ["Firefox Setup 52.4.1esr.exe", "7d160a487324325a73a6dc038d1de3d936b754023dca63dfc77bdad2b898cd68"], ["WAPT/control", "a332103cd1f0533233bbacdb1074f1cd57698ca7fc99d90e990fd545611c31de"], ["WAPT/changelog.txt", "c275155909106d4a99ffcddd80b2905b6f2bc10a10a8d1be26f167e5797e0e4d"]]

Forum feed

WAPT Packages / Paquets WAPT • Re: chiffrer ses pass wapt
Dans ce cas Il faut faire un script python à coté qui tourne en tâche planifiée.

Ne pas le faire dans un paquet. Sinon on est justement obligé de mettre les mots de passe dans le paquet.

Algo du script:

- Parcours de la base de donnée
- Pour chaque poste, analyser l'inventaire pour savoir ce qu'il faut ajouter en dépendance.


data = json.loads(wgets('https://%s:%s@%s/api/v1/hosts?columns=host_certificate&limit=10000' % (user,password,urlserver)))for value in data['result']:blabalba
- Editer le paquet machine.
- ajouter les dépendances
- uploader le paquet machine.


    myWapt = Wapt(config_filename=makepath(r'C:\Users\Administrateur\AppData\Local\waptconsole\waptconsole.ini'))    tmpdir = 'c:/dummy'    myWapt.edit_host(machine,target_directory=tmpdir,append_depends='tis-firefox')    myWapt.build_upload(r'c:\waptdev\test',private_key_passwd=ur'passwordkey',wapt_server_user='admin',wapt_server_passwd=ur'passwordserver')

Statistiques: Posté par sfonteneau — 19 juillet 2018, 16:34

WAPT Packages / Paquets WAPT • Re: [OK] Impossible d'éditer un paquet host à travers un script


    myWapt = Wapt(config_filename=makepath(r'C:\Users\Administrateur\AppData\Local\waptconsole\waptconsole.ini'))    tmpdir = 'c:/dummy'    myWapt.edit_host('dummy.tranquilit.local',target_directory=tmpdir,append_depends='tis-firefox')    myWapt.build_upload(r'c:\waptdev\test',private_key_passwd=ur'passwordkey',wapt_server_user='admin',wapt_server_passwd=ur'passwordserver')

Statistiques: Posté par sfonteneau — 18 juillet 2018, 23:49