tis-firefox-esr 52.2.0-12

  • package : tis-firefox-esr
  • version : 52.2.0-12
  • description : Navigateur Web Firefox ESR extended support
  • maintainer : TIS <technique@tranquil-it-systems.fr>
  • date : 2017-07-20 15:52:25

setup.py

# -*- coding: UTF-8 -*-
from setuphelpers import *

uninstallkey = []

def install_location(uninstallkey):
    """Return the install location of the software given its uninstall key
        or None if not found
    >>> install_location('winscp3_is1')
    u'C:\\Program Files\\WinSCP\\'
    """
    for soft in installed_softwares(uninstallkey=uninstallkey):
        return soft.get('install_location',None)


def install():
    version = control.version.split('-',1)[0]
    ukey = 'Mozilla Firefox %s ESR (x86 fr)'%version

    exe = 'Firefox Setup %sesr.exe'%version
    install_exe_if_needed(exe,'-ms',key=ukey,min_version=version,killbefore='firefox.exe')

    print("Disabling auto update")
    filecopyto("mozilla.cfg",makepath(install_location('Mozilla Firefox %s ESR (x86 fr)' %version )))
    filecopyto("local-settings.js",makepath(install_location('Mozilla Firefox %s ESR (x86 fr)' %version ),"defaults","pref"))

    print ("Disabling profile migration from ie")
    filecopyto("override.ini",makepath(install_location('Mozilla Firefox %s ESR (x86 fr)' %version ),"browser"))

    print ("Override User UI")
    ensure_dir(makepath(install_location('Mozilla Firefox %s ESR (x86 fr)' %version ),"browser","defaults","profile","chrome",""))
    filecopyto("userChrome.css",makepath(install_location('Mozilla Firefox %s ESR (x86 fr)' %version ),"browser","defaults","profile","chrome"))

    """
    print ("Deploy extensions")
    ensure_dir(makepath(programfiles32,"Mozilla Firefox","browser","extensions",""))
    copytree2("extensions",makepath(programfiles32,"Mozilla Firefox","browser","extensions"))
    """

def update_package():
    """updates the package / control version with the latest stable firefox version"""
    import re,requests,urlparse,glob

    # get index of all dowloads
    """
    #url_base = 'https://download-installer.cdn.mozilla.net/pub/firefox/releases/latest/win32/fr/'
    url_base = 'https://download-installer.cdn.mozilla.net/pub/firefox/releases/43.0/win32/fr/'
    index = wgets(url_base)

    # get list of lastest french versions
    re_setup = re.compile(r'<a href=".*/(Firefox%20Setup%20[0-9.]*.exe)">Firefox Setup .*</a>')
    filename = urlparse.unquote(re_setup.findall(index)[0])
    url = url_base+filename
    """
    url = requests.head('https://download.mozilla.org/?product=firefox-esr-latest&os=win&lang=fr',proxies={}).headers['Location']
    filename = urlparse.unquote(url.rsplit('/',1)[1])

    if not isfile(filename):
        print('Downloading %s from %s'%(filename,url))
        wget(url,filename)

        # updates control version from filename, increment package version.
        control = PackageEntry().load_control_from_wapt ('.')
        control.version = '%s-%s'%(re.findall('Firefox Setup (.*)esr\.exe',filename)[0],int(control.version.split('-',1)[1])+1)
        control.save_control_to_wapt('.')

    # removes old exe
    if isfile(filename):
        exes = glob.glob('Firefox*.exe')
        for fn in exes:
            if fn != filename:
                remove_file(fn)

if __name__ == '__main__':
    update_package()


    

Changelog

Fixed in Firefox ESR 45.6.0
https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/


Fixed in Firefox ESR 38.4
2015-133 NSS and NSPR memory corruption issues
2015-132 Mixed content WebSocket policy bypass through workers
2015-131 Vulnerabilities found through code inspection
2015-130 JavaScript garbage collection crash with Java applet
2015-128 Memory corruption in libjar through zip files
2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
2015-123 Buffer overflow during image interactions in canvas
2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy
2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)

Fixed in Firefox ESR 38.3
2015-113 Memory safety errors in libGLES in the ANGLE graphics library
2015-112 Vulnerabilities found through code inspection
2015-111 Errors in the handling of CORS preflight request headers
2015-110 Dragging and dropping images exposes final URL after redirects
2015-106 Use-after-free while manipulating HTML media content
2015-105 Buffer overflow while decoding WebM video
2015-101 Buffer overflow in libvpx while parsing vp9 format video
2015-100 Arbitrary file manipulation by local user through Mozilla updater
2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)

Fixed in Firefox ESR 38.2.1
2015-95 Add-on notification bypass through data URLs
2015-94 Use-after-free when resizing canvas element during restyling

Fixed in Firefox ESR 38.2
2015-92 Use-after-free in XMLHttpRequest with shared workers
2015-90 Vulnerabilities found through code inspection
2015-89 Buffer overflows on Libvpx when decoding WebM video
2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
2015-87 Crash when using shared memory in JavaScript
2015-85 Out-of-bounds write with Updater and malicious MAR file
2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links
2015-83 Overflow issues in libstagefright
2015-82 Redefinition of non-configurable JavaScript object properties
2015-80 Out-of-bounds read with malformed MP3 file
2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
    

manifest.sha256

[["override.ini", "3c930ba0fce98f0a232101b76885a8fade8edd4a6ea19a00d372aaff426f0125"], ["local-settings.js", "78498a0d8c1e6b137e93081a785aacf63fccc3fb8f7ea04354d48224f5e1b357"], ["Firefox Setup 52.2.0esr.exe", "f1de4cf14f78bb799e6ae061498fab2697e25140b1e370b6d5e52ae562280684"], ["WAPT/certificate.crt", "20f25d6b242159077345379865f8e0d84bdc9e4764190f1aa6cb3816bcabd341"], ["WAPT/wapt.psproj", "795d36d10109ca85357285f79090fac2be856e5830ea31fa913cc55cb825807b"], ["WAPT/icon.png", "2c69e9dbacc4844ced213e19c38f684055f22ca6e1047d15b692891239bb0b17"], ["setup.py", "d2974d39adde68d3f8115461e1029b6bd943de345cb34e5d47a2c4f1dc28decf"], ["WAPT/changelog.txt", "c275155909106d4a99ffcddd80b2905b6f2bc10a10a8d1be26f167e5797e0e4d"], ["userChrome.css", "46620dc25abe0400e625a0f078fc3ad9c4a668e0f880a7b451feb7d4fc084c26"], ["WAPT/control", "c67248e1f5155fc796714f7db40b137c46ad0593cdd228dbe3469cb0b2510fe7"], ["mozilla.cfg", "c040bfb2dafba2d9b1b3632d91f2f0fe7ccf52f2a4d9db18a330ce54f53314ec"]]