tis-firefox-esr 52.5.3-27

  • package : tis-firefox-esr
  • version : 52.5.3-27
  • description : Navigateur Web Firefox ESR extended support
  • maintainer : TIS <technique@tranquil-it-systems.fr>
  • date : 2018-02-27 18:59:48

setup.py

# -*- coding: UTF-8 -*-
from setuphelpers import *

uninstallkey = []

def install():
    version = control.version.split('-',1)[0]
    ukey = 'Mozilla Firefox %s ESR (x86 fr)'%version

    exe = 'Firefox Setup %sesr.exe'%version
    install_exe_if_needed(exe,'-ms',key=ukey,min_version=version,killbefore='firefox.exe')




def update_package():
    """updates the package / control version with the latest stable firefox version"""
    import re,requests,urlparse,glob

    # get index of all dowloads
    """
    #url_base = 'https://download-installer.cdn.mozilla.net/pub/firefox/releases/latest/win32/fr/'
    url_base = 'https://download-installer.cdn.mozilla.net/pub/firefox/releases/43.0/win32/fr/'
    index = wgets(url_base)

    # get list of lastest french versions
    re_setup = re.compile(r'<a href=".*/(Firefox%20Setup%20[0-9.]*.exe)">Firefox Setup .*</a>')
    filename = urlparse.unquote(re_setup.findall(index)[0])
    url = url_base+filename
    """
    url = requests.head('https://download.mozilla.org/?product=firefox-esr-latest&os=win&lang=fr',proxies={}).headers['Location']
    filename = urlparse.unquote(url.rsplit('/',1)[1])

    if not isfile(filename):
        print('Downloading %s from %s'%(filename,url))
        wget(url,filename)

        # updates control version from filename, increment package version.
        control = PackageEntry().load_control_from_wapt ('.')
        control.version = '%s-%s'%(re.findall('Firefox Setup (.*)esr\.exe',filename)[0],int(control.version.split('-',1)[1])+1)
        control.save_control_to_wapt('.')

    # removes old exe
    if isfile(filename):
        exes = glob.glob('Firefox*.exe')
        for fn in exes:
            if fn != filename:
                remove_file(fn)

if __name__ == '__main__':
    update_package()


    

Changelog

Fixed in Firefox ESR 45.6.0
https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/


Fixed in Firefox ESR 38.4
2015-133 NSS and NSPR memory corruption issues
2015-132 Mixed content WebSocket policy bypass through workers
2015-131 Vulnerabilities found through code inspection
2015-130 JavaScript garbage collection crash with Java applet
2015-128 Memory corruption in libjar through zip files
2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
2015-123 Buffer overflow during image interactions in canvas
2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy
2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)

Fixed in Firefox ESR 38.3
2015-113 Memory safety errors in libGLES in the ANGLE graphics library
2015-112 Vulnerabilities found through code inspection
2015-111 Errors in the handling of CORS preflight request headers
2015-110 Dragging and dropping images exposes final URL after redirects
2015-106 Use-after-free while manipulating HTML media content
2015-105 Buffer overflow while decoding WebM video
2015-101 Buffer overflow in libvpx while parsing vp9 format video
2015-100 Arbitrary file manipulation by local user through Mozilla updater
2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)

Fixed in Firefox ESR 38.2.1
2015-95 Add-on notification bypass through data URLs
2015-94 Use-after-free when resizing canvas element during restyling

Fixed in Firefox ESR 38.2
2015-92 Use-after-free in XMLHttpRequest with shared workers
2015-90 Vulnerabilities found through code inspection
2015-89 Buffer overflows on Libvpx when decoding WebM video
2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images
2015-87 Crash when using shared memory in JavaScript
2015-85 Out-of-bounds write with Updater and malicious MAR file
2015-84 Arbitrary file overwriting through Mozilla Maintenance Service with hard links
2015-83 Overflow issues in libstagefright
2015-82 Redefinition of non-configurable JavaScript object properties
2015-80 Out-of-bounds read with malformed MP3 file
2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
    

manifest.sha256

[["WAPT/icon.png", "2c69e9dbacc4844ced213e19c38f684055f22ca6e1047d15b692891239bb0b17"], ["WAPT/certificate.crt", "79e5388683c0b6cb03f4f81e4e58e3a11463b2b6cf169dd9c453098027dcfaa4"], ["WAPT/wapt.psproj", "6ced6d42441ea2be5dab71026935e7cce930ae4a6c5e1cf5e03686153e435726"], ["Firefox Setup 52.5.3esr.exe", "fde2b1efdc2ed69236b339fd8d68f124a2e2278d4c8095e36f2939964cc150b8"], ["setup.py", "f71be48ea2eeeb3b70dc233bce1d513be4253180e0a955c3578c8ccf219960fd"], ["WAPT/control", "66d629b791996652e83877630105c9ef7212544a120edf2cc50565ea46347cca"], ["WAPT/changelog.txt", "c275155909106d4a99ffcddd80b2905b6f2bc10a10a8d1be26f167e5797e0e4d"]]