[#251193] p9 EPERM firefox.git=68.8.0-alt1
Girar Builder awaiter robot
girar-builder at altlinux.org
Tue May 5 20:27:44 MSK 2020
http://git.altlinux.org/tasks/251193/logs/events.1.1.log
2020-May-05 16:29:47 :: task #251193 for p9 started by cas:
2020-May-05 16:29:47 :: message: new_version_with_security_fixes
#100 build 68.8.0-alt1 from /people/cas/packages/firefox.git fetched at 2020-May-05 15:08:04
2020-May-05 16:29:48 :: [aarch64] #100 firefox.git 68.8.0-alt1: build start
2020-May-05 16:29:48 :: [ppc64le] #100 firefox.git 68.8.0-alt1: build start
2020-May-05 16:29:48 :: [x86_64] #100 firefox.git 68.8.0-alt1: build start
2020-May-05 16:29:48 :: [i586] #100 firefox.git 68.8.0-alt1: build start
2020-May-05 17:10:25 :: [x86_64] #100 firefox.git 68.8.0-alt1: build OK
2020-May-05 17:16:21 :: [i586] #100 firefox.git 68.8.0-alt1: build OK
2020-May-05 17:19:17 :: [aarch64] #100 firefox.git 68.8.0-alt1: build OK
2020-May-05 17:22:09 :: [ppc64le] #100 firefox.git 68.8.0-alt1: build OK
2020-May-05 17:22:38 :: #100: firefox.git 68.8.0-alt1: build check OK
2020-May-05 17:22:38 :: build check OK
2020-May-05 17:23:33 :: noarch check OK
2020-May-05 17:23:35 :: plan: src +1 -1 =17883, aarch64 +2 -2 =29828, i586 +2 -2 =32021, noarch +1 -1 =18638, ppc64le +2 -2 =30178, x86_64 +2 -2 =32332
2020-May-05 17:23:35 :: version check OK
#100 firefox-esr 68.7.0-alt1 -> 68.8.0-alt1
Tue May 05 2020 Andrey Cherepanov <cas at altlinux> 68.8.0-alt1
- New ESR version (68.8.0).
- Fixes:
+ CVE-2020-12387 Use-after-free during worker shutdown
+ CVE-2020-12388 Sandbox escape with improperly guarded Access Tokens
+ CVE-2020-12389 Sandbox escape with improperly separated process types
+ CVE-2020-6831 Buffer overflow in SCTP chunk input validation
+ CVE-2020-12392 Arbitrary local file access with 'Copy as cURL'
+ CVE-2020-12393 Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection
+ CVE-2020-12395 Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
2020-May-05 17:23:35 :: firefox-esr: mentions vulnerabilities: CVE-2020-12387 CVE-2020-12388 CVE-2020-12389 CVE-2020-6831 CVE-2020-12392 CVE-2020-12393 CVE-2020-12395
2020-May-05 17:24:29 :: generated apt indices
2020-May-05 17:24:29 :: created next repo
2020-May-05 17:24:59 :: dependencies check OK
2020-May-05 17:25:34 :: [x86_64 i586 aarch64 ppc64le] ELF symbols check OK
2020-May-05 17:25:59 :: [x86_64] #100 firefox-esr: install check OK
2020-May-05 17:26:00 :: [i586] #100 firefox-esr: install check OK
2020-May-05 17:26:16 :: [x86_64] #100 firefox-esr-debuginfo: install check OK
2020-May-05 17:26:17 :: [i586] #100 firefox-esr-debuginfo: install check OK
2020-May-05 17:26:31 :: [x86_64] #100 firefox-esr-wayland: install check OK
2020-May-05 17:26:35 :: [i586] #100 firefox-esr-wayland: install check OK
2020-May-05 17:26:35 :: [x86_64-i586] plan: #1 +1 -1 =10643
2020-May-05 17:27:14 :: [x86_64-i586] arepo build OK
2020-May-05 17:27:31 :: [x86_64-i586] generated apt indices
2020-May-05 17:27:31 :: [x86_64-i586] created next repo
2020-May-05 17:27:40 :: [x86_64-i586] dependencies check OK
2020-May-05 17:27:42 :: gears inheritance check OK
2020-May-05 17:27:42 :: srpm inheritance check OK
girar-check-perms: access to @maint ALLOWED for cas: member of approved group
check-subtask-perms: #100: firefox-esr: allowed for cas, needs an approval from a member of @tester group
2020-May-05 17:27:43 :: acl check FAILED
2020-May-05 17:27:43 :: task #251193 for p9 EPERM
More information about the Sisyphus-incominger
mailing list