[#380009] DONE (try 2) firefox.git=137.0-alt1
Girar pender (rauty)
girar-builder at altlinux.org
Wed Apr 2 18:37:12 MSK 2025
https://git.altlinux.org/tasks/archive/done/_371/380009/logs/events.2.3.log
https://packages.altlinux.org/tasks/380009
subtask name aarch64 i586 x86_64
#100 firefox 1:03:13 26:07 30:07
2025-Apr-02 15:28:25 :: task #380009 for sisyphus resumed by rauty:
#100 build 137.0-alt1 from /people/rauty/packages/firefox.git fetched at 2025-Apr-02 11:04:34
2025-Apr-02 15:28:26 :: [i586] #100 firefox.git 137.0-alt1: build start
2025-Apr-02 15:28:26 :: [x86_64] #100 firefox.git 137.0-alt1: build start
2025-Apr-02 15:28:26 :: [aarch64] #100 firefox.git 137.0-alt1: build start
2025-Apr-02 15:28:49 :: [i586] #100 firefox.git 137.0-alt1: build OK (cached)
2025-Apr-02 15:28:52 :: [x86_64] #100 firefox.git 137.0-alt1: build OK (cached)
2025-Apr-02 15:29:12 :: [aarch64] #100 firefox.git 137.0-alt1: build OK (cached)
2025-Apr-02 15:29:48 :: #100: firefox.git 137.0-alt1: build check OK
2025-Apr-02 15:29:49 :: build check OK
warning (#100): firefox-config-privacy-137.0-alt1.x86_64.rpm should be .noarch.rpm
2025-Apr-02 15:31:32 :: noarch check OK
2025-Apr-02 15:31:34 :: plan: src +1 -1 =20049, aarch64 +3 -3 =34843, i586 +3 -3 =33695, x86_64 +3 -3 =35648
#100 firefox 136.0.2-alt1 -> 137.0-alt1
Tue Apr 01 2025 Ajrat Makhmutov <rauty at altlinux> 137.0-alt1
- New version (137.0).
- Security fixes:
+ CVE-2025-2857: Incorrect handle could lead to sandbox escapes
+ CVE-2025-3028: Use-after-free triggered by XSLTProcessor
+ CVE-2025-3031: JIT optimization bug with different stack slot sizes
+ CVE-2025-3032: Leaking file descriptors from the fork server
+ CVE-2025-3029: URL bar spoofing via non-BMP Unicode characters
+ CVE-2025-3035: Tab title disclosure across pages when using AI chatbot
+ CVE-2025-3033: Opening local .url files could lead to another file being opened
[...]
2025-Apr-02 15:31:34 :: firefox: mentions vulnerabilities: CVE-2025-2857 CVE-2025-3028 CVE-2025-3031 CVE-2025-3032 CVE-2025-3029 CVE-2025-3035 CVE-2025-3033 CVE-2025-3030 CVE-2025-3034
2025-Apr-02 15:32:23 :: patched apt indices
2025-Apr-02 15:32:34 :: created next repo
2025-Apr-02 15:32:46 :: duplicate provides check OK
2025-Apr-02 15:33:29 :: dependencies check OK
2025-Apr-02 15:34:08 :: [x86_64 i586 aarch64] ELF symbols check OK
i586: firefox=137.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Apr-02 15:34:20 :: [i586] #100 firefox: install check OK (cached)
x86_64: firefox=137.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Apr-02 15:34:21 :: [x86_64] #100 firefox: install check OK (cached)
2025-Apr-02 15:34:25 :: [i586] #100 firefox-config-privacy: install check OK (cached)
2025-Apr-02 15:34:25 :: [x86_64] #100 firefox-config-privacy: install check OK (cached)
2025-Apr-02 15:34:30 :: [i586] #100 firefox-debuginfo: install check OK (cached)
aarch64: firefox=137.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Apr-02 15:34:30 :: [aarch64] #100 firefox: install check OK (cached)
2025-Apr-02 15:34:32 :: [x86_64] #100 firefox-debuginfo: install check OK (cached)
2025-Apr-02 15:34:39 :: [aarch64] #100 firefox-config-privacy: install check OK (cached)
2025-Apr-02 15:34:51 :: [aarch64] #100 firefox-debuginfo: install check OK (cached)
2025-Apr-02 15:34:52 :: [x86_64-i586] plan: #0 +1 -1 =11597
2025-Apr-02 15:35:14 :: [x86_64-i586] generated apt indices
2025-Apr-02 15:35:16 :: [x86_64-i586] created next repo
2025-Apr-02 15:35:30 :: [x86_64-i586] dependencies check OK
2025-Apr-02 15:35:31 :: gears inheritance check OK
2025-Apr-02 15:35:31 :: srpm inheritance check OK
girar-check-perms: access to firefox ALLOWED for rauty: approved builder
check-subtask-perms: #100: firefox: allowed for rauty
2025-Apr-02 15:35:32 :: acl check OK
2025-Apr-02 15:35:46 :: created contents_index files
2025-Apr-02 15:36:00 :: created hash files: aarch64 i586 src x86_64-i586 x86_64
2025-Apr-02 15:36:04 :: task #380009 for sisyphus TESTED
2025-Apr-02 15:36:04 :: task is ready for commit
2025-Apr-02 15:36:11 :: repo clone OK
2025-Apr-02 15:36:12 :: packages update OK
2025-Apr-02 15:36:22 :: [x86_64 i586 aarch64] update OK
2025-Apr-02 15:36:22 :: [x86_64-i586] update OK
2025-Apr-02 15:36:23 :: repo update OK
2025-Apr-02 15:36:38 :: repo save OK
2025-Apr-02 15:36:38 :: src index update OK
2025-Apr-02 15:37:07 :: updated /gears/f/firefox.git branch `sisyphus'
2025-Apr-02 15:37:12 :: gears update OK
2025-Apr-02 15:37:12 :: task #380009 for sisyphus DONE
More information about the Sisyphus-incominger
mailing list