Welcome!
Important information
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources

News
-- MX Linux on social media: here
-- Mepis support still here

Current releases
-- MX-17.1 Final release info here
-- antiX-17 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

For Community Repository Package Requests and Status for MX-14
Message
Author
User avatar
mmikeinsantarosa
Forum Guide
Forum Guide
Posts: 2460
Joined: Thu May 01, 2014 10:12 am

MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#1 Post by mmikeinsantarosa » Sun Aug 23, 2015 1:09 am

We now have firefox-esr-38.2.0 available for download. If you currently have firefox installed, you'll need to remove it before installing this one.
This package uses the same source that was posted and briefly made available in a previous thread to use as an alternative to version (firefox-40.0.0). We had to rename the packages to get them into the regular repo. Although this was released a bit ago, here are the details:
What's Fixed
Firefox may become unresponsive after right-clicking Flash content on Windows 8
Various security fixes
Firefox may crash during mp4 video playback
Branded Firefox application does not open URLs in system default browser
Significant memory leak with GreaseMonkey add-on
crash [@ RtlEnterCriticalSection | MessageLoop::PostTask_Helper] on browser shutdown
Browser UI becomes unresponsive state when using Unity Web Player Plugin
ESRs will not build on hppa platform
crash in mozilla::layers::SyncObjectD3D11::FinalizeFrame()
Here is the ESR release schedule.

mike
LT: MX17.1 Quad Core model: Intel Core i7-6820HQ Kernel: 4.16.0-12.1-liquorix-amd64 (64 bit)
DT: Intel(R) Core i5-3.1GHz Kernel~3.9-1-mepis64 x86_64

User avatar
mmikeinsantarosa
Forum Guide
Forum Guide
Posts: 2460
Joined: Thu May 01, 2014 10:12 am

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#2 Post by mmikeinsantarosa » Mon Oct 05, 2015 9:34 pm

firefox-esr-38.3.0 is now available for download.
Fixed in Firefox ESR 38.3
2015-113 Memory safety errors in libGLES in the ANGLE graphics library
2015-112 Vulnerabilities found through code inspection
2015-111 Errors in the handling of CORS preflight request headers
2015-110 Dragging and dropping images exposes final URL after redirects
2015-106 Use-after-free while manipulating HTML media content
2015-105 Buffer overflow while decoding WebM video
2015-101 Buffer overflow in libvpx while parsing vp9 format video
2015-100 Arbitrary file manipulation by local user through Mozilla updater
2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
Let us know what you think about the upgrade.

Check out the mozill site for more information.

mike
LT: MX17.1 Quad Core model: Intel Core i7-6820HQ Kernel: 4.16.0-12.1-liquorix-amd64 (64 bit)
DT: Intel(R) Core i5-3.1GHz Kernel~3.9-1-mepis64 x86_64

User avatar
mmikeinsantarosa
Forum Guide
Forum Guide
Posts: 2460
Joined: Thu May 01, 2014 10:12 am

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#3 Post by mmikeinsantarosa » Wed Nov 11, 2015 4:07 pm

The latest firefox-esr-38.4.0 is available for download.

What's fixed in this release:
NSS and NSPR memory corruption issues
2015-132 Mixed content WebSocket policy bypass through workers
2015-131 Vulnerabilities found through code inspection
2015-130 JavaScript garbage collection crash with Java applet
2015-128 Memory corruption in libjar through zip files
2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received
2015-123 Buffer overflow during image interactions in canvas
2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy
2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
Check out the mozilla site for more information.

mike
LT: MX17.1 Quad Core model: Intel Core i7-6820HQ Kernel: 4.16.0-12.1-liquorix-amd64 (64 bit)
DT: Intel(R) Core i5-3.1GHz Kernel~3.9-1-mepis64 x86_64

User avatar
mmikeinsantarosa
Forum Guide
Forum Guide
Posts: 2460
Joined: Thu May 01, 2014 10:12 am

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#4 Post by mmikeinsantarosa » Mon Aug 29, 2016 10:03 pm

firefox-esr_45.3.0 is now available to upgrade to. This version required an upgrade from gtk2 to libgtk-3-0 (>= 3.4). This makes firefox-esr_45.2.0 is the last for MEPIS 11.
LT: MX17.1 Quad Core model: Intel Core i7-6820HQ Kernel: 4.16.0-12.1-liquorix-amd64 (64 bit)
DT: Intel(R) Core i5-3.1GHz Kernel~3.9-1-mepis64 x86_64

User avatar
v3g4n
Forum Guide
Forum Guide
Posts: 1791
Joined: Sat Jan 16, 2016 8:20 pm

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#5 Post by v3g4n » Wed Sep 21, 2016 9:37 pm

firefox-esr_45.4.0 is now available in main repo.
Security vulnerabilitiesfixed in 45.4.0: https://www.mozilla.org/en-US/security/ ... sa2016-86/

fu-sen
Forum Regular
Forum Regular
Posts: 148
Joined: Tue May 27, 2014 9:33 am

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#6 Post by fu-sen » Sat Sep 24, 2016 8:28 pm

I was confirmed firefox-esr_45.4.0 in the MX-14.
but the package appears to have been halfway updated.

package firefox-esr only is updated, such as the locale package is still old.
and it seems Debian of www-browser management has been recognized funny.

(Click to view larger)
Image

Update: Since the package update from Debian wheezy has been obtained, will soon this problem will be resolved.

User avatar
v3g4n
Forum Guide
Forum Guide
Posts: 1791
Joined: Sat Jan 16, 2016 8:20 pm

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#7 Post by v3g4n » Sat Sep 24, 2016 9:06 pm

Looks like 45.4 locals are there, but you may have to wait a bit for the mirrors to sync.
Image

User avatar
v3g4n
Forum Guide
Forum Guide
Posts: 1791
Joined: Sat Jan 16, 2016 8:20 pm

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#8 Post by v3g4n » Fri Apr 28, 2017 5:51 pm

firefox-esr_52.1 is now available in main repo.
Security vulnerabilitiesfixed in 52.1: https://www.mozilla.org/en-US/security/ ... sa2017-12/

User avatar
mmikeinsantarosa
Forum Guide
Forum Guide
Posts: 2460
Joined: Thu May 01, 2014 10:12 am

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#9 Post by mmikeinsantarosa » Fri Jul 07, 2017 7:44 pm

firefox-52.2.1 is now available to upgrade to. If you're installed version is less than 52.0, you should install this one as there was a critical security issue fixed.
CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
Description

A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash.
References

Bug 1365602
- mike
LT: MX17.1 Quad Core model: Intel Core i7-6820HQ Kernel: 4.16.0-12.1-liquorix-amd64 (64 bit)
DT: Intel(R) Core i5-3.1GHz Kernel~3.9-1-mepis64 x86_64

User avatar
uncle mark
Forum Veteran
Forum Veteran
Posts: 4982
Joined: Sat Nov 11, 2006 10:42 pm

Re: MEPIS 12/MX-14 Community Repo: The Firefox-esr thread

#10 Post by uncle mark » Fri Jul 07, 2017 8:34 pm

I'm on 38.2 on MEPIS 11-64bit, which I'm pretty sure you built back in Aug 2015. Would this work as a replacement to that?
Desktop: Custom build Asus/AMD/nVidia -- MEPIS 11
Laptop: Acer Aspire 5250 -- MX-15
Assorted junk: assorted Linuxes

Post Reply

Return to “Package Requests/Status - MX-14”