Andreas Rammhold e7785f1148
firefox: 62.0.2 -> 62.0.3 [critical security fixes]
This update bumps the package to the latest stable version containing a
few security fixes:

- CVE-2018-12386: Type confusion in JavaScript
  A vulnerability in register allocation in JavaScript can lead to type
  confusion, allowing for an arbitrary read and write. This leads to
  remote code execution inside the sandboxed content process when
  triggered.

- CVE-2018-12387
  A vulnerability where the JavaScript JIT compiler inlines
  Array.prototype.push with multiple arguments that results in the stack
  pointer being off by 8 bytes after a bailout. This leaks a memory
  address to the calling function which can be used as part of an
  exploit inside the sandboxed content process.

Source: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
2018-10-03 09:51:13 +02:00
2018-07-06 12:48:43 -04:00
2018-09-02 16:45:00 -04:00
2018-01-04 17:59:52 -05:00

logo

Code Triagers Badge

Nixpkgs is a collection of packages for the Nix package manager. It is periodically built and tested by the Hydra build daemon as so-called channels. To get channel information via git, add nixpkgs-channels as a remote:

% git remote add channels https://github.com/NixOS/nixpkgs-channels.git

For stability and maximum binary package support, it is recommended to maintain custom changes on top of one of the channels, e.g. nixos-18.03 for the latest release and nixos-unstable for the latest successful build of master:

% git remote update channels
% git rebase channels/nixos-18.03

For pull-requests, please rebase onto nixpkgs master.

NixOS Linux distribution source code is located inside nixos/ folder.

Communication:

Description
No description provided
Readme 1.5 GiB
Languages
Nix 96.3%
Shell 1.8%
Python 0.7%
Perl 0.4%
C 0.3%
Other 0.1%