Bug 9106

Summary:	[UPDATE REQUEST 2016.1] newmoon 27.9.3
Product:	[ROSA-based products] ROSA Fresh	Reporter:	Алзим <alzim>
Component:	Packages from Main	Assignee:	ROSA Linux Bugs <bugs>
Status:	RESOLVED FIXED	QA Contact:	ROSA Linux Bugs <bugs>
Severity:	normal
Priority:	Normal	CC:	andrey.bondrov, v.potapov
Version:	All	Flags:	v.potapov: qa_verified+ andrey.bondrov: published+
Target Milestone:	---
Hardware:	All
OS:	Linux
Whiteboard:
Platform:	---	ROSA Vulnerability identifier:
RPM Package:		ISO-related:
Bad POT generating:		Upstream:

Description Алзим 2018-06-15 16:32:13 MSK

This is a security update.

Changes/fixes:

(CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to that report, the libopus maintainers state they don't believe remote code execution was possible, so this was not a critical patch.
Fixed an issue with task counting in JS GC.
Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks to Berk Cem Göksel for reporting).
Portable only: Included the previously omitted registry helper. This may in some cases help with file/type associations.

Comment 1 Алзим 2018-06-15 16:34:23 MSK

Updated to 27.9.3

newmoon
https://abf.io/build_lists/2931718
https://abf.io/build_lists/2931719

newmoon-l10n
https://abf.io/build_lists/2931726
https://abf.io/build_lists/2931727

Comment 2 Vladimir Potapov 2018-06-22 11:05:48 MSK

The update is sent to expanded testing
****************************************

Comment 3 Vladimir Potapov 2018-06-25 01:38:52 MSK

newmoon-27.9.3-1
https://abf.io/build_lists/2931718
https://abf.io/build_lists/2931719

newmoon-l10n-27.9.3-1
https://abf.io/build_lists/2931726
https://abf.io/build_lists/2931727
********************************* Advisory ***************************
Updated to 27.9.3
**********************************************************************
QA Verified