-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-129d8ca6fc 2024-03-07 22:24:39.963937 --------------------------------------------------------------------------------
Name : icecat Product : Fedora 40 Version : 115.8.0 Release : 2.rh1.fc40 URL : http://www.gnu.org/software/gnuzilla/ Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat:
* LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman.
* JShelter: Mitigates potential threats from JavaScript, including fingerprinting, tracking, and data collection. Slightly modifies the results of API calls, differently on different domains, so that the cross-site fingerprint is not stable. Applies security counter-measures that are likely not to break web pages. Allows fine-grained control over the restrictions and counter-measures applied to each domain.
* A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript.
* A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup.
-------------------------------------------------------------------------------- Update Information:
Change for system JDK from 17 to 21. upstream security release 122.0.6261.94 High CVE-2024-1938: Type Confusion in V8 High CVE-2024-1939: Type Confusion in V8 fixed bug with requires Automatic update for lucene-9.9.2-1.fc40. bump java source/target to 1.8, fixes 2266639 -------------------------------------------------------------------------------- ChangeLog:
* Sat Mar 2 2024 Jiri Vanek jvanek@redhat.com - 2:115.8.0-2.rh1 - Rebuilt for java-21-openjdk as system jdk -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2123726 - consoleImageViewer crashes at start https://bugzilla.redhat.com/show_bug.cgi?id=2123726 [ 2 ] Bug #2261062 - directory-maven-plugin: FTBFS in Fedora rawhide/f40 https://bugzilla.redhat.com/show_bug.cgi?id=2261062 [ 3 ] Bug #2266639 - directory-maven-plugin fails to build with java-21-openjdk https://bugzilla.redhat.com/show_bug.cgi?id=2266639 [ 4 ] Bug #2266934 - CVE-2024-1938 chromium: type confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266934 [ 5 ] Bug #2266937 - CVE-2024-1939 chromium: type confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266937 [ 6 ] Bug #2267486 - Include Java 21 as system Java Change in Fedora 40 Beta https://bugzilla.redhat.com/show_bug.cgi?id=2267486 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-129d8ca6fc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------