-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-7342330743 2023-10-18 01:45:22.977713 --------------------------------------------------------------------------------
Name : icecat Product : Fedora 38 Version : 115.3.1 Release : 7.rh2.fc38 URL : http://www.gnu.org/software/gnuzilla/ Summary : GNU version of Firefox browser Description : GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat:
* LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman.
* HTTPS Everywhere HTTPS Everywhere is an extension that encrypts your communications with many major websites, making your browsing more secure.
* A set of companion extensions for LibreJS by Nathan Nichols are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs without using nonfree JavaScript.
* A series of configuration changes and tweaks were applied to ensure that IceCat does not initiate network connections that the user has not explicitly requested. This implies not downloading feeds, updates, blacklists or any other similar data needed during startup.
-------------------------------------------------------------------------------- Update Information:
- Release 115.3.1 -------------------------------------------------------------------------------- ChangeLog:
* Mon Oct 2 2023 Antonio Trande sagitter@fedoraproject.org - 2:115.3.1-7.rh2 - Add missing installed files * Sun Oct 1 2023 Antonio Trande sagitter@fedoraproject.org - 2:115.3.1-6.rh2 - Exclude manpage temporarily * Sun Oct 1 2023 Antonio Trande sagitter@fedoraproject.org - 2:115.3.1-5.rh2 - Upload new source archive rh2 * Sat Sep 30 2023 Antonio Trande sagitter@fedoraproject.org - 2:115.3.1-4.rh1 - Fix icecatview.html file * Sat Sep 30 2023 Antonio Trande sagitter@fedoraproject.org - 2:115.3.1-3.rh1 - Fix files for processing MOZBUILD * Fri Sep 29 2023 Antonio Trande sagitter@fedoraproject.org - 2:115.3.1-2.rh1 - Release 115.3.1 rh1| Fix clang path * Fri Sep 29 2023 Antonio Trande sagitter@fedoraproject.org - 2:115.3.1-1.rh1 - Release 115.3.1 rh1| Epoch 2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2208177 - CVE-2023-26117 icecat: angularjs: Regular expression denial of service via the $resource service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208177 [ 2 ] Bug #2208185 - CVE-2023-26116 icecat: angularjs: Regular Expression Denial of Service via angular.copy() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208185 [ 3 ] Bug #2208195 - CVE-2023-26118 icecat: angularjs: Regular Expression Denial of Service via the <input type="url"> element [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208195 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-7342330743' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------