* [#395219] TESTED firefox.git=143.0-alt1
@ 2025-09-17 19:44 Girar awaiter (rauty)
2025-09-18 5:21 ` [#395219] DONE (try 2) firefox.git=143.0-alt1 Girar pender (rauty)
0 siblings, 1 reply; 2+ messages in thread
From: Girar awaiter (rauty) @ 2025-09-17 19:44 UTC (permalink / raw)
To: Ajrat Makhmutov
Cc: sisyphus-incominger, girar-builder-sisyphus, Sergey Bolshakov,
Alexey Gladkov
https://git.altlinux.org/tasks/395219/logs/events.1.1.log
https://packages.altlinux.org/tasks/395219
subtask name aarch64 i586 x86_64
#100 firefox 58:30 - 32:24
2025-Sep-17 18:38:03 :: test-only task #395219 for sisyphus started by rauty:
#100 build 143.0-alt1 from /people/rauty/packages/firefox.git fetched at 2025-Sep-17 18:37:55
2025-Sep-17 18:38:05 :: [i586] #100 firefox.git 143.0-alt1: build start
2025-Sep-17 18:38:05 :: [x86_64] #100 firefox.git 143.0-alt1: build start
2025-Sep-17 18:38:05 :: [aarch64] #100 firefox.git 143.0-alt1: build start
2025-Sep-17 18:38:30 :: [i586] #100 firefox.git 143.0-alt1: build SKIPPED
2025-Sep-17 19:10:29 :: [x86_64] #100 firefox.git 143.0-alt1: build OK
2025-Sep-17 19:36:35 :: [aarch64] #100 firefox.git 143.0-alt1: build OK
2025-Sep-17 19:37:06 :: #100: firefox.git 143.0-alt1: build check OK
2025-Sep-17 19:37:08 :: build check OK
2025-Sep-17 19:38:48 :: noarch check OK
2025-Sep-17 19:38:49 :: plan: src +1 -1 =20643, aarch64 +3 -3 =36454, x86_64 +3 -3 =37286
#100 firefox 142.0.1-alt1 -> 143.0-alt1
Wed Sep 17 2025 Ajrat Makhmutov <rauty@altlinux> 143.0-alt1
- New version (143.0).
- Fixes:
+ CVE-2025-10527: Sandbox escape due to use-after-free in the Graphics: Canvas2D component
+ CVE-2025-10528: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component
+ CVE-2025-10529: Same-origin policy bypass in the Layout component
+ CVE-2025-10530: Spoofing issue in the WebAuthn component in Firefox for Android
+ CVE-2025-10531: Mitigation bypass in the Web Compatibility: Tooling component
+ CVE-2025-10532: Incorrect boundary conditions in the JavaScript: GC component
+ CVE-2025-10533: Integer overflow in the SVG component
[...]
2025-Sep-17 19:38:50 :: firefox: fixes vulnerabilities: CVE-2025-10527 CVE-2025-10528 CVE-2025-10529 CVE-2025-10530 CVE-2025-10531 CVE-2025-10532 CVE-2025-10533 CVE-2025-10534 CVE-2025-10535 CVE-2025-10536 CVE-2025-10537
2025-Sep-17 19:39:37 :: patched apt indices
2025-Sep-17 19:39:45 :: created next repo
2025-Sep-17 19:39:55 :: duplicate provides check OK
2025-Sep-17 19:40:33 :: dependencies check OK
2025-Sep-17 19:41:07 :: [x86_64 aarch64] ELF symbols check OK
x86_64: firefox=143.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Sep-17 19:41:33 :: [x86_64] #100 firefox: install check OK
aarch64: firefox=143.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Sep-17 19:41:47 :: [aarch64] #100 firefox: install check OK
2025-Sep-17 19:41:50 :: [x86_64] #100 firefox-config-privacy: install check OK
2025-Sep-17 19:42:13 :: [aarch64] #100 firefox-config-privacy: install check OK
2025-Sep-17 19:42:43 :: [x86_64] #100 firefox-debuginfo: install check OK
2025-Sep-17 19:43:37 :: [aarch64] #100 firefox-debuginfo: install check OK
2025-Sep-17 19:43:55 :: [x86_64-i586] generated apt indices
2025-Sep-17 19:43:55 :: [x86_64-i586] created next repo
2025-Sep-17 19:44:05 :: [x86_64-i586] dependencies check OK
2025-Sep-17 19:44:07 :: gears inheritance check OK
2025-Sep-17 19:44:08 :: srpm inheritance check OK
girar-check-perms: access to firefox ALLOWED for rauty: approved builder
check-subtask-perms: #100: firefox: allowed for rauty
2025-Sep-17 19:44:08 :: acl check OK
2025-Sep-17 19:44:21 :: created contents_index files
2025-Sep-17 19:44:32 :: created hash files: aarch64 src x86_64
2025-Sep-17 19:44:35 :: task #395219 for sisyphus TESTED
^ permalink raw reply [flat|nested] 2+ messages in thread
* [#395219] DONE (try 2) firefox.git=143.0-alt1
2025-09-17 19:44 [#395219] TESTED firefox.git=143.0-alt1 Girar awaiter (rauty)
@ 2025-09-18 5:21 ` Girar pender (rauty)
0 siblings, 0 replies; 2+ messages in thread
From: Girar pender (rauty) @ 2025-09-18 5:21 UTC (permalink / raw)
To: Ajrat Makhmutov
Cc: sisyphus-incominger, girar-builder-sisyphus, Sergey Bolshakov,
Alexey Gladkov
https://git.altlinux.org/tasks/archive/done/_385/395219/logs/events.2.3.log
https://packages.altlinux.org/tasks/395219
2025-Sep-18 05:12:41 :: task #395219 for sisyphus resumed by rauty:
#100 build 143.0-alt1 from /people/rauty/packages/firefox.git fetched at 2025-Sep-17 18:37:55
2025-Sep-18 05:12:41 :: waiting for a shared lock on sisyphus
2025-Sep-18 05:13:01 :: acquired a shared lock on sisyphus
2025-Sep-18 05:13:03 :: [i586] #100 firefox.git 143.0-alt1: build start
2025-Sep-18 05:13:03 :: [x86_64] #100 firefox.git 143.0-alt1: build start
2025-Sep-18 05:13:03 :: [aarch64] #100 firefox.git 143.0-alt1: build start
2025-Sep-18 05:13:32 :: [x86_64] #100 firefox.git 143.0-alt1: build OK (cached)
2025-Sep-18 05:13:36 :: [i586] #100 firefox.git 143.0-alt1: build SKIPPED
2025-Sep-18 05:13:45 :: [aarch64] #100 firefox.git 143.0-alt1: build OK (cached)
2025-Sep-18 05:14:16 :: #100: firefox.git 143.0-alt1: build check OK
2025-Sep-18 05:14:18 :: build check OK
2025-Sep-18 05:16:00 :: noarch check OK
2025-Sep-18 05:16:02 :: plan: src +1 -1 =20644, aarch64 +3 -3 =36456, x86_64 +3 -3 =37288
#100 firefox 142.0.1-alt1 -> 143.0-alt1
Wed Sep 17 2025 Ajrat Makhmutov <rauty@altlinux> 143.0-alt1
- New version (143.0).
- Fixes:
+ CVE-2025-10527: Sandbox escape due to use-after-free in the Graphics: Canvas2D component
+ CVE-2025-10528: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component
+ CVE-2025-10529: Same-origin policy bypass in the Layout component
+ CVE-2025-10530: Spoofing issue in the WebAuthn component in Firefox for Android
+ CVE-2025-10531: Mitigation bypass in the Web Compatibility: Tooling component
+ CVE-2025-10532: Incorrect boundary conditions in the JavaScript: GC component
+ CVE-2025-10533: Integer overflow in the SVG component
[...]
2025-Sep-18 05:16:02 :: firefox: fixes vulnerabilities: CVE-2025-10527 CVE-2025-10528 CVE-2025-10529 CVE-2025-10530 CVE-2025-10531 CVE-2025-10532 CVE-2025-10533 CVE-2025-10534 CVE-2025-10535 CVE-2025-10536 CVE-2025-10537
2025-Sep-18 05:16:48 :: patched apt indices
2025-Sep-18 05:16:57 :: created next repo
2025-Sep-18 05:17:08 :: duplicate provides check OK
2025-Sep-18 05:17:46 :: dependencies check OK
2025-Sep-18 05:18:17 :: [x86_64 aarch64] ELF symbols check OK
x86_64: firefox=143.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Sep-18 05:18:34 :: [x86_64] #100 firefox: install check OK (cached)
aarch64: firefox=143.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Sep-18 05:18:38 :: [aarch64] #100 firefox: install check OK (cached)
2025-Sep-18 05:18:39 :: [x86_64] #100 firefox-config-privacy: install check OK (cached)
2025-Sep-18 05:18:47 :: [aarch64] #100 firefox-config-privacy: install check OK (cached)
2025-Sep-18 05:18:47 :: [x86_64] #100 firefox-debuginfo: install check OK (cached)
2025-Sep-18 05:18:58 :: [aarch64] #100 firefox-debuginfo: install check OK (cached)
2025-Sep-18 05:19:16 :: [x86_64-i586] generated apt indices
2025-Sep-18 05:19:16 :: [x86_64-i586] created next repo
2025-Sep-18 05:19:27 :: [x86_64-i586] dependencies check OK
2025-Sep-18 05:19:28 :: gears inheritance check OK
2025-Sep-18 05:19:29 :: srpm inheritance check OK
girar-check-perms: access to firefox ALLOWED for rauty: approved builder
check-subtask-perms: #100: firefox: allowed for rauty
2025-Sep-18 05:19:29 :: acl check OK
2025-Sep-18 05:19:42 :: created contents_index files
2025-Sep-18 05:19:53 :: created hash files: aarch64 src x86_64
2025-Sep-18 05:19:57 :: task #395219 for sisyphus TESTED
2025-Sep-18 05:19:58 :: task is ready for commit
2025-Sep-18 05:20:04 :: repo clone OK
2025-Sep-18 05:20:05 :: packages update OK
2025-Sep-18 05:20:11 :: [x86_64 aarch64] update OK
2025-Sep-18 05:20:11 :: repo update OK
2025-Sep-18 05:20:23 :: repo save OK
2025-Sep-18 05:20:24 :: src index update OK
2025-Sep-18 05:20:54 :: updated /gears/f/firefox.git branch `sisyphus'
2025-Sep-18 05:21:00 :: gears update OK
2025-Sep-18 05:21:00 :: task #395219 for sisyphus DONE
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-09-18 5:21 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-09-17 19:44 [#395219] TESTED firefox.git=143.0-alt1 Girar awaiter (rauty)
2025-09-18 5:21 ` [#395219] DONE (try 2) firefox.git=143.0-alt1 Girar pender (rauty)
ALT Linux Girar Builder robot reports
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus-incominger/0 sisyphus-incominger/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus-incominger sisyphus-incominger/ http://lore.altlinux.org/sisyphus-incominger \
sisyphus-incominger@lists.altlinux.org sisyphus-incominger@lists.altlinux.ru sisyphus-incominger@lists.altlinux.com
public-inbox-index sisyphus-incominger
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-incominger
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git