* [#398219] p11 TESTED firefox.git=144.0-alt1
@ 2025-10-24 18:07 Girar awaiter (rauty)
2025-10-25 12:17 ` [#398219] p11 EPERM (try 2) firefox.git=144.0-alt1 Girar awaiter (rauty)
2025-11-06 9:19 ` [#398219] p11 DONE (try 3) firefox.git=144.0-alt1 Girar pender (amakeenk)
0 siblings, 2 replies; 3+ messages in thread
From: Girar awaiter (rauty) @ 2025-10-24 18:07 UTC (permalink / raw)
To: Ajrat Makhmutov; +Cc: sisyphus-incominger, girar-builder-p11, girar-builder-p11
https://git.altlinux.org/tasks/398219/logs/events.1.1.log
https://packages.altlinux.org/tasks/398219
subtask name aarch64 i586 x86_64
#100 firefox 56:59 - 32:41
2025-Oct-24 17:02:33 :: test-only task #398219 for p11 started by rauty:
#100 build 144.0-alt1 from /people/rauty/packages/firefox.git fetched at 2025-Oct-24 16:56:05
2025-Oct-24 17:02:35 :: [x86_64] #100 firefox.git 144.0-alt1: build start
2025-Oct-24 17:02:35 :: [aarch64] #100 firefox.git 144.0-alt1: build start
2025-Oct-24 17:02:35 :: [i586] #100 firefox.git 144.0-alt1: build start
2025-Oct-24 17:02:55 :: [i586] #100 firefox.git 144.0-alt1: build SKIPPED
2025-Oct-24 17:35:16 :: [x86_64] #100 firefox.git 144.0-alt1: build OK
2025-Oct-24 17:59:34 :: [aarch64] #100 firefox.git 144.0-alt1: build OK
2025-Oct-24 17:59:56 :: 100: build check OK
2025-Oct-24 17:59:57 :: build check OK
2025-Oct-24 18:00:04 :: #100: firefox.git 144.0-alt1: version check OK
2025-Oct-24 18:00:04 :: build version check OK
2025-Oct-24 18:01:52 :: noarch check OK
2025-Oct-24 18:01:54 :: plan: src +1 -1 =19874, aarch64 +3 -3 =34988, x86_64 +3 -3 =35780
#100 firefox 143.0-alt1 -> 144.0-alt1
Wed Oct 15 2025 Ajrat Makhmutov <rauty@altlinux> 144.0-alt1
- New version (144.0).
- Fixes:
+ CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance()
+ CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures
+ CVE-2025-11710: Cross-process information leaked due to malicious IPC messages
+ CVE-2025-11711: Some non-writable Object properties could be modified
+ CVE-2025-11716: Sandboxed iframes allowed links to open in external apps (Android only)
+ CVE-2025-11717: The password edit screen was not hidden in Android card view
+ CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type
[...]
2025-Oct-24 18:01:54 :: firefox: closes bugs: 56190
2025-Oct-24 18:01:54 :: firefox: fixes vulnerabilities: CVE-2025-11708 CVE-2025-11709 CVE-2025-11710 CVE-2025-11711 CVE-2025-11716 CVE-2025-11717 CVE-2025-11712 CVE-2025-11718 CVE-2025-11713 CVE-2025-11719 CVE-2025-11720 CVE-2025-11714 CVE-2025-11715 CVE-2025-11721 CVE-2025-11152 CVE-2025-11153
2025-Oct-24 18:02:42 :: patched apt indices
2025-Oct-24 18:02:52 :: created next repo
2025-Oct-24 18:03:03 :: duplicate provides check OK
2025-Oct-24 18:03:42 :: dependencies check OK
2025-Oct-24 18:04:20 :: [x86_64 aarch64] ELF symbols check OK
x86_64: firefox=144.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Oct-24 18:04:46 :: [x86_64] #100 firefox: install check OK
aarch64: firefox=144.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Oct-24 18:05:00 :: [aarch64] #100 firefox: install check OK
2025-Oct-24 18:05:03 :: [x86_64] #100 firefox-config-privacy: install check OK
2025-Oct-24 18:05:26 :: [aarch64] #100 firefox-config-privacy: install check OK
2025-Oct-24 18:05:58 :: [x86_64] #100 firefox-debuginfo: install check OK
2025-Oct-24 18:06:51 :: [aarch64] #100 firefox-debuginfo: install check OK
2025-Oct-24 18:07:09 :: [x86_64-i586] generated apt indices
2025-Oct-24 18:07:09 :: [x86_64-i586] created next repo
2025-Oct-24 18:07:19 :: [x86_64-i586] dependencies check OK
2025-Oct-24 18:07:21 :: gears inheritance check OK
2025-Oct-24 18:07:21 :: srpm inheritance check OK
girar-check-perms: access to firefox DENIED for rauty: project `firefox' is not listed in the acl file for repository `p11', and the policy for such projects in `p11' is to deny
check-subtask-perms: #100: firefox: needs approvals from members of @maint and @tester groups
2025-Oct-24 18:07:23 :: acl check IGNORED
2025-Oct-24 18:07:34 :: created contents_index files
2025-Oct-24 18:07:44 :: created hash files: aarch64 src x86_64
2025-Oct-24 18:07:46 :: task #398219 for p11 TESTED
^ permalink raw reply [flat|nested] 3+ messages in thread
* [#398219] p11 EPERM (try 2) firefox.git=144.0-alt1
2025-10-24 18:07 [#398219] p11 TESTED firefox.git=144.0-alt1 Girar awaiter (rauty)
@ 2025-10-25 12:17 ` Girar awaiter (rauty)
2025-11-06 9:19 ` [#398219] p11 DONE (try 3) firefox.git=144.0-alt1 Girar pender (amakeenk)
1 sibling, 0 replies; 3+ messages in thread
From: Girar awaiter (rauty) @ 2025-10-25 12:17 UTC (permalink / raw)
To: Ajrat Makhmutov; +Cc: sisyphus-incominger, girar-builder-p11, girar-builder-p11
https://git.altlinux.org/tasks/398219/logs/events.2.1.log
https://packages.altlinux.org/tasks/398219
2025-Oct-25 12:10:15 :: task #398219 for p11 resumed by rauty:
2025-Oct-25 12:10:15 :: message: Firefox CVE Fixes
#100 build 144.0-alt1 from /people/rauty/packages/firefox.git fetched at 2025-Oct-24 16:56:05
2025-Oct-25 12:10:16 :: [i586] #100 firefox.git 144.0-alt1: build start
2025-Oct-25 12:10:16 :: [aarch64] #100 firefox.git 144.0-alt1: build start
2025-Oct-25 12:10:16 :: [x86_64] #100 firefox.git 144.0-alt1: build start
2025-Oct-25 12:10:42 :: [i586] #100 firefox.git 144.0-alt1: build SKIPPED
2025-Oct-25 12:10:42 :: [x86_64] #100 firefox.git 144.0-alt1: build OK (cached)
2025-Oct-25 12:11:00 :: [aarch64] #100 firefox.git 144.0-alt1: build OK (cached)
2025-Oct-25 12:11:00 :: 100: build check OK (cached)
2025-Oct-25 12:11:01 :: build check OK
2025-Oct-25 12:11:08 :: #100: firefox.git 144.0-alt1: version check OK
2025-Oct-25 12:11:08 :: build version check OK
2025-Oct-25 12:12:49 :: noarch check OK
2025-Oct-25 12:12:51 :: plan: src +1 -1 =19876, aarch64 +3 -3 =34999, x86_64 +3 -3 =35785
#100 firefox 143.0-alt1 -> 144.0-alt1
Wed Oct 15 2025 Ajrat Makhmutov <rauty@altlinux> 144.0-alt1
- New version (144.0).
- Fixes:
+ CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance()
+ CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures
+ CVE-2025-11710: Cross-process information leaked due to malicious IPC messages
+ CVE-2025-11711: Some non-writable Object properties could be modified
+ CVE-2025-11716: Sandboxed iframes allowed links to open in external apps (Android only)
+ CVE-2025-11717: The password edit screen was not hidden in Android card view
+ CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type
[...]
2025-Oct-25 12:12:51 :: firefox: closes bugs: 56190
2025-Oct-25 12:12:52 :: firefox: fixes vulnerabilities: CVE-2025-11708 CVE-2025-11709 CVE-2025-11710 CVE-2025-11711 CVE-2025-11716 CVE-2025-11717 CVE-2025-11712 CVE-2025-11718 CVE-2025-11713 CVE-2025-11719 CVE-2025-11720 CVE-2025-11714 CVE-2025-11715 CVE-2025-11721 CVE-2025-11152 CVE-2025-11153
2025-Oct-25 12:13:37 :: patched apt indices
2025-Oct-25 12:13:47 :: created next repo
2025-Oct-25 12:14:00 :: duplicate provides check OK
2025-Oct-25 12:14:45 :: dependencies check OK
2025-Oct-25 12:15:25 :: [x86_64 aarch64] ELF symbols check OK
x86_64: firefox=144.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Oct-25 12:15:38 :: [x86_64] #100 firefox: install check OK (cached)
2025-Oct-25 12:15:43 :: [x86_64] #100 firefox-config-privacy: install check OK (cached)
aarch64: firefox=144.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Oct-25 12:15:45 :: [aarch64] #100 firefox: install check OK (cached)
2025-Oct-25 12:15:49 :: [x86_64] #100 firefox-debuginfo: install check OK (cached)
2025-Oct-25 12:15:54 :: [aarch64] #100 firefox-config-privacy: install check OK (cached)
2025-Oct-25 12:16:05 :: [aarch64] #100 firefox-debuginfo: install check OK (cached)
2025-Oct-25 12:16:22 :: [x86_64-i586] generated apt indices
2025-Oct-25 12:16:22 :: [x86_64-i586] created next repo
2025-Oct-25 12:16:33 :: [x86_64-i586] dependencies check OK
2025-Oct-25 12:16:34 :: gears inheritance check OK
2025-Oct-25 12:16:34 :: srpm inheritance check OK
girar-check-perms: access to firefox DENIED for rauty: project `firefox' is not listed in the acl file for repository `p11', and the policy for such projects in `p11' is to deny
check-subtask-perms: #100: firefox: needs approvals from members of @maint and @tester groups
2025-Oct-25 12:16:36 :: acl check FAILED
2025-Oct-25 12:16:48 :: created contents_index files
2025-Oct-25 12:16:57 :: created hash files: aarch64 src x86_64
2025-Oct-25 12:17:00 :: task #398219 for p11 EPERM
^ permalink raw reply [flat|nested] 3+ messages in thread
* [#398219] p11 DONE (try 3) firefox.git=144.0-alt1
2025-10-24 18:07 [#398219] p11 TESTED firefox.git=144.0-alt1 Girar awaiter (rauty)
2025-10-25 12:17 ` [#398219] p11 EPERM (try 2) firefox.git=144.0-alt1 Girar awaiter (rauty)
@ 2025-11-06 9:19 ` Girar pender (amakeenk)
1 sibling, 0 replies; 3+ messages in thread
From: Girar pender (amakeenk) @ 2025-11-06 9:19 UTC (permalink / raw)
To: Ajrat Makhmutov; +Cc: sisyphus-incominger, girar-builder-p11, girar-builder-p11
https://git.altlinux.org/tasks/archive/done/_388/398219/logs/events.3.2.log
https://packages.altlinux.org/tasks/398219
subtask name aarch64 i586 x86_64
#100 firefox 55:40 - 33:18
2025-Nov-06 09:12:12 :: task #398219 for p11 resumed by amakeenk:
2025-Nov-06 09:12:12 :: message: Firefox CVE Fixes
#100 build 144.0-alt1 from /people/rauty/packages/firefox.git fetched at 2025-Oct-24 16:56:05
2025-Nov-06 09:12:14 :: [i586] #100 firefox.git 144.0-alt1: build start
2025-Nov-06 09:12:14 :: [x86_64] #100 firefox.git 144.0-alt1: build start
2025-Nov-06 09:12:14 :: [aarch64] #100 firefox.git 144.0-alt1: build start
2025-Nov-06 09:12:39 :: [i586] #100 firefox.git 144.0-alt1: build SKIPPED
2025-Nov-06 09:12:40 :: [x86_64] #100 firefox.git 144.0-alt1: build OK (cached)
2025-Nov-06 09:12:55 :: [aarch64] #100 firefox.git 144.0-alt1: build OK (cached)
2025-Nov-06 09:12:56 :: 100: build check OK (cached)
2025-Nov-06 09:12:57 :: build check OK
2025-Nov-06 09:13:04 :: #100: firefox.git 144.0-alt1: version check OK
2025-Nov-06 09:13:04 :: build version check OK
2025-Nov-06 09:14:48 :: noarch check OK
2025-Nov-06 09:14:49 :: plan: src +1 -1 =19888, aarch64 +3 -3 =35029, x86_64 +3 -3 =35815
#100 firefox 143.0-alt1 -> 144.0-alt1
Wed Oct 15 2025 Ajrat Makhmutov <rauty@altlinux> 144.0-alt1
- New version (144.0).
- Fixes:
+ CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance()
+ CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures
+ CVE-2025-11710: Cross-process information leaked due to malicious IPC messages
+ CVE-2025-11711: Some non-writable Object properties could be modified
+ CVE-2025-11716: Sandboxed iframes allowed links to open in external apps (Android only)
+ CVE-2025-11717: The password edit screen was not hidden in Android card view
+ CVE-2025-11712: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type
[...]
2025-Nov-06 09:14:50 :: firefox: closes bugs: 56190
2025-Nov-06 09:14:50 :: firefox: fixes vulnerabilities: CVE-2025-11708 CVE-2025-11709 CVE-2025-11710 CVE-2025-11711 CVE-2025-11716 CVE-2025-11717 CVE-2025-11712 CVE-2025-11718 CVE-2025-11713 CVE-2025-11719 CVE-2025-11720 CVE-2025-11714 CVE-2025-11715 CVE-2025-11721 CVE-2025-11152 CVE-2025-11153
2025-Nov-06 09:15:30 :: patched apt indices
2025-Nov-06 09:15:39 :: created next repo
2025-Nov-06 09:15:49 :: duplicate provides check OK
2025-Nov-06 09:16:28 :: dependencies check OK
2025-Nov-06 09:17:06 :: [x86_64 aarch64] ELF symbols check OK
x86_64: firefox=144.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Nov-06 09:17:19 :: [x86_64] #100 firefox: install check OK (cached)
2025-Nov-06 09:17:23 :: [x86_64] #100 firefox-config-privacy: install check OK (cached)
aarch64: firefox=144.0-alt1 post-install unowned files:
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/icons/hicolor/22x22
/usr/share/icons/hicolor/22x22/apps
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/256x256
/usr/share/icons/hicolor/256x256/apps
2025-Nov-06 09:17:26 :: [aarch64] #100 firefox: install check OK (cached)
2025-Nov-06 09:17:30 :: [x86_64] #100 firefox-debuginfo: install check OK (cached)
2025-Nov-06 09:17:35 :: [aarch64] #100 firefox-config-privacy: install check OK (cached)
2025-Nov-06 09:17:46 :: [aarch64] #100 firefox-debuginfo: install check OK (cached)
2025-Nov-06 09:18:07 :: [x86_64-i586] generated apt indices
2025-Nov-06 09:18:07 :: [x86_64-i586] created next repo
2025-Nov-06 09:18:18 :: [x86_64-i586] dependencies check OK
2025-Nov-06 09:18:19 :: gears inheritance check OK
2025-Nov-06 09:18:19 :: srpm inheritance check OK
girar-check-perms: access to @maint ALLOWED for cas: member of approved group
girar-check-perms: access to @tester ALLOWED for amakeenk: member of approved group
check-subtask-perms: #100: firefox: approved by cas, approved by amakeenk
2025-Nov-06 09:18:21 :: acl check OK
2025-Nov-06 09:18:33 :: created contents_index files
2025-Nov-06 09:18:42 :: created hash files: aarch64 src x86_64
2025-Nov-06 09:18:45 :: task #398219 for p11 TESTED
2025-Nov-06 09:18:46 :: task is ready for commit
2025-Nov-06 09:18:52 :: repo clone OK
2025-Nov-06 09:18:53 :: packages update OK
2025-Nov-06 09:18:58 :: [x86_64 aarch64] update OK
2025-Nov-06 09:18:58 :: repo update OK
2025-Nov-06 09:19:10 :: repo save OK
2025-Nov-06 09:19:10 :: src index update OK
2025-Nov-06 09:19:11 :: updated /gears/f/firefox.git branch `p11'
2025-Nov-06 09:19:17 :: gears update OK
2025-Nov-06 09:19:17 :: task #398219 for p11 DONE
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-11-06 9:19 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-10-24 18:07 [#398219] p11 TESTED firefox.git=144.0-alt1 Girar awaiter (rauty)
2025-10-25 12:17 ` [#398219] p11 EPERM (try 2) firefox.git=144.0-alt1 Girar awaiter (rauty)
2025-11-06 9:19 ` [#398219] p11 DONE (try 3) firefox.git=144.0-alt1 Girar pender (amakeenk)
ALT Linux Girar Builder robot reports
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sisyphus-incominger/0 sisyphus-incominger/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sisyphus-incominger sisyphus-incominger/ http://lore.altlinux.org/sisyphus-incominger \
sisyphus-incominger@lists.altlinux.org sisyphus-incominger@lists.altlinux.ru sisyphus-incominger@lists.altlinux.com
public-inbox-index sisyphus-incominger
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sisyphus-incominger
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git