FEDORA-EPEL-2018-1141f91524 created by rathann a year ago for Fedora EPEL 7
stable

This update introduces NoScript version 10 (WebExtension-compatible) required for Firefox 60 ESR and moves the legacy (classic) version 5.x to SeaMonkey-specific folder.

v 5.1.8.7

  • [Security] Fixed script blocking bypass zero-day (thanks Zerodium for unresponsible disclosure, https://twitter.com/Zerodium/status/1039127214602641409)
  • [Surrogate] Fixed typo in 2mdn replacement (thansk barbaz)
  • [XSS] Fixed InjectionChecker choking at some big JSON payloads sents as POST form data
  • [XSS] In-depth protection against native ES6 modules abuse
  • Fixed classic beta channel users being accidentally migrated to stable (thanks barbaz)
This update has been submitted for testing by rathann. a year ago
User Icon anonymous commented & provided feedback a year ago

Noscript 10 needed for updated Firefox in EL7.

karma: -1

This update has been pushed to testing. a year ago
User Icon rathann commented & provided feedback a year ago

It should still work with SeaMonkey, but yes, you're right. New builds with both classic and WebExtension versions done (like on F27-F28).

rathann edited this update. New build(s): - mozilla-noscript-10.1.9.6-1.el7 Removed build(s): - mozilla-noscript-5.1.8.7-1.el7 Karma has been reset. a year ago
This update has been submitted for testing by rathann. a year ago
This update has been pushed to testing. a year ago
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes a year ago
This update has been submitted for batched by rathann. a year ago
This update has been submitted for stable by bodhi. a year ago
This update has been pushed to stable. a year ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-2
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
modified
a year ago
BZ#1629212 CVE-2018-16983 mozilla-noscript: NoScript Bypass via the text/html;/json Content-Type value
0
0
BZ#1629217 CVE-2018-16983 mozilla-noscript: NoScript Bypass via the text/html;/json Content-Type value [epel-all]
0
0
BZ#1629661 mozilla-noscript-10.1.9.6 is available
0
0

Automated Test Results