Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: b9d8057840ba
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 2fab43b409d8
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Jan 10, 2020

  1. firefox-esr-60: mark as vulnerable 

    The last release was in September, so it's surely "vulnerable" now.
https://www.mozilla.org/en-US/firefox/60.9.0/releasenotes/

This is the same appproach we've taken for esr-52.

(cherry picked from commit f703a3a)
    @vcunat
    vcunat committed Jan 10, 2020

    Verified

    This commit was signed with the committer’s verified signature.
    jtojnar Jan Tojnar
    GPG key ID: 7FAB2A15F7A607A4
    Verified
    Learn about vigilant mode
    Copy the full SHA
    2fab43b View commit details
Showing with 1 addition and 0 deletions.
  1. +1 −0 pkgs/applications/networking/browsers/firefox/packages.nix
1 change: 1 addition & 0 deletions pkgs/applications/networking/browsers/firefox/packages.nix
View file
Original file line number Diff line number Diff line change
@@ -88,6 +88,7 @@ rec {

meta = firefox.meta // {
description = "A web browser built from Firefox Extended Support Release source tree";
knownVulnerabilities = [ "Support ended around October 2019." ];
};
updateScript = callPackage ./update.nix {
attrPath = "firefox-esr-60-unwrapped";