--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-7342330743
2023-10-18 01:45:22.977713
--------------------------------------------------------------------------------

Name        : icecat
Product     : Fedora 38
Version     : 115.3.1
Release     : 7.rh2.fc38
URL         : http://www.gnu.org/software/gnuzilla/
Summary     : GNU version of Firefox browser
Description :
GNU IceCat is the GNU version of the Firefox ESR browser.
Extensions included to this version of IceCat:

 * LibreJS
   GNU LibreJS aims to address the JavaScript problem described in the article
   "The JavaScript Trap" of Richard Stallman.

 * HTTPS Everywhere
   HTTPS Everywhere is an extension that encrypts your communications with
   many major websites, making your browsing more secure.

 * A set of companion extensions for LibreJS by Nathan Nichols
   are pre-installed, and provide workarounds to use some services at USPS,
   RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs
   without using nonfree JavaScript.

 * A series of configuration changes and tweaks were applied to ensure that
   IceCat does not initiate network connections that the user has not explicitly
   requested. This implies not downloading feeds, updates, blacklists or any
   other similar data needed during startup.

--------------------------------------------------------------------------------
Update Information:

- Release 115.3.1
--------------------------------------------------------------------------------
ChangeLog:

* Mon Oct  2 2023 Antonio Trande  - 2:115.3.1-7.rh2
- Add missing installed files
* Sun Oct  1 2023 Antonio Trande  - 2:115.3.1-6.rh2
- Exclude manpage temporarily
* Sun Oct  1 2023 Antonio Trande  - 2:115.3.1-5.rh2
- Upload new source archive rh2
* Sat Sep 30 2023 Antonio Trande  - 2:115.3.1-4.rh1
- Fix icecatview.html file
* Sat Sep 30 2023 Antonio Trande  - 2:115.3.1-3.rh1
- Fix files for processing MOZBUILD
* Fri Sep 29 2023 Antonio Trande  - 2:115.3.1-2.rh1
- Release 115.3.1 rh1| Fix clang path
* Fri Sep 29 2023 Antonio Trande  - 2:115.3.1-1.rh1
- Release 115.3.1 rh1| Epoch 2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2208177 - CVE-2023-26117 icecat: angularjs: Regular expression denial of service via the $resource service [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2208177
  [ 2 ] Bug #2208185 - CVE-2023-26116 icecat: angularjs: Regular Expression Denial of Service via angular.copy() [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2208185
  [ 3 ] Bug #2208195 - CVE-2023-26118 icecat: angularjs: Regular Expression Denial of Service via the  element [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2208195
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-7342330743' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://pagure.io/login/

Fedora 38: icecat 2023-7342330743

October 18, 2023
- Release 115.3.1

Summary

GNU IceCat is the GNU version of the Firefox ESR browser.

Extensions included to this version of IceCat:

* LibreJS

GNU LibreJS aims to address the JavaScript problem described in the article

"The JavaScript Trap" of Richard Stallman.

* HTTPS Everywhere

HTTPS Everywhere is an extension that encrypts your communications with

many major websites, making your browsing more secure.

* A set of companion extensions for LibreJS by Nathan Nichols

are pre-installed, and provide workarounds to use some services at USPS,

RSF.org, SumOfUs.org, pay.gov, McDonalds, goteo.org and Google Docs

without using nonfree JavaScript.

* A series of configuration changes and tweaks were applied to ensure that

IceCat does not initiate network connections that the user has not explicitly

requested. This implies not downloading feeds, updates, blacklists or any

other similar data needed during startup.

Update Information:

- Release 115.3.1

Change Log

* Mon Oct 2 2023 Antonio Trande - 2:115.3.1-7.rh2 - Add missing installed files * Sun Oct 1 2023 Antonio Trande - 2:115.3.1-6.rh2 - Exclude manpage temporarily * Sun Oct 1 2023 Antonio Trande - 2:115.3.1-5.rh2 - Upload new source archive rh2 * Sat Sep 30 2023 Antonio Trande - 2:115.3.1-4.rh1 - Fix icecatview.html file * Sat Sep 30 2023 Antonio Trande - 2:115.3.1-3.rh1 - Fix files for processing MOZBUILD * Fri Sep 29 2023 Antonio Trande - 2:115.3.1-2.rh1 - Release 115.3.1 rh1| Fix clang path * Fri Sep 29 2023 Antonio Trande - 2:115.3.1-1.rh1 - Release 115.3.1 rh1| Epoch 2

References

[ 1 ] Bug #2208177 - CVE-2023-26117 icecat: angularjs: Regular expression denial of service via the $resource service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208177 [ 2 ] Bug #2208185 - CVE-2023-26116 icecat: angularjs: Regular Expression Denial of Service via angular.copy() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208185 [ 3 ] Bug #2208195 - CVE-2023-26118 icecat: angularjs: Regular Expression Denial of Service via the element [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2208195

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-7342330743' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
Name : icecat
Product : Fedora 38
Version : 115.3.1
Release : 7.rh2.fc38
URL : http://www.gnu.org/software/gnuzilla/
Summary : GNU version of Firefox browser

Related News