Disabled flash by default because of 0day live flash exploit
This commit is contained in:
parent
8fc5a26b8c
commit
fb99c01350
12
firefox-35.0-flash-click-to-play.patch
Normal file
12
firefox-35.0-flash-click-to-play.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up firefox-35.0/mozilla-release/browser/app/profile/firefox.js.flash firefox-35.0/mozilla-release/browser/app/profile/firefox.js
|
||||
--- firefox-35.0/mozilla-release/browser/app/profile/firefox.js.flash 2015-01-22 12:19:27.000000000 +0100
|
||||
+++ firefox-35.0/mozilla-release/browser/app/profile/firefox.js 2015-01-22 12:21:45.139134814 +0100
|
||||
@@ -691,7 +691,7 @@ pref("plugin.defaultXpi.state", 2);
|
||||
|
||||
// Flash is enabled by default, and Java is click-to-activate by default on
|
||||
// all channels.
|
||||
-pref("plugin.state.flash", 2);
|
||||
+pref("plugin.state.flash", 1);
|
||||
pref("plugin.state.java", 1);
|
||||
|
||||
// Whitelist Requests
|
13
firefox.spec
13
firefox.spec
@ -107,7 +107,7 @@
|
||||
Summary: Mozilla Firefox Web browser
|
||||
Name: firefox
|
||||
Version: 35.0
|
||||
Release: 5%{?pre_tag}%{?dist}
|
||||
Release: 6%{?pre_tag}%{?dist}
|
||||
URL: http://www.mozilla.org/projects/firefox/
|
||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||
Group: Applications/Internet
|
||||
@ -138,9 +138,9 @@ Patch20: firefox-build-prbool.patch
|
||||
# Unable to install addons from https pages
|
||||
Patch204: rhbz-966424.patch
|
||||
Patch215: firefox-enable-addons.patch
|
||||
#Patch217: firefox-baseline-disable.patch
|
||||
Patch219: rhbz-1173156.patch
|
||||
Patch220: rhbz-1014858.patch
|
||||
Patch221: firefox-35.0-flash-click-to-play.patch
|
||||
|
||||
# Upstream patches
|
||||
Patch300: mozilla-858919.patch
|
||||
@ -294,12 +294,9 @@ cd %{tarballdir}
|
||||
# Fedora patches
|
||||
%patch204 -p2 -b .966424
|
||||
%patch215 -p1 -b .addons
|
||||
# disable baseline JIT on i686 (rhbz#1047079)
|
||||
#%ifarch %{ix86}
|
||||
#%patch217 -p2 -b .baseline
|
||||
#%endif
|
||||
%patch219 -p2 -b .rhbz-1173156
|
||||
%patch220 -p1 -b .rhbz-1014858
|
||||
%patch221 -p2 -b .flash
|
||||
|
||||
# Upstream patches
|
||||
%patch300 -p1 -b .858919
|
||||
@ -769,6 +766,10 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
|
||||
#---------------------------------------------------------------------
|
||||
|
||||
%changelog
|
||||
* Thu Jan 22 2015 Martin Stransky <stransky@redhat.com> - 35.0-6
|
||||
- Disabled flash by default because of 0day live flash exploit
|
||||
(see https://isc.sans.edu/diary/Flash+0-Day+Exploit+Used+by+Angler+Exploit+Kit/19213)
|
||||
|
||||
* Mon Jan 19 2015 Martin Stransky <stransky@redhat.com> - 35.0-5
|
||||
- Enable release build config
|
||||
- Gtk3 - added patch for HiDPI support (mozbz#975919)
|
||||
|
Loading…
Reference in New Issue
Block a user