This update bumps the package to the latest stable version containing a
few security fixes:
- CVE-2018-12386: Type confusion in JavaScript
A vulnerability in register allocation in JavaScript can lead to type
confusion, allowing for an arbitrary read and write. This leads to
remote code execution inside the sandboxed content process when
triggered.
- CVE-2018-12387
A vulnerability where the JavaScript JIT compiler inlines
Array.prototype.push with multiple arguments that results in the stack
pointer being off by 8 bytes after a bailout. This leaks a memory
address to the calling function which can be used as part of an
exploit inside the sandboxed content process.
Source: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
* firefox-beta-bin: 51.0b8 -> 54.0b13
* firefox-devedition-bin: init at 54.0b14
Firefox DevEdition became a new product of Mozilla and is "repackaged"
Firefox Beta with its own release channel and six weeks release cycle as
other channels. It is no longer being built on nightly basis
* updated the update.nix script to facilitata firefox-devedition-bin
* disabling automatic updates by pointing to non existing channel
* f firefoxWrapper looks for gtk3 attribute to wrap the executable gtk3 to wrap the binary with needed ``XDG_DATA_DIRS``
