Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package firefox-esr for openSUSE:Factory checked in at 2025-06-24 20:50:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/firefox-esr (Old) and /work/SRC/openSUSE:Factory/.firefox-esr.new.7067 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "firefox-esr" Tue Jun 24 20:50:34 2025 rev:14 rq:1288256 version:128.12.0 Changes: -------- --- /work/SRC/openSUSE:Factory/firefox-esr/firefox-esr.changes 2025-06-18 16:00:51.619896165 +0200 +++ /work/SRC/openSUSE:Factory/.firefox-esr.new.7067/firefox-esr.changes 2025-06-24 20:52:59.557783092 +0200 @@ -1,0 +2,22 @@ +Mon Jun 23 09:12:47 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> + +- Firefox Extended Support Release 128.12.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.12.0 + https://www.mozilla.org/security/advisories/mfsa2025-53 + MFSA 2025-53 (boo#1244670) + * CVE-2025-6424 (bmo#1966423) + Use-after-free in FontFaceSet + * CVE-2025-6425 (bmo#1717672) + The WebCompat WebExtension shipped with Firefox exposed a + persistent UUID + * CVE-2025-6426 (bmo#1964385) + No warning when opening executable terminal files on macOS + * CVE-2025-6429 (bmo#1970658) + Incorrect parsing of URLs could have allowed embedding of + youtube.com + * CVE-2025-6430 (bmo#1971140) + Content-Disposition header ignored when a file is included in + an embed or object tag + +------------------------------------------------------------------- Old: ---- firefox-128.11.0esr.source.tar.xz firefox-128.11.0esr.source.tar.xz.asc l10n-128.11.0esr.tar.xz New: ---- firefox-128.12.0esr.source.tar.xz firefox-128.12.0esr.source.tar.xz.asc l10n-128.12.0esr.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ firefox-esr.spec ++++++ --- /var/tmp/diff_new_pack.RbhxZI/_old 2025-06-24 20:53:07.758123434 +0200 +++ /var/tmp/diff_new_pack.RbhxZI/_new 2025-06-24 20:53:07.758123434 +0200 @@ -16,7 +16,7 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # - +# either firefox-esr or MozillaFirefox %if 0%{?suse_version} > 1549 # On Tumbleweed this package is always called firefox-esr %define pkgname firefox-esr @@ -41,8 +41,8 @@ # major 69 # mainver %%major.99 %define major 128 -%define mainver %major.11.0 -%define orig_version 128.11.0 +%define mainver %major.12.0 +%define orig_version 128.12.0 %define orig_suffix esr %define update_channel esr %define branding 1 @@ -109,13 +109,13 @@ BuildRequires: Mesa-devel BuildRequires: alsa-devel BuildRequires: autoconf213 -BuildRequires: cargo1.84 BuildRequires: dbus-1-glib-devel BuildRequires: dejavu-fonts BuildRequires: fdupes +BuildRequires: memory-constraints BuildRequires: gcc14 BuildRequires: gcc14-c++ -BuildRequires: memory-constraints +BuildRequires: cargo1.84 BuildRequires: rust1.84 %if 0%{useccache} != 0 BuildRequires: ccache ++++++ MozillaFirefox.changes.txt ++++++ --- /var/tmp/diff_new_pack.RbhxZI/_old 2025-06-24 20:53:07.854127418 +0200 +++ /var/tmp/diff_new_pack.RbhxZI/_new 2025-06-24 20:53:07.858127584 +0200 @@ -1,4 +1,26 @@ ------------------------------------------------------------------- +Mon Jun 23 09:12:47 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> + +- Firefox Extended Support Release 128.12.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.12.0 + https://www.mozilla.org/security/advisories/mfsa2025-53 + MFSA 2025-53 (boo#1244670) + * CVE-2025-6424 (bmo#1966423) + Use-after-free in FontFaceSet + * CVE-2025-6425 (bmo#1717672) + The WebCompat WebExtension shipped with Firefox exposed a + persistent UUID + * CVE-2025-6426 (bmo#1964385) + No warning when opening executable terminal files on macOS + * CVE-2025-6429 (bmo#1970658) + Incorrect parsing of URLs could have allowed embedding of + youtube.com + * CVE-2025-6430 (bmo#1971140) + Content-Disposition header ignored when a file is included in + an embed or object tag + +------------------------------------------------------------------- Tue Jun 17 08:18:37 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> - Use these tools/versions unconditionally, package won't build on ++++++ firefox-128.11.0esr.source.tar.xz -> firefox-128.12.0esr.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/firefox-esr/firefox-128.11.0esr.source.tar.xz /work/SRC/openSUSE:Factory/.firefox-esr.new.7067/firefox-128.12.0esr.source.tar.xz differ: char 15, line 1 ++++++ firefox-esr.changes.txt ++++++ --- /var/tmp/diff_new_pack.RbhxZI/_old 2025-06-24 20:53:07.970132233 +0200 +++ /var/tmp/diff_new_pack.RbhxZI/_new 2025-06-24 20:53:07.974132399 +0200 @@ -1,4 +1,26 @@ ------------------------------------------------------------------- +Mon Jun 23 09:12:47 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> + +- Firefox Extended Support Release 128.12.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.12.0 + https://www.mozilla.org/security/advisories/mfsa2025-53 + MFSA 2025-53 (boo#1244670) + * CVE-2025-6424 (bmo#1966423) + Use-after-free in FontFaceSet + * CVE-2025-6425 (bmo#1717672) + The WebCompat WebExtension shipped with Firefox exposed a + persistent UUID + * CVE-2025-6426 (bmo#1964385) + No warning when opening executable terminal files on macOS + * CVE-2025-6429 (bmo#1970658) + Incorrect parsing of URLs could have allowed embedding of + youtube.com + * CVE-2025-6430 (bmo#1971140) + Content-Disposition header ignored when a file is included in + an embed or object tag + +------------------------------------------------------------------- Tue Jun 17 08:18:37 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> - Use these tools/versions unconditionally, package won't build on ++++++ l10n-128.11.0esr.tar.xz -> l10n-128.12.0esr.tar.xz ++++++ ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.RbhxZI/_old 2025-06-24 20:53:08.234143190 +0200 +++ /var/tmp/diff_new_pack.RbhxZI/_new 2025-06-24 20:53:08.234143190 +0200 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="esr128" -VERSION="128.11.0" +VERSION="128.12.0" VERSION_SUFFIX="esr" -PREV_VERSION="128.10.1" +PREV_VERSION="128.11.0" PREV_VERSION_SUFFIX="esr" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr128"; -RELEASE_TAG="c6fae8e73635b58fac8a4536e34f63c8518a350d" -RELEASE_TIMESTAMP="20250519114620" +RELEASE_TAG="f3f836bf735d55fcfdf97dd3788f7952419dea1f" +RELEASE_TIMESTAMP="20250616190003"
