Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2021-06-11 22:29:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32437 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Fri Jun 11 22:29:58 2021 rev:337 rq:897726 version:89.0 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2021-05-15 23:17:04.192529352 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32437/MozillaFirefox.changes 2021-06-11 22:30:06.786071887 +0200 @@ -1,0 +2,39 @@ +Sat May 29 20:55:56 UTC 2021 - Wolfgang Rosenauer <w...@rosenauer.org> + +- Mozilla Firefox 89.0 + * UI redesign + * The Event Timing API is now supported + * The CSS forced-colors media query is now supported + MFSA 2021-23 (bsc#1186696) + * CVE-2021-29965 (bmo#1709257) + Password Manager on Firefox for Android susceptible to domain + spoofing + * CVE-2021-29960 (bmo#1675965) + Filenames printed from private browsing mode incorrectly + retained in preferences + * CVE-2021-29961 (bmo#1700235) + Firefox UI spoof using `<select>` elements and CSS scaling + * CVE-2021-29963 (bmo#1705068) + Shared cookies for search suggestions in private browsing mode + * CVE-2021-29964 (bmo#1706501) + Out of bounds-read when parsing a `WM_COPYDATA` message + * CVE-2021-29959 (bmo#1395819) + Devices could be re-enabled without additional permission prompt + * CVE-2021-29962 (bmo#1701673) + No rate-limiting for popups on Firefox for Android + * CVE-2021-29967 (bmo#1602862, bmo#1703191, bmo#1703760, + bmo#1704722, bmo#1706041) + Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 + * CVE-2021-29966 (bmo#1660307, bmo#1686154, bmo#1702948, bmo#1708124) + Memory safety bugs fixed in Firefox 89 +- require + NSS >= 3.64 + rust-cbindgen >= 0.19.0 +- do not rely on nodejs10 packagename anymore +- updated mozilla.keyring +- switched TW/x86_64 to clang as the last platform due to + https://bugs.gentoo.org/792705 +- but LTO with clang is broken in TW so disable LTO for it + https://bugs.llvm.org/show_bug.cgi?id=47872 + +------------------------------------------------------------------- Old: ---- firefox-88.0.1.source.tar.xz firefox-88.0.1.source.tar.xz.asc l10n-88.0.1.tar.xz New: ---- firefox-89.0.source.tar.xz firefox-89.0.source.tar.xz.asc l10n-89.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.W676yE/_old 2021-06-11 22:30:15.462086921 +0200 +++ /var/tmp/diff_new_pack.W676yE/_new 2021-06-11 22:30:15.462086921 +0200 @@ -1,5 +1,5 @@ # -# spec file for package MozillaFirefox +# spec file # # Copyright (c) 2021 SUSE LLC # 2006-2021 Wolfgang Rosenauer <w...@rosenauer.org> @@ -32,9 +32,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 88 -%define mainver %major.0.1 -%define orig_version 88.0.1 +%define major 89 +%define mainver %major.0 +%define orig_version 89.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -45,13 +45,6 @@ # upstream default is clang (to use gcc for large parts set to 0) %define clang_build 1 -%if 0%{?is_opensuse} && 0%{?suse_version} >= 1550 -%ifarch x86_64 -# on Tumbleweed/x86_64 this does not work due to undefined -# references to `__rust_probestack' -%define clang_build 0 -%endif -%endif # PIE, full relro %define build_hardened 1 @@ -118,9 +111,9 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.30 -BuildRequires: mozilla-nss-devel >= 3.63.1 +BuildRequires: mozilla-nss-devel >= 3.64 BuildRequires: nasm >= 2.14 -BuildRequires: nodejs10 >= 10.22.1 +BuildRequires: nodejs >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 BuildRequires: python-libxml2 BuildRequires: python36 @@ -129,7 +122,7 @@ BuildRequires: python3-devel %endif BuildRequires: rust >= 1.47 -BuildRequires: rust-cbindgen >= 0.16.0 +BuildRequires: rust-cbindgen >= 0.19.0 BuildRequires: unzip BuildRequires: update-desktop-files BuildRequires: xorg-x11-libXt-devel @@ -512,7 +505,7 @@ %endif %ifarch x86_64 # LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506) -%if 0%{?suse_version} > 1500 +%if 0%{?suse_version} > 1500 && 0%{?suse_version} < 1550 ac_add_options --enable-lto %if 0%{?do_profiling} ac_add_options MOZ_PGO=1 ++++++ firefox-88.0.1.source.tar.xz -> firefox-89.0.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-88.0.1.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32437/firefox-89.0.source.tar.xz differ: char 15, line 1 ++++++ l10n-88.0.1.tar.xz -> l10n-89.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-88.0.1.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32437/l10n-89.0.tar.xz differ: char 26, line 1 ++++++ mozilla.keyring ++++++ ++++ 659 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/MozillaFirefox/mozilla.keyring ++++ and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32437/mozilla.keyring ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.W676yE/_old 2021-06-11 22:30:15.810087524 +0200 +++ /var/tmp/diff_new_pack.W676yE/_new 2021-06-11 22:30:15.814087531 +0200 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="88.0.1" +VERSION="89.0" VERSION_SUFFIX="" -PREV_VERSION="88.0" +PREV_VERSION="88.0.1" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="179e1482851c07d65bf29a21c9e42ea312fc87fa" -RELEASE_TIMESTAMP="20210504152106" +RELEASE_TAG="1ce0b546a957ed918a0b1f5476786864fbce87e1" +RELEASE_TIMESTAMP="20210527174632"