Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Leap:15.2 checked in at 2020-03-17 04:15:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/MozillaFirefox (Old) and /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.3160 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Tue Mar 17 04:15:24 2020 rev:58 rq:785013 version:68.6.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/MozillaFirefox/MozillaFirefox.changes 2020-02-19 18:35:28.761574966 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.3160/MozillaFirefox.changes 2020-03-17 04:15:32.992973394 +0100 @@ -1,0 +2,26 @@ +Tue Mar 10 12:36:01 UTC 2020 - Martin Sirringhaus <martin.sirringh...@suse.com> + +- Firefox Extended Support Release 68.6.0 ESR + * Fixed: Various stability and security fixes + MFSA 2020-09 (bsc#1132665) + * CVE-2020-6805 (bmo#1610880) + Use-after-free when removing data about origins + * CVE-2020-6806 (bmo#1612308) + BodyStream::OnInputStreamReady was missing protections + against state confusion + * CVE-2020-6807 (bmo#1614971) + Use-after-free in cubeb during stream destruction + * CVE-2020-6811 (bmo#1607742) + Devtools' 'Copy as cURL' feature did not fully escape + website-controlled data, potentially leading to command + injection + * CVE-2019-20503 (bmo#1613765) + Out of bounds reads in sctp_load_addresses_from_init + * CVE-2020-6812 (bmo#1616661) + The names of AirPods with personally identifiable information + were exposed to websites with camera or microphone permission + * CVE-2020-6814 (bmo#1592078, bmo#1604847, bmo#1608256, + bmo#1612636, bmo#1614339) + Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 + +------------------------------------------------------------------- Old: ---- firefox-68.5.0esr.source.tar.xz firefox-68.5.0esr.source.tar.xz.asc l10n-68.5.0esr.tar.xz New: ---- firefox-68.6.0esr.source.tar.xz firefox-68.6.0esr.source.tar.xz.asc l10n-68.6.0esr.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.GZ1NAa/_old 2020-03-17 04:15:50.548983576 +0100 +++ /var/tmp/diff_new_pack.GZ1NAa/_new 2020-03-17 04:15:50.576983592 +0100 @@ -26,8 +26,8 @@ # major 69 # mainver %major.99 %define major 68 -%define mainver %major.5.0 -%define orig_version 68.5.0 +%define mainver %major.6.0 +%define orig_version 68.6.0 %define orig_suffix esr %define update_channel esr68 %define branding 1 ++++++ firefox-68.5.0esr.source.tar.xz -> firefox-68.6.0esr.source.tar.xz ++++++ /work/SRC/openSUSE:Leap:15.2/MozillaFirefox/firefox-68.5.0esr.source.tar.xz /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.3160/firefox-68.6.0esr.source.tar.xz differ: char 15, line 1 ++++++ l10n-68.5.0esr.tar.xz -> l10n-68.6.0esr.tar.xz ++++++ /work/SRC/openSUSE:Leap:15.2/MozillaFirefox/l10n-68.5.0esr.tar.xz /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.3160/l10n-68.6.0esr.tar.xz differ: char 15, line 1 ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.GZ1NAa/_old 2020-03-17 04:15:53.716985413 +0100 +++ /var/tmp/diff_new_pack.GZ1NAa/_new 2020-03-17 04:15:53.732985422 +0100 @@ -1,10 +1,10 @@ PRODUCT="firefox" CHANNEL="esr68" -VERSION="68.5.0" +VERSION="68.6.0" VERSION_SUFFIX="esr" -PREV_VERSION="68.4.2" +PREV_VERSION="68.5.0" PREV_VERSION_SUFFIX="esr" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr68" -RELEASE_TAG="ef373efc995d9350a676c4c231b344d173423e8a" -RELEASE_TIMESTAMP="20200206211857" +RELEASE_TAG="d5bc259574e77a27496e5bbbc56f635ff669e24f" +RELEASE_TIMESTAMP="20200305175243"