Hello community,
here is the log from the commit of package MozillaFirefox for
openSUSE:Leap:15.2 checked in at 2020-03-17 04:15:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2/MozillaFirefox (Old)
and /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.3160 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox"
Tue Mar 17 04:15:24 2020 rev:58 rq:785013 version:68.6.0
Changes:
--------
--- /work/SRC/openSUSE:Leap:15.2/MozillaFirefox/MozillaFirefox.changes
2020-02-19 18:35:28.761574966 +0100
+++
/work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.3160/MozillaFirefox.changes
2020-03-17 04:15:32.992973394 +0100
@@ -1,0 +2,26 @@
+Tue Mar 10 12:36:01 UTC 2020 - Martin Sirringhaus <martin.sirringh...@suse.com>
+
+- Firefox Extended Support Release 68.6.0 ESR
+ * Fixed: Various stability and security fixes
+ MFSA 2020-09 (bsc#1132665)
+ * CVE-2020-6805 (bmo#1610880)
+ Use-after-free when removing data about origins
+ * CVE-2020-6806 (bmo#1612308)
+ BodyStream::OnInputStreamReady was missing protections
+ against state confusion
+ * CVE-2020-6807 (bmo#1614971)
+ Use-after-free in cubeb during stream destruction
+ * CVE-2020-6811 (bmo#1607742)
+ Devtools' 'Copy as cURL' feature did not fully escape
+ website-controlled data, potentially leading to command
+ injection
+ * CVE-2019-20503 (bmo#1613765)
+ Out of bounds reads in sctp_load_addresses_from_init
+ * CVE-2020-6812 (bmo#1616661)
+ The names of AirPods with personally identifiable information
+ were exposed to websites with camera or microphone permission
+ * CVE-2020-6814 (bmo#1592078, bmo#1604847, bmo#1608256,
+ bmo#1612636, bmo#1614339)
+ Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6
+
+-------------------------------------------------------------------
Old:
----
firefox-68.5.0esr.source.tar.xz
firefox-68.5.0esr.source.tar.xz.asc
l10n-68.5.0esr.tar.xz
New:
----
firefox-68.6.0esr.source.tar.xz
firefox-68.6.0esr.source.tar.xz.asc
l10n-68.6.0esr.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaFirefox.spec ++++++
--- /var/tmp/diff_new_pack.GZ1NAa/_old 2020-03-17 04:15:50.548983576 +0100
+++ /var/tmp/diff_new_pack.GZ1NAa/_new 2020-03-17 04:15:50.576983592 +0100
@@ -26,8 +26,8 @@
# major 69
# mainver %major.99
%define major 68
-%define mainver %major.5.0
-%define orig_version 68.5.0
+%define mainver %major.6.0
+%define orig_version 68.6.0
%define orig_suffix esr
%define update_channel esr68
%define branding 1
++++++ firefox-68.5.0esr.source.tar.xz -> firefox-68.6.0esr.source.tar.xz ++++++
/work/SRC/openSUSE:Leap:15.2/MozillaFirefox/firefox-68.5.0esr.source.tar.xz
/work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.3160/firefox-68.6.0esr.source.tar.xz
differ: char 15, line 1
++++++ l10n-68.5.0esr.tar.xz -> l10n-68.6.0esr.tar.xz ++++++
/work/SRC/openSUSE:Leap:15.2/MozillaFirefox/l10n-68.5.0esr.tar.xz
/work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.3160/l10n-68.6.0esr.tar.xz
differ: char 15, line 1
++++++ tar_stamps ++++++
--- /var/tmp/diff_new_pack.GZ1NAa/_old 2020-03-17 04:15:53.716985413 +0100
+++ /var/tmp/diff_new_pack.GZ1NAa/_new 2020-03-17 04:15:53.732985422 +0100
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="esr68"
-VERSION="68.5.0"
+VERSION="68.6.0"
VERSION_SUFFIX="esr"
-PREV_VERSION="68.4.2"
+PREV_VERSION="68.5.0"
PREV_VERSION_SUFFIX="esr"
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr68";
-RELEASE_TAG="ef373efc995d9350a676c4c231b344d173423e8a"
-RELEASE_TIMESTAMP="20200206211857"
+RELEASE_TAG="d5bc259574e77a27496e5bbbc56f635ff669e24f"
+RELEASE_TIMESTAMP="20200305175243"
