Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Leap:15.2 checked in at 2020-04-20 12:54:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/MozillaFirefox (Old) and /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Mon Apr 20 12:54:55 2020 rev:60 rq:792887 version:68.7.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/MozillaFirefox/MozillaFirefox.changes 2020-03-27 16:43:02.463754143 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.2738/MozillaFirefox.changes 2020-04-20 12:54:56.388676808 +0200 @@ -1,0 +2,29 @@ +Tue Apr 7 13:45:36 UTC 2020 - Martin Sirringhaus <martin.sirringh...@suse.com> + +- Firefox Extended Support Release 68.7.0 ESR + MFSA 2020-13 (bsc#1168874) + * CVE-2020-6828 (bmo#1617928) + Preference overwrite via crafted Intent from malicious + Android application + * CVE-2020-6827 (bmo#1622278) + Custom Tabs in Firefox for Android could have the URI spoofed + * CVE-2020-6821 (bmo#1625404) + Uninitialized memory could be read when using the WebGL + copyTexSubImage method + * CVE-2020-6822 (bmo#1544181) + Out of bounds write in GMPDecodeData when processing large + images + * CVE-2020-6825 (bmo#1572541, bmo#1620193, bmo#1620203) + Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 + +------------------------------------------------------------------- +Sat Apr 4 08:24:21 UTC 2020 - Andreas Stieger <andreas.stie...@gmx.de> + +- Mozilla Firefox 68.6.1esr + MFSA 2020-11 (boo#1168630) + * CVE-2020-6819 (bmo#1620818) + Use-after-free while running the nsDocShell destructor + * CVE-2020-6820 (bmo#1626728) + Use-after-free when handling a ReadableStream + +------------------------------------------------------------------- Old: ---- firefox-68.6.0esr.source.tar.xz firefox-68.6.0esr.source.tar.xz.asc l10n-68.6.0esr.tar.xz New: ---- firefox-68.7.0esr.source.tar.xz firefox-68.7.0esr.source.tar.xz.asc l10n-68.7.0esr.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.RU05Df/_old 2020-04-20 12:55:12.952702799 +0200 +++ /var/tmp/diff_new_pack.RU05Df/_new 2020-04-20 12:55:12.956702805 +0200 @@ -1,7 +1,7 @@ # # spec file for package MozillaFirefox # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # 2006-2019 Wolfgang Rosenauer <w...@rosenauer.org> # # All modifications and additions to the file contributed by third parties @@ -26,8 +26,8 @@ # major 69 # mainver %major.99 %define major 68 -%define mainver %major.6.0 -%define orig_version 68.6.0 +%define mainver %major.7.0 +%define orig_version 68.7.0 %define orig_suffix esr %define update_channel esr68 %define branding 1 ++++++ firefox-68.6.0esr.source.tar.xz -> firefox-68.7.0esr.source.tar.xz ++++++ /work/SRC/openSUSE:Leap:15.2/MozillaFirefox/firefox-68.6.0esr.source.tar.xz /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.2738/firefox-68.7.0esr.source.tar.xz differ: char 15, line 1 ++++++ l10n-68.6.0esr.tar.xz -> l10n-68.7.0esr.tar.xz ++++++ /work/SRC/openSUSE:Leap:15.2/MozillaFirefox/l10n-68.6.0esr.tar.xz /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.2738/l10n-68.7.0esr.tar.xz differ: char 15, line 1 ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.RU05Df/_old 2020-04-20 12:55:13.280703314 +0200 +++ /var/tmp/diff_new_pack.RU05Df/_new 2020-04-20 12:55:13.284703320 +0200 @@ -1,10 +1,10 @@ PRODUCT="firefox" CHANNEL="esr68" -VERSION="68.6.0" +VERSION="68.7.0" VERSION_SUFFIX="esr" -PREV_VERSION="68.5.0" +PREV_VERSION="68.6.1" PREV_VERSION_SUFFIX="esr" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr68" -RELEASE_TAG="d5bc259574e77a27496e5bbbc56f635ff669e24f" -RELEASE_TIMESTAMP="20200305175243" +RELEASE_TAG="1081a5ebf803f8a22ddbe03d73e61e3346243786" +RELEASE_TIMESTAMP="20200403171148"