commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2024-06-14 18:57:28
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.19518 (New)
Package is "MozillaFirefox"
Fri Jun 14 18:57:28 2024 rev:429 rq:1180696 version:127.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2024-05-30 15:32:12.487698934 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.19518/MozillaFirefox.changes
2024-06-14 18:57:30.841634768 +0200
@@ -1,0 +2,42 @@
+Tue Jun 11 09:21:24 UTC 2024 - Wolfgang Rosenauer
+
+- Mozilla Firefox 127.0
+ https://www.mozilla.org/en-US/firefox/127.0/releasenotes
+ MFSA 2024-25 (bsc#1226027)
+ * CVE-2024-5687 (bmo#1889066)
+An incorrect principal could have been used when opening new tabs
+ * CVE-2024-5688 (bmo#1895086)
+Use-after-free in JavaScript object transplant
+ * CVE-2024-5689 (bmo#1389707)
+User confusion and possible phishing vector via Firefox Screenshots
+ * CVE-2024-5690 (bmo#1883693)
+External protocol handlers leaked by timing attack
+ * CVE-2024-5691 (bmo#1888695)
+Sandboxed iframes were able to bypass sandbox restrictions to
+open a new window
+ * CVE-2024-5692 (bmo#1837514, bmo#1891234)
+Bypass of file name restrictions during saving
+ * CVE-2024-5693 (bmo#1891319)
+Cross-Origin Image leak via Offscreen Canvas
+ * CVE-2024-5694 (bmo#1895055)
+Use-after-free in JavaScript Strings
+ * CVE-2024-5695 (bmo#1895579)
+Memory Corruption using allocation using out-of-memory conditions
+ * CVE-2024-5696 (bmo#1896555)
+Memory Corruption in Text Fragments
+ * CVE-2024-5697 (bmo#1414937)
+Website was able to detect when Firefox was taking a
+screenshot of them
+ * CVE-2024-5698 (bmo#1828259)
+Data-list could have overlaid address bar
+ * CVE-2024-5699 (bmo#1891349)
+Cookie prefixes not treated as case-sensitive
+ * CVE-2024-5700 (bmo#1862809, bmo#1889355, bmo#1893388, bmo#1895123)
+Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12,
+and Thunderbird 115.12
+ * CVE-2024-5701 (bmo#1890909, bmo#1891422, bmo#1893915,
+bmo#1894047, bmo#1896024)
+Memory safety bugs fixed in Firefox 127
+- removed obsolete mozilla-bmo1886378.patch
+
+---
Old:
firefox-126.0.1.source.tar.xz
firefox-126.0.1.source.tar.xz.asc
l10n-126.0.1.tar.xz
mozilla-bmo1886378.patch
New:
firefox-127.0.source.tar.xz
firefox-127.0.source.tar.xz.asc
l10n-127.0.tar.xz
BETA DEBUG BEGIN:
Old:Memory safety bugs fixed in Firefox 127
- removed obsolete mozilla-bmo1886378.patch
BETA DEBUG END:
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.eaqlpn/_old 2024-06-14 18:57:45.590167529 +0200
+++ /var/tmp/diff_new_pack.eaqlpn/_new 2024-06-14 18:57:45.614168396 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 126
-%define mainver%major.0.1
-%define orig_version 126.0.1
+%define major 127
+%define mainver%major.0
+%define orig_version 127.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -229,7 +229,6 @@
Patch22:mozilla-partial-revert-1768632.patch
Patch23:mozilla-rust-disable-future-incompat.patch
Patch24:mozilla-bmo1822730.patch
-Patch25:mozilla-bmo1886378.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
++ firefox-126.0.1.source.tar.xz -> firefox-127.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-126.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.19518/firefox-127.0.source.tar.xz
differ: char 15, line 1
++ l10n-126.0.1.tar.xz -> l10n-127.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-126.0.1.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.19518/l10n-127.0.tar.xz differ:
char 26, line 1
++ mozilla-libavcodec58_91.patch ++
--- /var/tmp/diff_new_pack.eaqlpn/_old 2024-06-14 18:57:47.750245558 +0200
+++ /var/tmp/diff_new_pack.eaqlpn/_new 2024-06-14 18:57:47.786246858 +0200
@@ -1,16 +1,16 @@
# HG changeset patch
-# Parent 60fc1933af9d4f1769025a6f1d9a60db6b899315
+# Parent fdc16b43f28c2e974929ca702563aaac52799654
diff --git a/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
b/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
--- a/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
+++ b/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
-@@ -36,16 +36,18 @@ static const
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2024-05-21 18:33:21
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880 (New)
Package is "MozillaFirefox"
Tue May 21 18:33:21 2024 rev:427 rq:1175472 version:126.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2024-05-01 14:55:00.654770648 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880/MozillaFirefox.changes
2024-05-21 18:33:29.619941660 +0200
@@ -1,0 +2,47 @@
+Wed May 15 08:46:30 UTC 2024 - Wolfgang Rosenauer
+
+- Mozilla Firefox 126.0
+ https://www.mozilla.org/en-US/firefox/126.0/releasenotes
+ MFSA 2024-21 (bsc#1224056)
+ * CVE-2024-4764 (bmo#1879093)
+Use-after-free when audio input connected with multiple consumers
+ * CVE-2024-4367 (bmo#1893645)
+Arbitrary JavaScript execution in PDF.js
+ * CVE-2024-4765 (bmo#1871109)
+Web application manifests could have been overwritten via
+hash collision
+ * CVE-2024-4766 (bmo#1871214, bmo#1871217)
+Fullscreen notification could have been obscured on Firefox
+for Android
+ * CVE-2024-4767 (bmo#1878577)
+IndexedDB files retained in private browsing mode
+ * CVE-2024-4768 (bmo#1886082)
+Potential permissions request bypass via clickjacking
+ * CVE-2024-4769 (bmo#1886108)
+Cross-origin responses could be distinguished between script
+and non-script content-types
+ * CVE-2024-4770 (bmo#1893270)
+Use-after-free could occur when printing to PDF
+ * CVE-2024-4771 (bmo#1893891)
+Failed allocation could lead to use-after-free
+ * CVE-2024-4772 (bmo#1870579)
+Use of insecure rand() function to generate nonce
+ * CVE-2024-4773 (bmo#1875248)
+URL bar could be cleared after network error
+ * CVE-2024-4774 (bmo#1886598)
+Undefined behavior in ShmemCharMapHashEntry()
+ * CVE-2024-4775 (bmo#1887332)
+Invalid memory access in the built-in profiler
+ * CVE-2024-4776 (bmo#1887343)
+Window may remain disabled after file dialog is shown in
+full-screen
+ * CVE-2024-4777 (bmo#1878199, bmo#1893340)
+Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,
+and Thunderbird 115.11
+ * CVE-2024-4778 (bmo#1838834, bmo#1889291, bmo#1889595,
+bmo#1890204, bmo#1891545)
+Memory safety bugs fixed in Firefox 126
+- requires NSS 3.100
+- removed obsolete mozilla-libproxy-fix.patch
+
+---
Old:
firefox-125.0.3.source.tar.xz
firefox-125.0.3.source.tar.xz.asc
l10n-125.0.3.tar.xz
mozilla-libproxy-fix.patch
New:
firefox-126.0.source.tar.xz
firefox-126.0.source.tar.xz.asc
l10n-126.0.tar.xz
BETA DEBUG BEGIN:
Old:- requires NSS 3.100
- removed obsolete mozilla-libproxy-fix.patch
BETA DEBUG END:
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.LWak5m/_old 2024-05-21 18:33:44.892496950 +0200
+++ /var/tmp/diff_new_pack.LWak5m/_new 2024-05-21 18:33:44.900497240 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 125
-%define mainver%major.0.3
-%define orig_version 125.0.3
+%define major 126
+%define mainver%major.0
+%define orig_version 126.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.99
+BuildRequires: mozilla-nss-devel >= 3.100
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -229,7 +229,6 @@
Patch22:mozilla-partial-revert-1768632.patch
Patch23:mozilla-rust-disable-future-incompat.patch
Patch24:mozilla-bmo1822730.patch
-Patch25:mozilla-libproxy-fix.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -735,10 +734,10 @@
%{progdir}/platform.ini
%if %crashreporter
%{progdir}/crashreporter
-%{progdir}/crashreporter.ini
-%{progdir}/Throbber-small.gif
+#%{progdir}/crashreporter.ini
+#%{progdir}/Throbber-small.gif
%{progdir}/minidump-analyzer
-%{progdir}/browser/crashreporter-override.ini
+#%{progdir}/browser/crashreporter-override.ini
%endif
%{_datadir}/applications/%{desktop_file_name}.desktop
%{_datadir}/mime/packages/%{progname}.xml
++ firefox-125.0.3.source.tar.xz -> firefox-126.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-125.0.3.source.tar.xz
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2024-05-01 14:54:55
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880 (New)
Package is "MozillaFirefox"
Wed May 1 14:54:55 2024 rev:426 rq:1170867 version:125.0.3
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2024-04-26 23:26:20.686918219 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880/MozillaFirefox.changes
2024-05-01 14:55:00.654770648 +0200
@@ -1,0 +2,24 @@
+Mon Apr 29 18:17:48 UTC 2024 - Andreas Stieger
+
+- Mozilla Firefox 125.0.3
+ * Fixed: Fixed an extra blank tab with an address of
+`https://0.0.0.1` sometimes appearing when attempting to
+launch Firefox when it is already running (bmo#1892612).
+ * Fixed: Fixed an issue that could cause incorrect font
+selection in some situations for users with the Japanese
+locale set (bmo#1892363).
+ * Fixed: Fixed text corruption when dragging text containing
+unicode characters on Linux systems (bmo#1888202).
+ * Fixed: Fixed a correctness error when checking
+`arguments.length` (and not using arguments otherwise) inside
+of a generator or async function (bmo#1892699).
+ * Fixed: Fixed an issue that could lead to inconsistent focus
+handling of `` elements when opened (bmo#1893177).
+
+---
+Wed Apr 24 08:43:53 UTC 2024 - Manfred Hollstein
+
+- Fix build on Leap by requiring gcc13 which has been made available
+ as an update.
+
+---
@@ -5,3 +29,3 @@
- * The 125.0 and 125.0.1 releases were skipped due to problems with a
-feature that proactively blocked downloads from potentially
-untrustworthy URLs
+ * The 125.0 and 125.0.1 releases were skipped due to problems
+with a feature that proactively blocked downloads from
+potentially untrustworthy URLs.
@@ -84 +108,2 @@
-Use-after-free if garbage collection runs during realm initialization
+Use-after-free if garbage collection runs during realm
+initialization
@@ -88 +113,2 @@
-Incorrect JIT optimization of MSubstr leads to out-of-bounds reads
+Incorrect JIT optimization of MSubstr leads to out-of-bounds
+reads
@@ -95 +121,2 @@
-Corrupt pointer dereference in js::CheckTracedThing
+Corrupt pointer dereference in
+js::CheckTracedThing
@@ -107 +134,2 @@
-Download Protections were bypassed by .xrm-ms files on Windows
+Download Protections were bypassed by .xrm-ms files on
+Windows
@@ -114 +142,2 @@
- * CVE-2024-3865 (bmo#1881076, bmo#1884887, bmo#1885359, bmo#1889049)
+ * CVE-2024-3865 (bmo#1881076, bmo#1884887, bmo#1885359,
+bmo#1889049)
Old:
firefox-125.0.2.source.tar.xz
firefox-125.0.2.source.tar.xz.asc
l10n-125.0.2.tar.xz
New:
firefox-125.0.3.source.tar.xz
firefox-125.0.3.source.tar.xz.asc
l10n-125.0.3.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.yinzh8/_old 2024-05-01 14:55:17.187370490 +0200
+++ /var/tmp/diff_new_pack.yinzh8/_new 2024-05-01 14:55:17.191370636 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 125
-%define mainver%major.0.2
-%define orig_version 125.0.2
+%define mainver%major.0.3
+%define orig_version 125.0.3
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -98,8 +98,8 @@
BuildRequires: fdupes
BuildRequires: memory-constraints
%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
-BuildRequires: gcc12
-BuildRequires: gcc12-c++
+BuildRequires: gcc13
+BuildRequires: gcc13-c++
%else
BuildRequires: gcc-c++
%endif
@@ -382,8 +382,8 @@
export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system
export CFLAGS="%{optflags}"
%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
-export CC=gcc-12
-export CXX=g++-12
+export CC=gcc-13
+export CXX=g++-13
%else
%if 0%{?clang_build} == 0
export CC=gcc
++ firefox-125.0.2.source.tar.xz -> firefox-125.0.3.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-125.0.2.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880/firefox-125.0.3.source.tar.xz
differ: char 15, line 1
++ l10n-125.0.2.tar.xz -> l10n-125.0.3.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.yinzh8/_old 2024-05-01 14:55:17.759391244 +0200
+++ /var/tmp/diff_new_pack.yinzh8/_new 2024-05-01 14:55:17.767391535 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="125.0.2"
+VERSION="125.0.3"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2024-04-26 23:26:13 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880 (New) Package is "MozillaFirefox" Fri Apr 26 23:26:13 2024 rev:425 rq:1169983 version:125.0.2 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2024-04-04 22:24:23.715194799 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880/MozillaFirefox.changes 2024-04-26 23:26:20.686918219 +0200 @@ -1,0 +2,120 @@ +Sun Apr 21 04:49:23 UTC 2024 - Wolfgang Rosenauer + +- Mozilla Firefox 125.0.2 + * The 125.0 and 125.0.1 releases were skipped due to problems with a +feature that proactively blocked downloads from potentially +untrustworthy URLs + * New: Firefox now supports the AV1 codec for Encrypted Media +Extensions (EME), enabling higher-quality playback from video +streaming providers + * New: The Firefox PDF viewer now supports text highlighting. + * New: Firefox View now displays pinned tabs in the Open tabs +section. Tab indicators have also been added to Open tabs, so +users can do things like see which tabs are playing media and +quickly mute or unmute across windows. Indicators were also +added for bookmarks, tabs with notifications, and more! +their addresses upon submitting an address form, allowing +Firefox to autofill stored address information in the future. + * New: The URL Paste Suggestion feature provides a convenient +way for users to quickly visit URLs copied to the clipboard +in the address bar of Firefox. When the clipboard contains a +URL and the URL bar is focused, an autocomplete result +appears automatically. Activating the clipboard suggestion +will navigate the user to the URL with 1 click. + * New: Users of tab-specific Container add-ons can now search +in the Address Bar for tabs that are open in different +containers. Special thanks to volunteer contributor atararx +for kicking off the work on this feature! + * New: Firefox now provides an option to enable Web Proxy Auto- +Discovery (WPAD) while configured to use system proxy +settings. + * Changed: In a group of radio buttons where no option is +selected, the tab key now only reaches the first option +rather than cycling through all available options. The arrow +keys navigate between options as they do when there is a +selected option. This makes keyboard navigation more +efficient and consistent + * HTML5: Firefox now supports the `popover` global attribute +used for designating an element as a popover element. The +element won't be rendered until it is made visible, after +which it will appear on top of other page content. + * HTML5: WebAssembly multi-memory is now enabled by default. +Wasm multi-memory allows wasm modules to use and import +multiple independent linear memories. This enables more +efficient interoperability between modules and provides +better polyfills for upcoming wasm standards, such as the +component model. + * HTML5: Added support for Unicode Text Segmentation to +JavaScript. + * HTML5: Added support for `contextlost` and `contextrestored` +events on HTMLCanvasElement and OffscreenCanvas to allow user +code to recover from context loss with hardware accelerated +2d canvas. + * HTML5: Firefox now supports the +`navigator.clipboard.readText()` web API. A paste context +menu will appear for the user to confirm when attempting to +read clipboard data not provided by the same-origin page. + * HTML5: Added support for the `content-box` and `stroke-box` +keywords of the `transform-box` CSS property. + * HTML5: The `align-content` property now works in block +layout, allowing block direction alignment without needing a +flex or grid container. + * HTML5: Support for `SVGAElement.text` was removed in favor of +the more widely-implemented `SVGAElement.textContent` method. + * Developer: Following several requests, we have reintroduced +the option to disable the Pause Debugger Overlay +(`devtools.debugger.features.overlay`). This overlay appears +over the page content when the debugger pauses JavaScript +execution. In certain scenarios, the overlay can be +intrusive, making it challenging to interact with the page, +for instance, evaluating shades of color underneath. + * Developer: We've added a new drop-down menu button at the +bottom of the source view in the Debugger panel, specifically +designed for Source Map related actions. Users can now easily +disable or enable Source Maps support, open the Source Map +
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2024-04-04 22:24:08
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1905 (New)
Package is "MozillaFirefox"
Thu Apr 4 22:24:08 2024 rev:424 rq:1164364 version:124.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2024-03-25 21:07:25.879492914 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1905/MozillaFirefox.changes
2024-04-04 22:24:23.715194799 +0200
@@ -1,0 +2,15 @@
+Wed Apr 3 12:50:27 UTC 2024 - Martin Sirringhaus
+
+- Mozilla Firefox 124.0.2
+ https://www.mozilla.org/en-US/firefox/124.0.2/releasenotes/
+ * Fixed an issue where users with a large amount of bookmarks would
+be unable to restore a bookmarks backup. (bmo#1884308)
+ * Fixed an issue that would cause open Firefox windows
+to go blank or crash during video playback on sites such as
+Netflix. (bmo#1883932)
+ * Fixed a crash that affected Linux AArch64 builds. (bmo#1866396)
+ * Fixed an issue where some users experienced difficulties loading
+webpages due to changes made to the default AppArmor configuration
+shipping in Ubuntu 24.04. (bmo#1884347)
+
+---
Old:
firefox-124.0.1.source.tar.xz
firefox-124.0.1.source.tar.xz.asc
l10n-124.0.1.tar.xz
New:
firefox-124.0.2.source.tar.xz
firefox-124.0.2.source.tar.xz.asc
l10n-124.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Uv0QH2/_old 2024-04-04 22:24:47.996088732 +0200
+++ /var/tmp/diff_new_pack.Uv0QH2/_new 2024-04-04 22:24:47.996088732 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 124
-%define mainver%major.0.1
-%define orig_version 124.0.1
+%define mainver%major.0.2
+%define orig_version 124.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-124.0.1.source.tar.xz -> firefox-124.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-124.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1905/firefox-124.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-124.0.1.tar.xz -> l10n-124.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.Uv0QH2/_old 2024-04-04 22:24:48.324100808 +0200
+++ /var/tmp/diff_new_pack.Uv0QH2/_new 2024-04-04 22:24:48.328100956 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="124.0.1"
+VERSION="124.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="123.0.1"
+PREV_VERSION="124.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="f0a24d8f29033faf04f6fe98453cdb5c2ac4a96f"
-RELEASE_TIMESTAMP="20240321230221"
+RELEASE_TAG="2718fafaf6b2e4137cff8a71794487d25057e688"
+RELEASE_TIMESTAMP="20240401114208"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2024-03-09 20:53:50
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770 (New)
Package is "MozillaFirefox"
Sat Mar 9 20:53:50 2024 rev:422 rq:1156327 version:123.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2024-02-27 22:43:22.207708208 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770/MozillaFirefox.changes
2024-03-09 20:53:52.244801509 +0100
@@ -1,0 +2,15 @@
+Fri Mar 8 06:16:48 UTC 2024 - Andreas Stieger
+
+- Mozilla Firefox 123.0.1
+ * Fixed the *Firefox Translation* language indicator in the
+address bar displaying a colored square icon instead of the
+language code icon. (bmo#1879415)
+ * Fixed a regression with the `onChange` event not firing when
+clearing the value of a `textarea` HTML field.
+(bmo#1881457)
+ * Fixed a regression in the JavaScript JIT engine incorrectly
+inlining strings in some cases. (bmo#1882386)
+ * Fixed: Fixed low contrast of text when selecting rows in the
+Developer tools' Storage panel. (bmo#1877090)
+
+---
Old:
firefox-123.0.source.tar.xz
firefox-123.0.source.tar.xz.asc
l10n-123.0.tar.xz
New:
firefox-123.0.1.source.tar.xz
firefox-123.0.1.source.tar.xz.asc
l10n-123.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.M4f1BR/_old 2024-03-09 20:54:51.022953077 +0100
+++ /var/tmp/diff_new_pack.M4f1BR/_new 2024-03-09 20:54:51.026953224 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 123
-%define mainver%major.0
-%define orig_version 123.0
+%define mainver%major.0.1
+%define orig_version 123.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-123.0.source.tar.xz -> firefox-123.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-123.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770/firefox-123.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-123.0.tar.xz -> l10n-123.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.M4f1BR/_old 2024-03-09 20:54:51.374965963 +0100
+++ /var/tmp/diff_new_pack.M4f1BR/_new 2024-03-09 20:54:51.378966109 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="123.0"
+VERSION="123.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="122.0.1"
+PREV_VERSION="123.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="d3c71a6fc9a1aecf1fe04f8de2fc0b816588e677"
-RELEASE_TIMESTAMP="20240213221259"
+RELEASE_TAG="652f653a58f0acdc1413e45ab35eae68a95cd1af"
+RELEASE_TIMESTAMP="20240304104836"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2024-02-27 22:43:17
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770 (New)
Package is "MozillaFirefox"
Tue Feb 27 22:43:17 2024 rev:421 rq:1150527 version:123.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2024-02-15 20:59:11.237410804 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770/MozillaFirefox.changes
2024-02-27 22:43:22.207708208 +0100
@@ -1,0 +2,40 @@
+Thu Feb 22 11:02:39 UTC 2024 - Wolfgang Rosenauer
+
+- Mozilla Firefox 123.0
+ https://www.mozilla.org/en-US/firefox/123.0/releasenotes/
+ MFSA 2024-05 (bsc#1220048)
+ * CVE-2024-1546 (bmo#1843752)
+Out-of-bounds memory read in networking channels
+ * CVE-2024-1547 (bmo#1877879)
+Alert dialog could have been spoofed on another site
+ * CVE-2024-1554 (bmo#1816390)
+fetch could be used to effect cache poisoning
+ * CVE-2024-1548 (bmo#1832627)
+Fullscreen Notification could have been hidden by select element
+ * CVE-2024-1549 (bmo#1833814)
+Custom cursor could obscure the permission dialog
+ * CVE-2024-1550 (bmo#1860065)
+Mouse cursor re-positioned unexpectedly could have led to
+unintended permission grants
+ * CVE-2024-1551 (bmo#1864385)
+Multipart HTTP Responses would accept the Set-Cookie header
+in response parts
+ * CVE-2024-1555 (bmo#1873223)
+SameSite cookies were not properly respected when opening a
+website from an external browser
+ * CVE-2024-1556 (bmo#1870414)
+Invalid memory access in the built-in profiler
+ * CVE-2024-1552 (bmo#1874502)
+Incorrect code generation on 32-bit ARM devices
+ * CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498, bmo#1872296,
+bmo#1873521, bmo#1873577, bmo#1873597, bmo#1873866, bmo#1874080,
+bmo#1874740, bmo#1875795, bmo#1875906, bmo#1876425, bmo#1878211,
+bmo#1878286)
+Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
+and Thunderbird 115.8
+ * CVE-2024-1557 (bmo#1746471, bmo#1848829, bmo#1864011, bmo#1869175,
+bmo#1869455, bmo#1869938, bmo#1871606)
+Memory safety bugs fixed in Firefox 123
+- requires NSS 3.97
+
+---
Old:
firefox-122.0.1.source.tar.xz
firefox-122.0.1.source.tar.xz.asc
l10n-122.0.1.tar.xz
New:
firefox-123.0.source.tar.xz
firefox-123.0.source.tar.xz.asc
l10n-123.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.E4PvwS/_old 2024-02-27 22:43:33.884131500 +0100
+++ /var/tmp/diff_new_pack.E4PvwS/_new 2024-02-27 22:43:33.884131500 +0100
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 122
-%define mainver%major.0.1
-%define orig_version 122.0.1
+%define major 123
+%define mainver%major.0
+%define orig_version 123.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.96.1
+BuildRequires: mozilla-nss-devel >= 3.97
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
++ firefox-122.0.1.source.tar.xz -> firefox-123.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-122.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770/firefox-123.0.source.tar.xz
differ: char 15, line 1
++ l10n-122.0.1.tar.xz -> l10n-123.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-122.0.1.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770/l10n-123.0.tar.xz differ:
char 26, line 1
++ mozilla-silence-no-return-type.patch ++
--- /var/tmp/diff_new_pack.E4PvwS/_old 2024-02-27 22:43:34.168141796 +0100
+++ /var/tmp/diff_new_pack.E4PvwS/_new 2024-02-27 22:43:34.172141941 +0100
@@ -1,5 +1,5 @@
# HG changeset patch
-# Parent f5fd2bbd77ef4b6554a7180c9c4768e64aca3b2a
+# Parent d1908d68e16e148fcc012caac881a03417eccc7e
diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h
b/gfx/skia/skia/include/codec/SkEncodedOrigin.h
--- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h
@@ -505,13 +505,13 @@
diff --git a/third_party/libwebrtc/api/video_codecs/video_codec.cc
b/third_party/libwebrtc/api/video_codecs/video_codec.cc
--- a/third_party/libwebrtc/api/video_codecs/video_codec.cc
+++ b/third_party/libwebrtc/api/video_codecs/video_codec.cc
-@@ -113,16 +113,17 @@
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2024-01-30 18:24:32
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1815 (New)
Package is "MozillaFirefox"
Tue Jan 30 18:24:32 2024 rev:418 rq:1142680 version:122.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2024-01-26 22:45:51.953168799 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1815/MozillaFirefox.changes
2024-01-30 18:24:48.496628601 +0100
@@ -1,0 +2,5 @@
+Sat Jan 27 23:12:05 UTC 2024 - Andreas Schwab
+
+- Fix file list
+
+---
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.dakPFe/_old 2024-01-30 18:24:51.088722115 +0100
+++ /var/tmp/diff_new_pack.dakPFe/_new 2024-01-30 18:24:51.088722115 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package MozillaFirefox
+# spec file
#
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2006-2023 Wolfgang Rosenauer
@@ -235,7 +235,7 @@
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires(post): coreutils shared-mime-info desktop-file-utils
-Requires(postun): shared-mime-info desktop-file-utils
+Requires(postun):shared-mime-info desktop-file-utils
Requires: %{name}-branding >= 68
%requires_gemozilla-nspr
%requires_gemozilla-nss
@@ -717,10 +717,8 @@
%{progdir}/*.so
%{progdir}/glxtest
%if 0%{wayland_supported}
-%ifarch %{arm} aarch64 %{ix86} x86_64
%{progdir}/vaapitest
%endif
-%endif
%ifarch aarch64 riscv64 %arm
%{progdir}/v4l2test
%endif
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2024-01-14 19:01:25
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.21961 (New)
Package is "MozillaFirefox"
Sun Jan 14 19:01:25 2024 rev:416 rq:1138351 version:121.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-12-22 22:41:10.947668916 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.21961/MozillaFirefox.changes
2024-01-14 19:01:27.926985103 +0100
@@ -1,0 +2,14 @@
+Tue Jan 9 20:36:26 UTC 2024 - Andreas Stieger
+
+- Mozilla Firefox 121.0.1
+ * Fixed unexpected line wrapping in some CJK contexts caused by
+changes in ideographic space handling. bmo#1870973)
+ * Fixed a hang when loading sites containing column-based
+layouts under some circumstances. bmo#1867784)
+ * Fixed missing rounded corners for videos playing over another
+video. bmo#1869994)
+ * Fixed Firefox not closing properly and other applications being
+unable to use a USB security key after being previously used
+during a Firefox session. bmo#1863135)
+
+---
Old:
firefox-121.0.source.tar.xz
firefox-121.0.source.tar.xz.asc
l10n-121.0.tar.xz
New:
firefox-121.0.1.source.tar.xz
firefox-121.0.1.source.tar.xz.asc
l10n-121.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.cRsmHG/_old 2024-01-14 19:01:40.003425024 +0100
+++ /var/tmp/diff_new_pack.cRsmHG/_new 2024-01-14 19:01:40.007425170 +0100
@@ -1,7 +1,7 @@
#
# spec file
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2006-2023 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 121
-%define mainver%major.0
-%define orig_version 121.0
+%define mainver%major.0.1
+%define orig_version 121.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-121.0.source.tar.xz -> firefox-121.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-121.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.21961/firefox-121.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-121.0.tar.xz -> l10n-121.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.cRsmHG/_old 2024-01-14 19:01:40.339437264 +0100
+++ /var/tmp/diff_new_pack.cRsmHG/_new 2024-01-14 19:01:40.343437410 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="121.0"
+VERSION="121.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="120.0.1"
+PREV_VERSION="121.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="8b7f7fd1873f56a4d755ea1fdcf46cbb18f9af27"
-RELEASE_TIMESTAMP="20231211174248"
+RELEASE_TAG="484be1feb7138af0917df98dda85050e0a3317a8"
+RELEASE_TIMESTAMP="20240108143603"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-12-22 22:41:04
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28375 (New)
Package is "MozillaFirefox"
Fri Dec 22 22:41:04 2023 rev:415 rq:1134603 version:121.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-12-09 22:49:58.832424365 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28375/MozillaFirefox.changes
2023-12-22 22:41:10.947668916 +0100
@@ -1,0 +2,50 @@
+Wed Dec 20 12:59:57 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 121.0
+ https://www.mozilla.org/en-US/firefox/121.0/releasenotes
+ MFSA 2023-56 (bsc#1217974)
+ * CVE-2023-6856 (bmo#1843782)
+Heap-buffer-overflow affecting WebGL DrawElementsInstanced
+method with Mesa VM driver
+ * CVE-2023-6135 (bmo#1853908)
+NSS susceptible to "Minerva" attack
+ * CVE-2023-6865 (bmo#1864123)
+Potential exposure of uninitialized data in EncryptingOutputStream
+ * CVE-2023-6857 (bmo#1796023)
+Symlinks may resolve to smaller than expected buffers
+ * CVE-2023-6858 (bmo#1826791)
+Heap buffer overflow in nsTextFragment
+ * CVE-2023-6859 (bmo#1840144)
+Use-after-free in PR_GetIdentitiesLayer
+ * CVE-2023-6866 (bmo#1849037)
+TypedArrays lack sufficient exception handling
+ * CVE-2023-6860 (bmo#1854669)
+Potential sandbox escape due to VideoBridge lack of texture
+validation
+ * CVE-2023-6867 (bmo#1863863)
+Clickjacking permission prompts using the popup transition
+ * CVE-2023-6861 (bmo#1864118)
+Heap buffer overflow affected nsWindow::PickerOpen(void) in
+headless mode
+ * CVE-2023-6868 (bmo#1865488)
+WebPush requests on Firefox for Android did not require VAPID key
+ * CVE-2023-6869 (bmo#1799036)
+Content can paint outside of sandboxed iframe
+ * CVE-2023-6870 (bmo#1823316)
+Android Toast notifications may obscure fullscreen event
+notifications
+ * CVE-2023-6871 (bmo#1828334)
+Lack of protocol handler warning in some instances
+ * CVE-2023-6872 (bmo#1849186)
+Browsing history leaked to syslogs via GNOME
+ * CVE-2023-6863 (bmo#1868901)
+Undefined behavior in ShutdownObserver()
+ * CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328, bmo#1856090,
+bmo#1858033, bmo#1858509, bmo#1862777, bmo#1864015)
+Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6,
+and Thunderbird 115.6
+ * CVE-2023-6873 (bmo#1855327, bmo#1862089, bmo#1862723)
+Memory safety bugs fixed in Firefox 121
+- requires NSS 3.95
+
+---
Old:
firefox-120.0.1.source.tar.xz
firefox-120.0.1.source.tar.xz.asc
l10n-120.0.1.tar.xz
New:
firefox-121.0.source.tar.xz
firefox-121.0.source.tar.xz.asc
l10n-121.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.GODS7l/_old 2023-12-22 22:41:28.320305373 +0100
+++ /var/tmp/diff_new_pack.GODS7l/_new 2023-12-22 22:41:28.320305373 +0100
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 120
-%define mainver%major.0.1
-%define orig_version 120.0.1
+%define major 121
+%define mainver%major.0
+%define orig_version 121.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.94
+BuildRequires: mozilla-nss-devel >= 3.95
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
++ firefox-120.0.1.source.tar.xz -> firefox-121.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-120.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.28375/firefox-121.0.source.tar.xz
differ: char 15, line 1
++ l10n-120.0.1.tar.xz -> l10n-121.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-120.0.1.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.28375/l10n-121.0.tar.xz differ:
char 26, line 1
++ mozilla-kde.patch ++
888 lines (skipped)
between /work/SRC/openSUSE:Factory/MozillaFirefox/mozilla-kde.patch
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28375/mozilla-kde.patch
++ tar_stamps ++
--- /var/tmp/diff_new_pack.GODS7l/_old 2023-12-22 22:41:28.720320036 +0100
+++ /var/tmp/diff_new_pack.GODS7l/_new 2023-12-22 22:41:28.724320183 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-12-09 22:49:34
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.25432 (New)
Package is "MozillaFirefox"
Sat Dec 9 22:49:34 2023 rev:414 rq:1132165 version:120.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-11-27 22:42:31.935970449 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.25432/MozillaFirefox.changes
2023-12-09 22:49:58.832424365 +0100
@@ -1,0 +2,15 @@
+Fri Dec 8 15:55:00 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 120.0.1 (boo#1217910)
+ * Fixed a bug that was causing persistent startup slowdowns
+(bmo#1867095)
+ * Fixed an issue that was causing 100% CPU usage on sites such as
+Google Maps. (bmo#1866409)
+ * Fixed an issue that was causing YouTube videos to show a green
+screen when hardware acceleration was enabled. (bmo#1865928)
+ * Fixed an issue where the status bar was still visible when
+viewing fullscreen video. (bmo#1853896)
+ * Fixed a startup crash affecting Linux users on some aarch64
+systems with page sizes other than 4KB. (bmo#1866025)
+
+---
Old:
firefox-120.0.source.tar.xz
firefox-120.0.source.tar.xz.asc
l10n-120.0.tar.xz
New:
firefox-120.0.1.source.tar.xz
firefox-120.0.1.source.tar.xz.asc
l10n-120.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.bsgPhR/_old 2023-12-09 22:50:14.793000586 +0100
+++ /var/tmp/diff_new_pack.bsgPhR/_new 2023-12-09 22:50:14.797000730 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 120
-%define mainver%major.0
-%define orig_version 120.0
+%define mainver%major.0.1
+%define orig_version 120.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-120.0.source.tar.xz -> firefox-120.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-120.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.25432/firefox-120.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-120.0.tar.xz -> l10n-120.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.bsgPhR/_old 2023-12-09 22:50:15.145013294 +0100
+++ /var/tmp/diff_new_pack.bsgPhR/_new 2023-12-09 22:50:15.149013439 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="120.0"
+VERSION="120.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="119.0.1"
+PREV_VERSION="120.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="5ae4969c2b0450edbe68bd94b613f1f30f8a3fcb"
-RELEASE_TIMESTAMP="20231116134553"
+RELEASE_TAG="d80eefe94738ab6bd35cca64747d877c49337318"
+RELEASE_TIMESTAMP="20231129155202"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-11-13 22:15:56
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.17445 (New)
Package is "MozillaFirefox"
Mon Nov 13 22:15:56 2023 rev:412 rq:1124746 version:119.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-10-31 20:24:57.532307264 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.17445/MozillaFirefox.changes
2023-11-13 22:16:10.985146858 +0100
@@ -1,0 +2,12 @@
+Wed Nov 8 20:27:15 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 119.0.1
+ * Fixed a bug causing colors in the HTML element to not
+be applied to dropdown menu arrows (bmo#1861253)
+ * Fixed a bug with the HTML element state not changing
+when dynamically updating the `disabled` attribute on an
+ancestor (bmo#1861027)
+ * Fixed a bug causing elements with the indeterminate CSS
+selector in a radio group to not update (bmo#1861346)
+
+---
Old:
firefox-119.0.source.tar.xz
firefox-119.0.source.tar.xz.asc
l10n-119.0.tar.xz
New:
firefox-119.0.1.source.tar.xz
firefox-119.0.1.source.tar.xz.asc
l10n-119.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.KJex4p/_old 2023-11-13 22:16:34.446010657 +0100
+++ /var/tmp/diff_new_pack.KJex4p/_new 2023-11-13 22:16:34.446010657 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 119
-%define mainver%major.0
-%define orig_version 119.0
+%define mainver%major.0.1
+%define orig_version 119.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-119.0.source.tar.xz -> firefox-119.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-119.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.17445/firefox-119.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-119.0.tar.xz -> l10n-119.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.KJex4p/_old 2023-11-13 22:16:35.130035842 +0100
+++ /var/tmp/diff_new_pack.KJex4p/_new 2023-11-13 22:16:35.134035989 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="119.0"
+VERSION="119.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="118.0.2"
+PREV_VERSION="119.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="6a78abe63b7e7aa191341b42ef4f2168bdf0fc89"
-RELEASE_TIMESTAMP="20231019122658"
+RELEASE_TAG="b8f0d32ac6a5c34db8692ed382c3018e6309ea09"
+RELEASE_TIMESTAMP="20231106151204"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-10-31 20:24:50
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.17445 (New)
Package is "MozillaFirefox"
Tue Oct 31 20:24:50 2023 rev:411 rq:1121261 version:119.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-09-29 12:01:24.880678550 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.17445/MozillaFirefox.changes
2023-10-31 20:24:57.532307264 +0100
@@ -1,0 +2,57 @@
+Thu Oct 26 10:31:03 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 119.0
+ https://www.mozilla.org/en-US/firefox/119.0/releasenotes
+ MFSA 2023-45 (bsc#1216338)
+ * CVE-2023-5721 (bmo#1830820)
+Queued up rendering could have allowed websites to clickjack
+ * CVE-2023-5722 (bmo#1738426)
+Cross-Origin size and header leakage
+ * CVE-2023-5723 (bmo#1802057)
+Invalid cookie characters could have led to unexpected errors
+ * CVE-2023-5724 (bmo#1836705)
+Large WebGL draw could have led to a crash
+ * CVE-2023-5725 (bmo#1845739)
+WebExtensions could open arbitrary URLs
+ * CVE-2023-5726 (bmo#1846205)
+Full screen notification obscured by file open dialog on macOS
+ * CVE-2023-5727 (bmo#1847180)
+Download Protections were bypassed by .msix, .msixbundle,
+.appx, and .appxbundle files on Windows
+ * CVE-2023-5728 (bmo#1852729)
+Improper object tracking during GC in the JavaScript engine
+could have led to a crash.
+ * CVE-2023-5729 (bmo#1823720)
+Fullscreen notification dialog could have been obscured by
+WebAuthn prompts
+ * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833,
+bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002,
+bmo#1855306, bmo#1855640, bmo#1856695)
+Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
+and Thunderbird 115.4.1
+ * CVE-2023-5731 (bmo#1690111, bmo#1721904, bmo#1851803, bmo#1854068)
+Memory safety bugs fixed in Firefox 119
+- requires NSS 3.94
+
+---
+Wed Oct 11 18:28:09 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 118.0.2
+ * Fix games not loading on betsoft.com (bmo#1856145)
+ * Fix printing issues for some SVG images (bmo#1853727)
+ * Fix CORS XHR with authentication no longer working (bmo#1855650)
+ * Fix h264 WebRTC video not working in some contexts (bmo#1855636)
+ * Fix Firefox Translations not working on some pages
+(bmo#1841656, bmo#1855307)
+ * Stability fixes (bmo#1851991, bmo#1799326, bmo#1856637)
+
+---
+Sat Sep 30 19:51:56 UTC 2023 - Björn Bidar
+
+- Activate KDE integration again, included rebased and updated
+ patches, firefox-kde.patch and mozilla-kde.patch, (upstream
+ removed special files handling for preferences but that has no
+ effect since we haven't shipped obsolete kde.js for a while)
+ (boo#1216027)
+
+---
Old:
firefox-118.0.1.source.tar.xz
firefox-118.0.1.source.tar.xz.asc
l10n-118.0.1.tar.xz
New:
firefox-119.0.source.tar.xz
firefox-119.0.source.tar.xz.asc
firefox-kde.patch
l10n-119.0.tar.xz
mozilla-kde.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.nAq4Hq/_old 2023-10-31 20:25:11.468819154 +0100
+++ /var/tmp/diff_new_pack.nAq4Hq/_new 2023-10-31 20:25:11.472819302 +0100
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 118
-%define mainver%major.0.1
-%define orig_version 118.0.1
+%define major 119
+%define mainver%major.0
+%define orig_version 119.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.93
+BuildRequires: mozilla-nss-devel >= 3.94
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -209,7 +209,7 @@
Source21:
https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/KEY#/mozilla.keyring
# Gecko/Toolkit
Patch1: mozilla-nongnome-proxies.patch
-#Patch2: mozilla-kde.patch
+Patch2: mozilla-kde.patch
Patch3: mozilla-ntlm-full-path.patch
Patch4: mozilla-aarch64-startup-crash.patch
Patch5: mozilla-fix-aarch64-libopus.patch
@@ -230,7 +230,7 @@
Patch23:
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-09-29 11:43:11
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28202 (New)
Package is "MozillaFirefox"
Fri Sep 29 11:43:11 2023 rev:410 rq:1114282 version:118.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-09-13 20:43:58.620828375 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28202/MozillaFirefox.changes
2023-09-29 12:01:24.880678550 +0200
@@ -1,0 +2,38 @@
+Fri Sep 29 06:50:26 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 118.0.1
+ MFSA 2023-44 (bsc#1215814)
+ * CVE-2023-5217 (bmo#180),
+Heap buffer overflow in libvpx
+
+---
+Mon Sep 25 06:35:49 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 118.0
+ MFSA 2023-41 (bsc#1215575)
+ * CVE-2023-5168 (bmo#1846683)
+Out-of-bounds write in FilterNodeD2D1
+ * CVE-2023-5169 (bmo#1846685)
+Out-of-bounds write in PathOps
+ * CVE-2023-5170 (bmo#1846686)
+Memory leak from a privileged process
+ * CVE-2023-5171 (bmo#1851599)
+Use-after-free in Ion Compiler
+ * CVE-2023-5172 (bmo#1852218)
+Memory Corruption in Ion Hints
+ * CVE-2023-5173 (bmo#1823172)
+Out-of-bounds write in HTTP Alternate Services
+ * CVE-2023-5174 (bmo#1848454)
+Double-free in process spawning on Windows
+ * CVE-2023-5175 (bmo#1849704)
+Use-after-free of ImageBitmap during process shutdown
+ * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962,
+bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195)
+Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
+and Thunderbird 115.3
+- requires NSS 3.93
+- add mozilla-bmo1822730.patch
+- deactivated KDE integration temporarily
+ (removed mozilla-kde.patch and firefox-kde.patch for now)
+
+---
Old:
firefox-117.0.1.source.tar.xz
firefox-117.0.1.source.tar.xz.asc
firefox-kde.patch
l10n-117.0.1.tar.xz
mozilla-kde.patch
New:
firefox-118.0.1.source.tar.xz
firefox-118.0.1.source.tar.xz.asc
l10n-118.0.1.tar.xz
mozilla-bmo1822730.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.OrypPh/_old 2023-09-29 12:01:38.769180256 +0200
+++ /var/tmp/diff_new_pack.OrypPh/_new 2023-09-29 12:01:38.773180400 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 117
+%define major 118
%define mainver%major.0.1
-%define orig_version 117.0.1
+%define orig_version 118.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -73,7 +73,7 @@
%define desktop_file_name %{progname}
%define firefox_appid \{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}
%define __provides_exclude ^lib.*\\.so.*$
-%define __requires_exclude ^(libmoz.*|liblgpllibs.*|libxul.*)$
+%define __requires_exclude ^(libmoz.*|liblgpllibs.*|libxul.*|libgk.*)$
%define localize 1
%ifarch %ix86 x86_64
%define crashreporter 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.92
+BuildRequires: mozilla-nss-devel >= 3.93
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -209,7 +209,7 @@
Source21:
https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/KEY#/mozilla.keyring
# Gecko/Toolkit
Patch1: mozilla-nongnome-proxies.patch
-Patch2: mozilla-kde.patch
+#Patch2: mozilla-kde.patch
Patch3: mozilla-ntlm-full-path.patch
Patch4: mozilla-aarch64-startup-crash.patch
Patch5: mozilla-fix-aarch64-libopus.patch
@@ -228,8 +228,9 @@
Patch21:svg-rendering.patch
Patch22:mozilla-partial-revert-1768632.patch
Patch23:mozilla-rust-disable-future-incompat.patch
+Patch24:mozilla-bmo1822730.patch
# Firefox/browser
-Patch101: firefox-kde.patch
+#Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -348,11 +349,11 @@
export PYTHON3=/usr/bin/python3.9
%endif
-kdehelperversion=$(cat toolkit/xre/nsKDEUtils.cpp | grep '#define
KMOZILLAHELPER_VERSION' | cut -d ' ' -f 3)
-if test "$kdehelperversion" != %{kde_helper_version}; then
- echo fix kde helper version in the .spec file
- exit 1
-fi
+#kdehelperversion=$(cat toolkit/xre/nsKDEUtils.cpp | grep
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-09-13 20:43:34
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1766 (New)
Package is "MozillaFirefox"
Wed Sep 13 20:43:34 2023 rev:409 rq:1110687 version:117.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-08-30 10:20:32.976289885 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1766/MozillaFirefox.changes
2023-09-13 20:43:58.620828375 +0200
@@ -1,0 +2,20 @@
+Tue Sep 12 17:04:01 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 117.0.1
+ * Fix a bug causing extensions using an event page for long-
+running tasks to be terminated while running, causing
+unexpected behavior changes (bmo#1851373)
+ * Temporarily revert an intentional behavior change preventing
+Javascript from changing URL.protocol (bmo#1850954).
+ * Fix audio worklets not working for sites using WebAssembly
+exception handling (bmo#1851468)
+ * Fix the Reopen all tabs option in the Recently closed tabs
+menu sometimes failing to open all tabs (bmo#1850856)
+ * Fix the bookmarks menu sometimes remaining partially visible
+when minimizing Firefox (bmo#1843700)
+ * Fix an issue causing incorrect time zones to be detected on
+some sites (bmo#1848615)
+ * MFSA 2023-40 CVE-2023-4863 (boo#1215231)
+Heap buffer overflow in WebP
+
+---
Old:
firefox-117.0.source.tar.xz
firefox-117.0.source.tar.xz.asc
l10n-117.0.tar.xz
New:
firefox-117.0.1.source.tar.xz
firefox-117.0.1.source.tar.xz.asc
l10n-117.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.yEqQNG/_old 2023-09-13 20:44:16.773473727 +0200
+++ /var/tmp/diff_new_pack.yEqQNG/_new 2023-09-13 20:44:16.773473727 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 117
-%define mainver%major.0
-%define orig_version 117.0
+%define mainver%major.0.1
+%define orig_version 117.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-117.0.source.tar.xz -> firefox-117.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-117.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1766/firefox-117.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-117.0.tar.xz -> l10n-117.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.yEqQNG/_old 2023-09-13 20:44:17.101485388 +0200
+++ /var/tmp/diff_new_pack.yEqQNG/_new 2023-09-13 20:44:17.105485530 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="117.0"
+VERSION="117.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="116.0.3"
+PREV_VERSION="117.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="27de51e74c19186044da535125895c96fc3a0f23"
-RELEASE_TIMESTAMP="20230824132758"
+RELEASE_TAG="e245ca2125a6eb1e2d08cc9e5824f15e1e67a566"
+RELEASE_TIMESTAMP="20230912013654"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-08-30 10:18:38
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1766 (New)
Package is "MozillaFirefox"
Wed Aug 30 10:18:38 2023 rev:408 rq:1107944 version:117.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-08-18 19:27:17.619201255 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1766/MozillaFirefox.changes
2023-08-30 10:20:32.976289885 +0200
@@ -1,0 +2,41 @@
+Sun Aug 27 08:51:28 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 117.0
+ https://www.mozilla.org/en-US/firefox/117.0/releasenotes
+ MFSA 2023-34 (bsc#1214606)
+ * CVE-2023-4573 (bmo#1846687)
+Memory corruption in IPC CanvasTranslator
+ * CVE-2023-4574 (bmo#1846688)
+Memory corruption in IPC ColorPickerShownCallback
+ * CVE-2023-4575 (bmo#1846689)
+Memory corruption in IPC FilePickerShownCallback
+ * CVE-2023-4576 (bmo#1846694)
+Integer Overflow in RecordedSourceSurfaceCreation
+ * CVE-2023-4577 (bmo#1847397)
+Memory corruption in JIT UpdateRegExpStatics
+ * CVE-2023-4578 (bmo#1839007)
+Error reporting methods in SpiderMonkey could have triggered
+an Out of Memory Exception
+ * CVE-2023-4579 (bmo#1842766)
+Persisted search terms were formatted as URLs
+ * CVE-2023-4580 (bmo#1843046)
+Push notifications saved to disk unencrypted
+ * CVE-2023-4581 (bmo#1843758)
+XLL file extensions were downloadable without warnings
+ * CVE-2023-4582 (bmo#1773874)
+Buffer Overflow in WebGL glGetProgramiv
+ * CVE-2023-4583 (bmo#1842030)
+Browsing Context potentially not cleared when closing Private
+Window
+ * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,
+bmo#1846526, bmo#1847529)
+Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,
+Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2
+ * CVE-2023-4585 (bmo#1751583, bmo#1841082, bmo#1847904, bmo#1848999)
+Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2,
+and Thunderbird 115.2
+- requires
+ NSS = 3.92
+ rustc = 1.71
+
+---
Old:
firefox-116.0.3.source.tar.xz
firefox-116.0.3.source.tar.xz.asc
l10n-116.0.3.tar.xz
New:
firefox-117.0.source.tar.xz
firefox-117.0.source.tar.xz.asc
l10n-117.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.k0EWtO/_old 2023-08-30 10:20:47.728816464 +0200
+++ /var/tmp/diff_new_pack.k0EWtO/_new 2023-08-30 10:20:47.732816607 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 116
-%define mainver%major.0.3
-%define orig_version 116.0.3
+%define major 117
+%define mainver%major.0
+%define orig_version 117.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -58,7 +58,7 @@
%ifarch %ix86
ExclusiveArch: i586 i686
BuildArch: i686
-%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -Os
-march=i686 -mtune=generic -msse2}
+%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686
-mtune=generic -msse2}
%endif
%endif
%{expand:%%global optflags %(echo "%optflags"|sed -e s/-flto=auto//) }
@@ -97,14 +97,14 @@
BuildRequires: dejavu-fonts
BuildRequires: fdupes
BuildRequires: memory-constraints
-%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150500
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
BuildRequires: gcc12
BuildRequires: gcc12-c++
%else
BuildRequires: gcc-c++
%endif
-BuildRequires: cargo1.69
-BuildRequires: rust1.69
+BuildRequires: cargo1.71
+BuildRequires: rust1.71
%if 0%{useccache} != 0
BuildRequires: ccache
%endif
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.91
+BuildRequires: mozilla-nss-devel >= 3.92
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -124,7 +124,7 @@
BuildRequires: python39-curses
BuildRequires: python39-devel
%else
-%if 0%{?sle_version} >= 15 && 0%{?sle_version} <= 150500
+%if 0%{?sle_version} >= 15 && 0%{?sle_version} <= 150600
BuildRequires: python39
BuildRequires: python39-curses
BuildRequires: python39-devel
@@ -373,7 +373,7 @@
export MOZ_TELEMETRY_REPORTING=1
export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system
export CFLAGS="%{optflags}"
-%if 0%{?suse_version} < 1550 &&
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-08-18 19:27:10
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1766 (New)
Package is "MozillaFirefox"
Fri Aug 18 19:27:10 2023 rev:407 rq:1104464 version:116.0.3
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-08-12 15:06:15.09852 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1766/MozillaFirefox.changes
2023-08-18 19:27:17.619201255 +0200
@@ -1,0 +2,23 @@
+Thu Aug 17 18:20:18 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 116.0.3
+ * Fixed an issue for OPFS users that broke access to files that
+were locally cached in a previous version
+(bmo#1847989, bmo#1847619)
+ * Fixed an issue that was breaking screensharing for some users
+on Wayland (bmo#1841851)
+ * Fixed an issue where a fullscreen notification was persistently
+being shown to a user, even after disabling it (bmo#1847901)
+ * Fixed an issue where Firefox would hang when doing a Google
+search (bmo#1847066)
+
+---
+Tue Aug 15 09:51:15 UTC 2023 - Adam Majer
+
+- After further testing on memory consumption during linking, it's
+ safe to remove most of the memory reducing options for ix86 linker.
+ A combination of these actually resulted in the OOM condition.
+ It's even possible to add basic debugging info while keeping
+ linker memory consumption at about 2GB
+
+---
@@ -10 +33,4 @@
-- Fix OOM when linking on 32-bit
+- Workarold ld bug causing OOM when linking on 32-bit
+- Remove -j1 limit on x86. The build runs on 64-bit kernel with a
+ 32-bit userland. This means there is plenty of memory available
+ but userland is limited to just under 4GB per process.
Old:
firefox-116.0.2.source.tar.xz
firefox-116.0.2.source.tar.xz.asc
l10n-116.0.2.tar.xz
New:
firefox-116.0.3.source.tar.xz
firefox-116.0.3.source.tar.xz.asc
l10n-116.0.3.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.vVKx0R/_old 2023-08-18 19:27:32.511227961 +0200
+++ /var/tmp/diff_new_pack.vVKx0R/_new 2023-08-18 19:27:32.519227975 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 116
-%define mainver%major.0.2
-%define orig_version 116.0.2
+%define mainver%major.0.3
+%define orig_version 116.0.3
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -383,17 +383,20 @@
%endif
%endif
%ifarch %arm %ix86
+### NOTE: these sections are not required anymore. Alson --no-keep-memory +
-Wl,-z,pack-relative-relocs causes
+### ld to go OOM (https://sourceware.org/bugzilla/show_bug.cgi?id=30756)
# Limit RAM usage during link
-export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads
-Wl,--no-map-whole-files -Wl,--hash-size=31"
+# export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads
-Wl,--no-map-whole-files -Wl,--hash-size=31"
+#
# A lie to prevent -Wl,--gc-sections being set which requires more memory than
32bit can offer
-export GC_SECTIONS_BREAKS_DEBUG_RANGES=yes
+#export GC_SECTIONS_BREAKS_DEBUG_RANGES=yes
%endif
export LDFLAGS="\$LDFLAGS -fPIC -Wl,-z,relro,-z,now"
%ifarch ppc64 ppc64le
%endif
%ifarch %ix86
-# Not enough memory on 32-bit systems, remove debug info.
-export CFLAGS="\$CFLAGS -g0"
+# Not enough memory on 32-bit systems, reduce debug info.
+export CFLAGS="\$CFLAGS -g1"
%endif
export CXXFLAGS="\$CFLAGS"
export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
@@ -431,7 +434,7 @@
ac_add_options --disable-install-strip
%ifarch %ix86 %arm
# OOM on 32-bit when ld passed -Wl,-z,pack-relative-relocs
-ac_add_options --enable-elf-hack
+# ac_add_options --enable-elf-hack
%endif
ac_add_options --with-system-nspr
ac_add_options --with-system-nss
@@ -527,11 +530,7 @@
%endif
EOF
-%ifarch %ix86
-%define njobs 1
-%else
%define njobs 0%{?jobs:%jobs}
-%endif
mkdir -p $RPM_BUILD_DIR/langpacks_artifacts/
sed -r '/^(ja-JP-mac|ga-IE|en-US|)$/d;s/ .*$//'
$RPM_BUILD_DIR/%{srcname}-%{orig_version}/browser/locales/shipped-locales \
| xargs -n 1 %{?njobs:-P %njobs} -I {} /bin/sh -c '
++ firefox-116.0.2.source.tar.xz -> firefox-116.0.3.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-116.0.2.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1766/firefox-116.0.3.source.tar.xz
differ: char 15, line 1
++ l10n-116.0.2.tar.xz -> l10n-116.0.3.tar.xz ++
++ tar_stamps ++
---
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-08-12 15:06:14
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11712 (New)
Package is "MozillaFirefox"
Sat Aug 12 15:06:14 2023 rev:406 rq:1103536 version:116.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-07-30 20:57:42.803198828 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11712/MozillaFirefox.changes
2023-08-12 15:06:15.09852 +0200
@@ -1,0 +2,70 @@
+Thu Aug 10 16:32:02 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 116.0.2
+ * fixes for other platforms
+
+---
+Wed Aug 9 09:52:36 UTC 2023 - Adam Majer
+
+- Fix OOM when linking on 32-bit
+
+---
+Sat Aug 5 17:46:22 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 116.0.1
+ * fixes for other platforms
+
+---
+Sat Aug 5 10:04:18 UTC 2023 - Andreas Schwab
+
+- ship vaapitest binary for supported archs
+
+---
+Fri Aug 4 09:55:05 UTC 2023 - Wolfgang Rosenauer
+
+- re-enable ppc64le
+- ship v4l2test binary for supported archs
+- drop obsolete mozilla-bmo1775202.patch
+
+---
+Sun Jul 30 19:55:49 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 116.0
+ * https://www.mozilla.org/en-US/firefox/116.0/releasenotes/
+ MFSA 2023-29 (bsc#1213746)
+ * CVE-2023-4045 (bmo#1833876)
+Offscreen Canvas could have bypassed cross-origin restrictions
+ * CVE-2023-4046 (bmo#1837686)
+Incorrect value used during WASM compilation
+ * CVE-2023-4047 (bmo#1839073)
+Potential permissions request bypass via clickjacking
+ * CVE-2023-4048 (bmo#1841368)
+Crash in DOMParser due to out-of-memory conditions
+ * CVE-2023-4049 (bmo#1842658)
+Fix potential race conditions when releasing platform objects
+ * CVE-2023-4050 (bmo#1843038)
+Stack buffer overflow in StorageManager
+ * CVE-2023-4051 (bmo#1821884)
+Full screen notification obscured by file open dialog
+ * CVE-2023-4052 (bmo#1824420)
+File deletion and privilege escalation through Firefox uninstaller
+ * CVE-2023-4053 (bmo#1839079)
+Full screen notification obscured by external program
+ * CVE-2023-4054 (bmo#1840777)
+Lack of warning when opening appref-ms files
+ * CVE-2023-4055 (bmo#1782561)
+Cookie jar overflow caused unexpected cookie jar state
+ * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235,
+bmo#1842325, bmo#1843847)
+Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
+Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
+ * CVE-2023-4057 (bmo#1841682)
+Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
+and Thunderbird 115.1
+ * CVE-2023-4058 (bmo#1819160, bmo#1828024)
+Memory safety bugs fixed in Firefox 116
+- require NSS 3.91
+- remove obsolete mozilla-fix-top-level-asm.patch
+- re-enable LTO
+
+---
Old:
firefox-115.0.3.source.tar.xz
firefox-115.0.3.source.tar.xz.asc
l10n-115.0.3.tar.xz
mozilla-bmo1775202.patch
mozilla-fix-top-level-asm.patch
New:
firefox-116.0.2.source.tar.xz
firefox-116.0.2.source.tar.xz.asc
l10n-116.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.t69MZd/_old 2023-08-12 15:06:37.262669853 +0200
+++ /var/tmp/diff_new_pack.t69MZd/_new 2023-08-12 15:06:37.29879 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 115
-%define mainver%major.0.3
-%define orig_version 115.0.3
+%define major 116
+%define mainver%major.0.2
+%define orig_version 116.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -58,7 +58,7 @@
%ifarch %ix86
ExclusiveArch: i586 i686
BuildArch: i686
-%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686
-mtune=generic -msse2}
+%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -Os
-march=i686 -mtune=generic -msse2}
%endif
%endif
%{expand:%%global optflags %(echo "%optflags"|sed -e s/-flto=auto//) }
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.90
+BuildRequires: mozilla-nss-devel >= 3.91
BuildRequires:
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-07-30 20:57:38
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32662 (New)
Package is "MozillaFirefox"
Sun Jul 30 20:57:38 2023 rev:405 rq:1101322 version:115.0.3
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-07-15 23:14:30.171283937 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32662/MozillaFirefox.changes
2023-07-30 20:57:42.803198828 +0200
@@ -1,0 +2,7 @@
+Fri Jul 28 20:56:00 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 115.0.3
+ * fixes for other platforms
+- remove bashisms from firefox startup script (boo#1213657)
+
+---
Old:
firefox-115.0.2.source.tar.xz
firefox-115.0.2.source.tar.xz.asc
l10n-115.0.2.tar.xz
New:
firefox-115.0.3.source.tar.xz
firefox-115.0.3.source.tar.xz.asc
l10n-115.0.3.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.kzZVwO/_old 2023-07-30 20:57:53.587262856 +0200
+++ /var/tmp/diff_new_pack.kzZVwO/_new 2023-07-30 20:57:53.595262903 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 115
-%define mainver%major.0.2
-%define orig_version 115.0.2
+%define mainver%major.0.3
+%define orig_version 115.0.3
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-115.0.2.source.tar.xz -> firefox-115.0.3.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-115.0.2.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.32662/firefox-115.0.3.source.tar.xz
differ: char 15, line 1
++ l10n-115.0.2.tar.xz -> l10n-115.0.3.tar.xz ++
++ mozilla.sh.in ++
--- /var/tmp/diff_new_pack.kzZVwO/_old 2023-07-30 20:57:54.031265492 +0200
+++ /var/tmp/diff_new_pack.kzZVwO/_new 2023-07-30 20:57:54.035265515 +0200
@@ -100,7 +100,7 @@
fi
# xinput2 (boo#1173320)
-source /etc/os-release
+. /etc/os-release
if [ "$ID" = "opensuse-tumbleweed" ]; then
export MOZ_USE_XINPUT2=1
fi
@@ -151,7 +151,7 @@
# Try with a local variant first, then without a local variant
SHORTMOZLOCALE=`echo $CURRENT_LOCALE | sed "s|_\([^.]*\).*||g" | sed
"s|\..*||g"`
MOZLOCALE=`echo $CURRENT_LOCALE | sed "s|_\([^.]*\).*|-\1|g" | sed
"s|\..*||g"`
-function create_langpack_link() {
+create_langpack_link() {
local language=$*
local langpack=langpack-${language}@firefox.mozilla.org.xpi
if [ -f $MOZ_LANGPACKS_DIR/$langpack ]; then
++ tar_stamps ++
--- /var/tmp/diff_new_pack.kzZVwO/_old 2023-07-30 20:57:54.083265801 +0200
+++ /var/tmp/diff_new_pack.kzZVwO/_new 2023-07-30 20:57:54.087265824 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="115.0.2"
+VERSION="115.0.3"
VERSION_SUFFIX=""
-PREV_VERSION="115.0.1"
+PREV_VERSION="115.0.2"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="bd32951a19a6485f380f024a221b7fced7bd8c4a"
-RELEASE_TIMESTAMP="20230710165010"
+RELEASE_TAG="326212e7271a9c9f0776153095cf48d7153260aa"
+RELEASE_TIMESTAMP="20230726201356"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-07-15 23:14:27
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3193 (New)
Package is "MozillaFirefox"
Sat Jul 15 23:14:27 2023 rev:404 rq:1098544 version:115.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-07-08 22:46:13.658793166 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3193/MozillaFirefox.changes
2023-07-15 23:14:30.171283937 +0200
@@ -1,0 +2,13 @@
+Thu Jul 13 13:30:20 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 115.0.2
+ * Fixed a bug with displaying a caret in the text editor on some websites
+(bmo#1840804)
+ * Fixed a bug with broken audio rendering on some websites (bmo#1841982)
+ * Fixed a bug with patternTransform translate using the wrong units
+(bmo#1840746)
+ MFSA 2023-26 (bsc#1213230)
+ * CVE-2023-3600 (bmo#1839703)
+Use-after-free in workers
+
+---
Old:
firefox-115.0.1.source.tar.xz
firefox-115.0.1.source.tar.xz.asc
l10n-115.0.1.tar.xz
New:
firefox-115.0.2.source.tar.xz
firefox-115.0.2.source.tar.xz.asc
l10n-115.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Y5g4pT/_old 2023-07-15 23:14:51.327408021 +0200
+++ /var/tmp/diff_new_pack.Y5g4pT/_new 2023-07-15 23:14:51.331408044 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 115
-%define mainver%major.0.1
-%define orig_version 115.0.1
+%define mainver%major.0.2
+%define orig_version 115.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-115.0.1.source.tar.xz -> firefox-115.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-115.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.3193/firefox-115.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-115.0.1.tar.xz -> l10n-115.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.Y5g4pT/_old 2023-07-15 23:14:51.651409921 +0200
+++ /var/tmp/diff_new_pack.Y5g4pT/_new 2023-07-15 23:14:51.651409921 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="115.0.1"
+VERSION="115.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="115.0"
+PREV_VERSION="115.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="a8863781080622b6a7ee902a464d1bbdf065341e"
-RELEASE_TIMESTAMP="20230706202047"
+RELEASE_TAG="bd32951a19a6485f380f024a221b7fced7bd8c4a"
+RELEASE_TIMESTAMP="20230710165010"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-07-08 22:46:13
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.23466 (New)
Package is "MozillaFirefox"
Sat Jul 8 22:46:13 2023 rev:403 rq:1097630 version:115.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-07-06 18:28:11.234966858 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.23466/MozillaFirefox.changes
2023-07-08 22:46:13.658793166 +0200
@@ -1,0 +2,6 @@
+Fri Jul 7 19:39:30 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 115.0.1
+ * fixes for other platforms
+
+---
Old:
firefox-115.0.source.tar.xz
firefox-115.0.source.tar.xz.asc
l10n-115.0.tar.xz
New:
firefox-115.0.1.source.tar.xz
firefox-115.0.1.source.tar.xz.asc
l10n-115.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.FSMYjU/_old 2023-07-08 22:46:28.318881284 +0200
+++ /var/tmp/diff_new_pack.FSMYjU/_new 2023-07-08 22:46:28.326881331 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 115
-%define mainver%major.0
-%define orig_version 115.0
+%define mainver%major.0.1
+%define orig_version 115.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-115.0.source.tar.xz -> firefox-115.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-115.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.23466/firefox-115.0.1.source.tar.xz
differ: char 15, line 1
++ firefox-appdata.xml ++
--- /var/tmp/diff_new_pack.FSMYjU/_old 2023-07-08 22:46:28.474882221 +0200
+++ /var/tmp/diff_new_pack.FSMYjU/_new 2023-07-08 22:46:28.478882244 +0200
@@ -10,7 +10,7 @@
Firefox Web Browser
MPL-2.0
Mozilla Firefox Web Browser
- http://www.mozilla.org/
+ https://www.mozilla.org/
Mozilla Firefox is a standalone web browser, designed for privacy,
security, standards
compliance and performance. Its functionality can be enhanced via a plethora
of extensions.
++ l10n-115.0.tar.xz -> l10n-115.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.FSMYjU/_old 2023-07-08 22:46:28.702883591 +0200
+++ /var/tmp/diff_new_pack.FSMYjU/_new 2023-07-08 22:46:28.706883615 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="115.0"
+VERSION="115.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="114.0.2"
+PREV_VERSION="115.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="1c2603279ac3bf5c442bf416ee7bf6d7d2c20d31"
-RELEASE_TIMESTAMP="20230629134642"
+RELEASE_TAG="a8863781080622b6a7ee902a464d1bbdf065341e"
+RELEASE_TIMESTAMP="20230706202047"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2023-07-06 18:28:06 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.23466 (New) Package is "MozillaFirefox" Thu Jul 6 18:28:06 2023 rev:402 rq:1097019 version:115.0 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2023-06-21 22:37:45.617613286 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.23466/MozillaFirefox.changes 2023-07-06 18:28:11.234966858 +0200 @@ -1,0 +2,113 @@ +Sun Jul 2 16:00:53 UTC 2023 - Wolfgang Rosenauer + +- Mozilla Firefox 115.0 + * Support for importing payment methods saved in Chrome-based browser + * Hardware video decoding is now enabled for Intel GPUs on Linux + * The Tab Manager dropdown now features close buttons, so tabs +can be closed more quickly + * Streamlined the user interface for importing data in from other browsers + * Users without platform support for H264 video decoding can now +fallback to Cisco's OpenH264 plugin for playback. + * Undo and redo are now available in Password fields + * Changed: On Linux, middle clicks on the new tab button will +now open the xclipboard contents in the new tab. If the +xclipboard content is a URL then that URL is opened, any +other text is opened with your default search provider. + * Changed: For users with a Firefox Colorways built-in theme, +the theme will be automatically migrated to the same theme +hosted on addons.mozilla.org for Firefox profiles that have +disabled add-ons auto-updates. This will allow users to keep +their Colorways theme when they are later removed from +Firefox installer files. + * Changed: Certain Firefox users may come across a message in +the extensions panel indicating that their add-ons are not +allowed on the site currently open. We have introduced a new +back-end feature to only allow some extensions monitored by +Mozilla to run on specific websites for various reasons, +including security concerns. + * HTML5: The builtin editor now behaves similarly to other +browsers with `contenteditable` and `designMode` when +splitting a node, e.g. typing Enter to split a paragraph, and +also when joining two nodes, e.g. typing Backspace at the +start of a paragraph to join the paragraph and the previous +one. +When a node is split, the builtin editor creates a new node +after the original one instead of before, i.e. creates the +right node instead of the left node. +Similarly, when two nodes are joined, the builtin editor +deletes the latter node and moves its children to the end of +the preceding node instead of deleting the former node and +moving its child to the start of the following node. + * HTML5: WebRTC application developers can now specify a target +in milliseconds of media for the jitter buffer to hold. +Altering the target value allows applications to control the +tradeoff between playout delay and the risk of running out of +audio or video frames due to network jitter. + * HTML5: Change array by copy provides additional methods on +`Array.prototype` and `TypedArray.prototype` to enable +changes on the array by returning a new copy of it with the +change. + * HTML5: The animation-composition property is now supported, +allowing a declarative way to define the composite operation +used when multiple animations affect the same property +simultaneously. + * HTML5: Added the URL.canParse() function to allow easy and +fast checking if URLs are valid and parseable. + * HTML5: IndexedDB is now also supported in private browsing +without memory limits thanks to encrypted storage on disk. +The temporary keys to decrypt the information are hold in RAM +only and all stored information is purged at the normal end +of a private browsing session from disk. + * HTML5: Supports conditions are now supported in CSS import +rules @import supports(...) + * Developer: In web development, we rely on third-party +libraries which you may not be interested in while debugging. +These can be ignored. Ignoring them means that breakpoints +will not get hit and they are skipped during stepping. +You can now choose to **Hide ignore-listed sources** in the +Developer Tools source tree + * Developer: We have introduced a new option, +`devtools.f12_enabled`, that can be utilized to prevent the +accidental use of the F12 key, which opens the DevTools +toolbox (bug). + * Enterprise: You can find information about policy updates and +enterprise specific bug fixes in the Firefox for Enterprise +115
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-06-21 22:37:30
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.15902 (New)
Package is "MozillaFirefox"
Wed Jun 21 22:37:30 2023 rev:401 rq:1094241 version:114.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-06-12 15:25:45.322804923 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.15902/MozillaFirefox.changes
2023-06-21 22:37:45.617613286 +0200
@@ -1,0 +2,13 @@
+Tue Jun 20 19:49:51 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 114.0.2:
+ * Several crash fixes
+ * Web Extensions: Fixes for 114 regressions in Native Messaging
+support
+
+---
+Tue Jun 20 06:30:02 UTC 2023 - Wolfgang Rosenauer
+
+- do not enable LTO as it caused crashes now (boo#1212101)
+
+---
Old:
firefox-114.0.1.source.tar.xz
firefox-114.0.1.source.tar.xz.asc
l10n-114.0.1.tar.xz
New:
firefox-114.0.2.source.tar.xz
firefox-114.0.2.source.tar.xz.asc
l10n-114.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.sOSmM1/_old 2023-06-21 22:37:57.729686179 +0200
+++ /var/tmp/diff_new_pack.sOSmM1/_new 2023-06-21 22:37:57.737686227 +0200
@@ -1,5 +1,5 @@
#
-# spec file for MozillaFirefox
+# spec file
#
# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2006-2023 Wolfgang Rosenauer
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 114
-%define mainver%major.0.1
-%define orig_version 114.0.1
+%define mainver%major.0.2
+%define orig_version 114.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -102,8 +102,8 @@
%else
BuildRequires: gcc-c++
%endif
-BuildRequires: rust1.69
BuildRequires: cargo1.69
+BuildRequires: rust1.69
%if 0%{useccache} != 0
BuildRequires: ccache
%endif
@@ -490,7 +490,7 @@
%ifarch x86_64
# LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506)
%if 0%{?suse_version} > 1500
-ac_add_options --enable-lto
+#ac_add_options --enable-lto
%if 0%{?do_profiling}
ac_add_options MOZ_PGO=1
%endif
++ firefox-114.0.1.source.tar.xz -> firefox-114.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-114.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.15902/firefox-114.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-114.0.1.tar.xz -> l10n-114.0.2.tar.xz ++
++ mozilla.keyring ++
--- /var/tmp/diff_new_pack.sOSmM1/_old 2023-06-21 22:37:58.065688200 +0200
+++ /var/tmp/diff_new_pack.sOSmM1/_new 2023-06-21 22:37:58.073688248 +0200
@@ -12,8 +12,8 @@
uid [ full ] Mozilla Software Releases
sub rsa4096 2015-07-17 [S] [expired: 2017-07-16]
sub rsa4096 2017-06-22 [S] [expired: 2019-06-22]
-sub rsa4096 2019-05-30 [S] [expires: 2021-05-29]
-sub rsa4096 2021-05-17 [S] [expires: 2023-05-17]
+sub rsa4096 2019-05-30 [S] [expired: 2021-05-29]
+sub rsa4096 2021-05-17 [S] [expired: 2023-05-17]
sub rsa4096 2023-05-05 [S] [expires: 2025-05-04]
-BEGIN PGP PUBLIC KEY BLOCK-
++ tar_stamps ++
--- /var/tmp/diff_new_pack.sOSmM1/_old 2023-06-21 22:37:58.105688441 +0200
+++ /var/tmp/diff_new_pack.sOSmM1/_new 2023-06-21 22:37:58.113688489 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="114.0.1"
+VERSION="114.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="114.0"
+PREV_VERSION="114.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="e2a028ce20ea23ed89b4a371aa980c4adacd69d1"
-RELEASE_TIMESTAMP="20230608214645"
+RELEASE_TAG="1378542b9001e9aeb6a5ac6f5a020886dcfdaa29"
+RELEASE_TIMESTAMP="20230619081400"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2023-06-12 15:25:06 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.15902 (New) Package is "MozillaFirefox" Mon Jun 12 15:25:06 2023 rev:400 rq:1092022 version:114.0.1 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2023-05-26 20:15:17.344196712 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.15902/MozillaFirefox.changes 2023-06-12 15:25:45.322804923 +0200 @@ -1,0 +2,83 @@ +Sat Jun 10 14:48:07 UTC 2023 - Andreas Stieger + +- Mozilla Firefox 114.0.1 + * Fix a startup crash (bmo#1837201, boo#1212101) + +--- +Fri Jun 9 11:05:47 UTC 2023 - Martin Sirringhaus + +- Only install vaapitest for wayland-enabled builds, where it gets built +- Rebase mozilla-silence-no-return-type.patch +- Rebase s390x-patches, and remove obsolete patches: + mozilla-bmo1005535.patch mozilla-s390x-skia-gradient.patch + +--- +Mon Jun 5 21:22:19 UTC 2023 - Wolfgang Rosenauer + +- Mozilla Firefox 114.0 + MFSA 2023-20 (bsc#1211922) + * CVE-2023-34414 (bmo#1695986) +Click-jacking certificate exceptions through rendering lag + * CVE-2023-34415 (bmo#1811999) +Site-isolation bypass on sites that allow open redirects to +data: urls + * CVE-2023-34416 (bmo#1752703, bmo#1818394, bmo#1826875, +bmo#1827340, bmo#1827655, bmo#1828065, bmo#1830190, +bmo#1830206, bmo#1830795, bmo#189) +Memory safety bugs fixed in Firefox 114 and Firefox ESR +102.12 + * CVE-2023-34417 (bmo#1746447, bmo#1820903, bmo#1832832) +Memory safety bugs fixed in Firefox 114 + * New: Added UI to manage the DNS over HTTPS exception list. +(bmo#1596847) + * New: Bookmarks can now be searched from the Bookmarks menu. +The Bookmarks menu is accessible by adding the *Bookmarks +menu* button to the toolbar. (bmo#1736937) + * New: Restrict searches to your local browsing history by +selecting *Search history* from the History, Library or +Application menu buttons. (bmo#1736939) + * New: Mac users can now capture video from their cameras in +all supported native resolutions. This enables resolutions +higher than 1280x720. (bmo#1806604) + * New: It is now possible to reorder the extensions listed in +the extensions panel. (bmo#1805924) + * New: Users on macOS, Linux, and Windows 7 can now use FIDO2 / +WebAuthn authenticators over USB. Some advanced features, +such as fully passwordless logins, require a PIN to be set on +the authenticator. (bmo#1814487) + * New: Pocket Recommended content can now be seen in France, +Italy, and Spain. (bmo#None) + * Changed: DNS over HTTPS settings are now part of the +*Privacy & Security* section of the *Settings* page and allow +the user to choose from all the supported modes. +(bmo#1610741) + * HTML5: DOM: Added support for ES Modules on DedicatedWorker +and SharedWorker + * HTML5: WebTransport is now enabled by default and will be +going to release with 114. As the original Explainer notes, +it enables multiple use-cases that are hard or impossible to +handle without it, especially for Gaming and live streaming. +It covers cases that are problematic for alternative +mechanisms, such as WebSockets. +Built on top of HTTP3 (HTTP2 support will be coming later). +The current implementation in Firefox is passing 505 out of +565 Web-Platform Tests. + * HTML5: CSS: The `infinity` and `NaN` constants are now +supported inside the `calc()` function. (bmo#1830759) + * Developer: The *Copy as cURL* feature, available in the +Network panel, has been enhanced. It now supports the +-`-compressed` argument. (bmo#1776120) + * Developer: The Accessibility Inspector has been improved to +accurately recognize all the ARIA roles like `banner`, +`main`, `navigation`, and `contentinfo`, etc. This +enhancement is particularly beneficial for web developers +working with ARIA roles to improve web accessibility. +(bmo#1572512) + * Developer: Firefox now provides support for the CSS Cascading +Level 4 `supports()` syntax for `@import` rules. This allows +for the importation of other stylesheets based on support- +dependency. In addition, the Inspector panel now accurately +displays the conditions at the top of the imported rule. +- requires NSS 3.89.1 + +--- Old: firefox-113.0.2.source.tar.xz firefox-113.0.2.source.tar.xz.asc l10n-113.0.2.tar.xz
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-05-26 20:15:11
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533 (New)
Package is "MozillaFirefox"
Fri May 26 20:15:11 2023 rev:399 rq:1089039 version:113.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-05-15 16:54:06.248101476 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/MozillaFirefox.changes
2023-05-26 20:15:17.344196712 +0200
@@ -1,0 +2,11 @@
+Wed May 24 19:26:35 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 113.0.2 (boo#1211696)
+ * Fixed: Fixed a bug which could cause Firefox to freeze on
+some pages when loading them with the Developer Tools Web
+Console open (bmo#1828026)
+ * Fixed: Fixed a bug which would cause the bookmarks and
+history sidebars to not properly react to the browser window
+being vertically resized (bmo#1831535)
+
+---
Old:
firefox-113.0.1.source.tar.xz
firefox-113.0.1.source.tar.xz.asc
l10n-113.0.1.tar.xz
New:
firefox-113.0.2.source.tar.xz
firefox-113.0.2.source.tar.xz.asc
l10n-113.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.OlgaPa/_old 2023-05-26 20:15:34.988301881 +0200
+++ /var/tmp/diff_new_pack.OlgaPa/_new 2023-05-26 20:15:34.992301904 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 113
-%define mainver%major.0.1
-%define orig_version 113.0.1
+%define mainver%major.0.2
+%define orig_version 113.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-113.0.1.source.tar.xz -> firefox-113.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-113.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/firefox-113.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-113.0.1.tar.xz -> l10n-113.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.OlgaPa/_old 2023-05-26 20:15:35.324303883 +0200
+++ /var/tmp/diff_new_pack.OlgaPa/_new 2023-05-26 20:15:35.328303907 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="113.0.1"
+VERSION="113.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="113.0"
+PREV_VERSION="113.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="8141476bccc7d2e2468b740df03954d6ab212248"
-RELEASE_TIMESTAMP="20230511191846"
+RELEASE_TAG="f33c60c4ff99d5beed15c73b80250287090e2861"
+RELEASE_TIMESTAMP="20230522134052"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-05-15 16:54:03
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533 (New)
Package is "MozillaFirefox"
Mon May 15 16:54:03 2023 rev:398 rq:1087124 version:113.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-05-11 12:31:43.114181831 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/MozillaFirefox.changes
2023-05-15 16:54:06.248101476 +0200
@@ -1,0 +2,7 @@
+Sat May 13 20:56:05 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 113.0.1
+ * UI fixes for other platforms
+- upstream signing key updated
+
+---
Old:
firefox-113.0.source.tar.xz
firefox-113.0.source.tar.xz.asc
l10n-113.0.tar.xz
New:
firefox-113.0.1.source.tar.xz
firefox-113.0.1.source.tar.xz.asc
l10n-113.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.r36Ux1/_old 2023-05-15 16:54:22.008188454 +0200
+++ /var/tmp/diff_new_pack.r36Ux1/_new 2023-05-15 16:54:22.012188476 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 113
-%define mainver%major.0
-%define orig_version 113.0
+%define mainver%major.0.1
+%define orig_version 113.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-113.0.source.tar.xz -> firefox-113.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-113.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/firefox-113.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-113.0.tar.xz -> l10n-113.0.1.tar.xz ++
++ mozilla.keyring ++
--- /var/tmp/diff_new_pack.r36Ux1/_old 2023-05-15 16:54:22.408190662 +0200
+++ /var/tmp/diff_new_pack.r36Ux1/_new 2023-05-15 16:54:22.412190684 +0200
@@ -1,5 +1,5 @@
-This file contains the PGP keys of various developers that work on
-Mozilla and its subprojects (such as Firefox and Thunderbird).
+This file contains the public PGP key that is used to sign builds and
+artifacts of Mozilla projects (such as Firefox and Thunderbird).
Please realize that this file itself or the public key servers may be
compromised. You are encouraged to validate the authenticity of these keys in
@@ -14,6 +14,7 @@
sub rsa4096 2017-06-22 [S] [expired: 2019-06-22]
sub rsa4096 2019-05-30 [S] [expires: 2021-05-29]
sub rsa4096 2021-05-17 [S] [expires: 2023-05-17]
+sub rsa4096 2023-05-05 [S] [expires: 2025-05-04]
-BEGIN PGP PUBLIC KEY BLOCK-
@@ -364,7 +365,42 @@
PcHqLWpFDtEdLv6YtOwScE0eYb5/SA3XsmK3qgzEAzBfchwl4PqAhiQAf/tbx5Eg
AUbFmwhEcgd9xMY5w6+8/5FjoXwHYmdfjKT9iD7QxF3LnymskoKQQGWBHiwJjaA8
LYPpopUg9we00zNdSGNXv1Lau9AM//ATiusH8iLJj33ofQh6FviQG6W3TlLPqx/o
-IxxNj5bPAQy6dRKB1TxlWr4X0pUWxuqBeObPoHS9j0ysxKPruw==
-=81zK
+IxxNj5bPAQy6dRKB1TxlWr4X0pUWxuqBeObPoHS9j0ysxKPru7kCDQRkVUBzARAA
+1cD3n5ue0sCcZmqX2FbtIFRsk39rlGkvuxYABsWBTzr0RbRW7h46VzWbOcU5ZmbJ
+rp/bhgkSYRR3drmzT63yUZ62dnww6e5LJjGSt19zzcber9BHELjqKqfAfLNsuZ7Z
+Q5p78c6uiJhe8WpbWogbspxJ20duraLGmK4Kl23fa3tF0Gng1RLhoFcSVK/WtDZy
+C+elPKpch1Sru6sw/r8ktfuhNIRGxdbj/lFHNVOzCXb3MTAqpIynNGMocFFnqWLZ
+LtItphHxPUqVr6LKvc3i3aMlC6IvLNg0Nu8O088Hg3Ah9tRmXKOshLjYjPeXqM9e
+dqoWWqpzxDTNl6JlFMwP+OacMKsyX7Wq+ZXC/o3ygC/oclYUKtiuoGg47fSCN2GS
+3V2GX2zFlT6SEvEQQb2g5yISLX9Q/g9AyJdqtfaLe4Fv6vM4P1xhOUDnjmdoulm3
+FGkC701ZF7eFhMSRUM9QhkGH6Yz2TvS4ht6Whg7aVt4ErIoJfj9jzJOp6k9vna5L
+mgkj8l19NTiUQ7gk98H3wW4mRrINxZ2yQD47V/LJ+tUamJc5ac+I0VP7c15xmKEJ
+2rfGCGhiSWQwZZw7Y2/qoADSBlI28RlBTuRP2i6AdwyJU+75CzxGzMpr/wBLhZT+
+fNRV4HHd5dgR3YxajpkzZ6wXL2aaJhznFEmLBLokOwMAEQEAAYkEcgQYAQoAJhYh
+BBTyZoLQkWzdgeN7bWG3tSbZjwNTBQJkVUBzAhsCBQkDwmcAAkAJEGG3tSbZjwNT
+wXQgBBkBCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmRVQHMACgkQ4207E/PZ
+MnRgdg/+LAha8Vh1SIVpXzUHVdx81kPyxBSaXtOtbBw6u9EiPW+xCUiF/pyn7H1l
+u+hAodeNFADsXmmONKcBjURVfwO81s60gLKYBXxpcLLQXrfNOLrYMnokr5FfuI3z
+Z0AoSnEoS9ufnf/7spjba8RldV1q2krdw1KtbiLq3D8v4E3qRfx5SqCA+eJSavaA
+h3aBi6lvRlUSZmz8RWwq6gP9Z4BiTTyFp5jQv1ZKJb5OJ+44A0pS+RvGDRq/bAAU
+QULLIJVOhiTM74sb/BPmeRYUS++ee10IFW4bsrKJonCoSQTXQexOpH6AAFXeZDak
+JfyjTxnl3+AtA4VEp1UJIm0Ywe0h6lT0isSJPVp3RFZRPjq0g+/VniBsvYhLE/70
+ph9ImU4HXdNumZVqXqawmIDRwv7NbYjpQ8QnzcP3vJ5XQ4/bNU/xWd1eM2gdpbXI
+9B46ER7fQcIJRNrawbEbfzuHy5nINAzrznsg+fAC76w2Omrn547QiY2ey7jy7k79
+tlCXGXWAt9ikkJ95BCLsOu5OTxPi4/UUS2en1yDbx5ej7Hh79oEZxzubW1+v5O1+
+tXgMOWd6ZgXwquq50vs+X4mi7BKE2b1Mi6Zq2Y+Kw7dAEbYYzhsSA+SRPu5vrJgL
+TNQmGxxbrSA+lCUvQ8dPywXz00vKiQwI9uRqtK0LX1BLuHKIhg4OgxAAnmFSZgu7
+wIsE2kBYwabCSIFJZzHu0lgtRyYrY8Xh7Pg+V9slIiMGG4SIyq5eUfmU8bXjc4vQ
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-05-11 12:31:37
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533 (New)
Package is "MozillaFirefox"
Thu May 11 12:31:37 2023 rev:397 rq:1085989 version:113.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-05-09 13:07:31.537088040 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/MozillaFirefox.changes
2023-05-11 12:31:43.114181831 +0200
@@ -1,0 +2,38 @@
+Tue May 9 21:12:38 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 113.0
+ * https://www.mozilla.org/en-US/firefox/113.0/releasenotes
+ MFSA 2023-16 (bsc#1211175)
+ * CVE-2023-32205 (bmo#1753339, bmo#1753341)
+Browser prompts could have been obscured by popups
+ * CVE-2023-32206 (bmo#1824892)
+Crash in RLBox Expat driver
+ * CVE-2023-32207 (bmo#1826116)
+Potential permissions request bypass via clickjacking
+ * CVE-2023-32208 (bmo#1646034)
+Leak of script base URL in service workers via import()
+ * CVE-2023-32209 (bmo#1767194)
+Persistent DoS via favicon image
+ * CVE-2023-32210 (bmo#1776755)
+Incorrect principal object ordering
+ * CVE-2023-32211 (bmo#1823379)
+Content process crash due to invalid wasm code
+ * CVE-2023-32212 (bmo#1826622)
+Potential spoof due to obscured address bar
+ * CVE-2023-32213 (bmo#182)
+Potential memory corruption in FileReader::DoReadData()
+ * MFSA-TMP-2023-0002 (bmo#1814560, bmo#1814790, bmo#1819796)
+Race condition in dav1d decoding
+ * CVE-2023-32214 (bmo#1828716)
+Potential DoS via exposed protocol handlers
+ * CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856, bmo#1820210,
+bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144, bmo#1827359,
+bmo#1830186)
+Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
+ * CVE-2023-32216 (bmo#1746479, bmo#1806852, bmo#1815987,
+bmo#1820359, bmo#1823568, bmo#1824803, bmo#1824834, bmo#1825170,
+bmo#1827020, bmo#1828130)
+Memory safety bugs fixed in Firefox 113
+- removed obsolete mozilla-bmo1568145.patch
+
+---
Old:
firefox-112.0.2.source.tar.xz
firefox-112.0.2.source.tar.xz.asc
l10n-112.0.2.tar.xz
mozilla-bmo1568145.patch
New:
firefox-113.0.source.tar.xz
firefox-113.0.source.tar.xz.asc
l10n-113.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.XhEI1z/_old 2023-05-11 12:31:54.714238842 +0200
+++ /var/tmp/diff_new_pack.XhEI1z/_new 2023-05-11 12:31:54.722238880 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 112
-%define mainver%major.0.2
-%define orig_version 112.0.2
+%define major 113
+%define mainver%major.0
+%define orig_version 113.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -220,20 +220,19 @@
Patch7: mozilla-pgo.patch
Patch8: mozilla-reduce-rust-debuginfo.patch
Patch9: mozilla-bmo1005535.patch
-Patch10:mozilla-bmo1568145.patch
-Patch11:mozilla-bmo1504834-part1.patch
-Patch13:mozilla-bmo1504834-part3.patch
-Patch14:mozilla-bmo1512162.patch
-Patch15:mozilla-fix-top-level-asm.patch
-Patch17:mozilla-bmo849632.patch
-Patch18:mozilla-bmo998749.patch
-Patch20:mozilla-s390x-skia-gradient.patch
-Patch21:mozilla-libavcodec58_91.patch
-Patch22:mozilla-silence-no-return-type.patch
-Patch23:mozilla-bmo531915.patch
-Patch25:one_swizzle_to_rule_them_all.patch
-Patch26:svg-rendering.patch
-Patch27:mozilla-buildfixes.patch
+Patch10:mozilla-bmo1504834-part1.patch
+Patch11:mozilla-bmo1504834-part3.patch
+Patch12:mozilla-bmo1512162.patch
+Patch13:mozilla-fix-top-level-asm.patch
+Patch14:mozilla-bmo849632.patch
+Patch15:mozilla-bmo998749.patch
+Patch16:mozilla-s390x-skia-gradient.patch
+Patch17:mozilla-libavcodec58_91.patch
+Patch18:mozilla-silence-no-return-type.patch
+Patch19:mozilla-bmo531915.patch
+Patch20:one_swizzle_to_rule_them_all.patch
+Patch21:svg-rendering.patch
+Patch22:mozilla-buildfixes.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
++ firefox-112.0.2.source.tar.xz -> firefox-113.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-112.0.2.source.tar.xz
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-05-09 13:07:21
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533 (New)
Package is "MozillaFirefox"
Tue May 9 13:07:21 2023 rev:396 rq:1085402 version:112.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-04-27 19:56:52.128491487 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/MozillaFirefox.changes
2023-05-09 13:07:31.537088040 +0200
@@ -1,0 +2,5 @@
+Sun May 7 19:47:00 UTC 2023 - Aaron Puchert
+
+- Fix i586 build by reducing debug info to -g1. (boo#1210168)
+
+---
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.E1CZnL/_old 2023-05-09 13:07:37.625124277 +0200
+++ /var/tmp/diff_new_pack.E1CZnL/_new 2023-05-09 13:07:37.633124324 +0200
@@ -252,7 +252,7 @@
%if 0%{?devpkg} == 0
Obsoletes: %{name}-devel < %{version}
%endif
-ExcludeArch:armv6l armv6hl ppc ppc64 ppc64le %ix86
+ExcludeArch:armv6l armv6hl ppc ppc64 ppc64le
%description
Mozilla Firefox is a standalone web browser, designed for standards
@@ -401,6 +401,10 @@
export CFLAGS="\$CFLAGS -mminimal-toc"
%endif
%endif
+%ifarch %ix86
+# Not enough memory on 32-bit systems, reduce debug info.
+export CFLAGS="\$CFLAGS -g1"
+%endif
export CXXFLAGS="\$CFLAGS"
export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
EOF
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-04-27 19:56:49
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533 (New)
Package is "MozillaFirefox"
Thu Apr 27 19:56:49 2023 rev:395 rq:1082809 version:112.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-04-22 21:56:25.515768962 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/MozillaFirefox.changes
2023-04-27 19:56:52.128491487 +0200
@@ -1,0 +2,16 @@
+Tue Apr 25 16:01:07 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 112.0.2
+ * Fix a high memory usage issue with animated images in minimized
+(or completely covered) windows, especially when using animated
+themes (bmo#1828587)
+ * Fix an issue where Linux users with bitmap fonts installed may
+have had entire sections of text invisible to them on some
+sites (bmo#1827950)
+
+---
+Fri Apr 21 09:48:25 UTC 2023 - Manfred Hollstein
+
+- Include Leap 15.5 in check for which python version is required.
+
+---
Old:
firefox-112.0.1.source.tar.xz
firefox-112.0.1.source.tar.xz.asc
l10n-112.0.1.tar.xz
New:
firefox-112.0.2.source.tar.xz
firefox-112.0.2.source.tar.xz.asc
l10n-112.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.s0cNOD/_old 2023-04-27 19:57:03.760559868 +0200
+++ /var/tmp/diff_new_pack.s0cNOD/_new 2023-04-27 19:57:03.764559891 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 112
-%define mainver%major.0.1
-%define orig_version 112.0.1
+%define mainver%major.0.2
+%define orig_version 112.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -127,7 +127,7 @@
BuildRequires: python-libxml2
BuildRequires: python36
%else
-%if 0%{?sle_version} >= 15 && 0%{?sle_version} < 150500
+%if 0%{?sle_version} >= 15 && 0%{?sle_version} <= 150500
BuildRequires: python39
BuildRequires: python39-curses
BuildRequires: python39-devel
++ firefox-112.0.1.source.tar.xz -> firefox-112.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-112.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/firefox-112.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-112.0.1.tar.xz -> l10n-112.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.s0cNOD/_old 2023-04-27 19:57:04.148562148 +0200
+++ /var/tmp/diff_new_pack.s0cNOD/_new 2023-04-27 19:57:04.152562172 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="112.0.1"
+VERSION="112.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="112.0"
+PREV_VERSION="112.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="abc07166ae78021ff1d14bcbe58038b386500dae"
-RELEASE_TIMESTAMP="20230414125621"
+RELEASE_TAG="50d8cc21a93a1343250b71090f4a9c9fee37091c"
+RELEASE_TIMESTAMP="20230424110519"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-04-22 21:56:24
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533 (New)
Package is "MozillaFirefox"
Sat Apr 22 21:56:24 2023 rev:394 rq:1080954 version:112.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-04-13 14:09:44.527950202 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/MozillaFirefox.changes
2023-04-22 21:56:25.515768962 +0200
@@ -1,0 +2,8 @@
+Thu Apr 20 13:24:13 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 112.0.1
+ * Fix a bug where cookie dates appear to be set in the far
+future after updating Firefox. This may have caused cookies to
+be unintentionally purged (bmo#1827669)
+
+---
Old:
firefox-112.0.source.tar.xz
firefox-112.0.source.tar.xz.asc
l10n-112.0.tar.xz
New:
firefox-112.0.1.source.tar.xz
firefox-112.0.1.source.tar.xz.asc
l10n-112.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.6PkAWi/_old 2023-04-22 21:56:41.079862014 +0200
+++ /var/tmp/diff_new_pack.6PkAWi/_new 2023-04-22 21:56:41.091862086 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %%major.99
%define major 112
-%define mainver%major.0
-%define orig_version 112.0
+%define mainver%major.0.1
+%define orig_version 112.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-112.0.source.tar.xz -> firefox-112.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-112.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/firefox-112.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-112.0.tar.xz -> l10n-112.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.6PkAWi/_old 2023-04-22 21:56:41.495864502 +0200
+++ /var/tmp/diff_new_pack.6PkAWi/_new 2023-04-22 21:56:41.499864525 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="112.0"
+VERSION="112.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="111.0.1"
+PREV_VERSION="112.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="d2b2ff2c6e3ceb267e77b0163c860f7a1f13ff4a"
-RELEASE_TIMESTAMP="20230406114409"
+RELEASE_TAG="abc07166ae78021ff1d14bcbe58038b386500dae"
+RELEASE_TIMESTAMP="20230414125621"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-04-13 14:09:31
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.19717 (New)
Package is "MozillaFirefox"
Thu Apr 13 14:09:31 2023 rev:393 rq:1078521 version:112.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-04-04 21:17:42.992156062 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.19717/MozillaFirefox.changes
2023-04-13 14:09:44.527950202 +0200
@@ -1,0 +2,66 @@
+Mon Apr 10 21:58:19 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 112.0
+ * https://www.mozilla.org/en-US/firefox/112.0/releasenotes/
+ MFSA 2023-13 (bsc#1210212)
+ * CVE-2023-29531 (bmo#1794292)
+Out-of-bound memory access in WebGL on macOS
+ * CVE-2023-29532 (bmo#1806394)
+Mozilla Maintenance Service Write-lock bypass
+ * CVE-2023-29533 (bmo#1798219, bmo#1814597)
+Fullscreen notification obscured
+ * CVE-2023-29534 (bmo#1816007, bmo#1816059, bmo#1821155, bmo#1821576,
+bmo#1821906, bmo#1822298, bmo#1822305)
+Fullscreen notification could have been obscured on Firefox
+for Android
+ * MFSA-TMP-2023-0001 (bmo#1819244)
+Double-free in libwebp
+ * CVE-2023-29535 (bmo#1820543)
+Potential Memory Corruption following Garbage Collector compaction
+ * CVE-2023-29536 (bmo#1821959)
+Invalid free from JavaScript code
+ * CVE-2023-29537 (bmo#1823365, bmo#1824200, bmo#1825569)
+Data Races in font initialization code
+ * CVE-2023-29538 (bmo#1685403)
+Directory information could have been leaked to WebExtensions
+ * CVE-2023-29539 (bmo#1784348)
+Content-Disposition filename truncation leads to Reflected
+File Download
+ * CVE-2023-29540 (bmo#1790542)
+Iframe sandbox bypass using redirects and sourceMappingUrls
+ * CVE-2023-29541 (bmo#1810191)
+Files with malicious extensions could have been downloaded
+unsafely on Linux
+ * CVE-2023-29542 (bmo#1810793, bmo#1815062)
+Bypass of file download extension restrictions
+ * CVE-2023-29543 (bmo#1816158)
+Use-after-free in debugging APIs
+ * CVE-2023-29544 (bmo#1818781)
+Memory Corruption in garbage collector
+ * CVE-2023-29545 (bmo#1823077)
+Windows Save As dialog resolved environment variables
+ * CVE-2023-29546 (bmo#1780842)
+Screen recording in Private Browsing included address bar on
+Android
+ * CVE-2023-29547 (bmo#1783536)
+Secure document cookie could be spoofed with insecure cookie
+ * CVE-2023-29548 (bmo#1822754)
+Incorrect optimization result on ARM64
+ * CVE-2023-29549 (bmo#1823042)
+Javascript's bind function may have failed
+ * CVE-2023-29550 (bmo#1720594, bmo#1751945, bmo#1812498, bmo#1814217,
+bmo#1818357, bmo#1818762, bmo#1819493, bmo#1820389, bmo#1820602,
+bmo#1821448, bmo#1822413, bmo#1824828)
+Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10
+ * CVE-2023-29551 (bmo#1763625, bmo#1814314, bmo#1815798, bmo#1815890,
+bmo#1819239, bmo#1819465, bmo#1819486, bmo#1819492, bmo#1819957,
+bmo#1820514, bmo#1820776, bmo#1821838, bmo#1822175, bmo#1823547)
+Memory safety bugs fixed in Firefox 112
+- requires
+ * NSS 3.89
+ * Python >= 3.7 (for build)
+- removed obsolete mozilla-bmo1807652.patch
+- Fix Icons displayed incorrectly on GNOME/wayland via WMCLASS
+ in desktop file
+
+---
Old:
firefox-111.0.1.source.tar.xz
firefox-111.0.1.source.tar.xz.asc
l10n-111.0.1.tar.xz
mozilla-bmo1807652.patch
New:
firefox-112.0.source.tar.xz
firefox-112.0.source.tar.xz.asc
l10n-112.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.iFW7JD/_old 2023-04-13 14:09:57.196022940 +0200
+++ /var/tmp/diff_new_pack.iFW7JD/_new 2023-04-13 14:09:57.200022963 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 111
-%define mainver%major.0.1
-%define orig_version 111.0.1
+%define major 112
+%define mainver%major.0
+%define orig_version 112.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -120,17 +120,23 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.88.1
+BuildRequires: mozilla-nss-devel >= 3.89
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
BuildRequires: python-libxml2
BuildRequires: python36
%else
-BuildRequires: python3 >= 3.5
+%if
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-04-04 21:17:24
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.19717 (New)
Package is "MozillaFirefox"
Tue Apr 4 21:17:24 2023 rev:392 rq:1077029 version:111.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-03-11 18:22:25.810377242 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.19717/MozillaFirefox.changes
2023-04-04 21:17:42.992156062 +0200
@@ -1,0 +2,58 @@
+Mon Mar 27 15:17:17 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 111.0.1 (boo#1209688)
+ * Fixed a crash on macOS while pinch-zooming under some circumstances
+(bmo#1658986)
+ * Fixed a bug causing Firefox to freeze on startup for some
+Windows users (bmo#1823159)
+- fix build on Tumbleweed (mozilla-bmo1807652.patch)
+- exclude i586/i686 once again because it fails to link libxul due
+ to its size
+
+---
+Tue Mar 14 14:29:09 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 111.0
+ * https://www.mozilla.org/en-US/firefox/111.0/releasenotes
+ MFSA 2023-09 (bsc#1209173)
+ * CVE-2023-28159 (bmo#1783561)
+Fullscreen Notification could have been hidden by download
+popups on Android
+ * CVE-2023-25748 (bmo#1798798)
+Fullscreen Notification could have been hidden by window
+prompts on Android
+ * CVE-2023-25749 (bmo#1810705)
+Firefox for Android may have opened third-party apps without
+a prompt
+ * CVE-2023-25750 (bmo#1814733)
+Potential ServiceWorker cache leak during private browsing mode
+ * CVE-2023-25751 (bmo#1814899)
+Incorrect code generation during JIT compilation
+ * CVE-2023-28160 (bmo#1802385)
+Redirect to Web Extension files may have leaked local path
+ * CVE-2023-28164 (bmo#1809122)
+URL being dragged from a removed cross-origin iframe into the
+same tab triggered navigation
+ * CVE-2023-28161 (bmo#1811181)
+One-time permissions granted to a local file were extended to
+other local files loaded in the same tab
+ * CVE-2023-28162 (bmo#1811327)
+Invalid downcast in Worklets
+ * CVE-2023-25752 (bmo#1811627)
+Potential out-of-bounds when accessing throttled streams
+ * CVE-2023-28163 (bmo#1817768)
+Windows Save As dialog resolved environment variables
+ * CVE-2023-28176 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442,
+bmo#1818674)
+Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9
+ * CVE-2023-28177 (bmo#1803109, bmo#1808832, bmo#1809542, bmo#1817336)
+Memory safety bugs fixed in Firefox 111
+- ensure gcc11-c++ gets used on Leap 15.5
+- requires NSS >= 3.88.1
+- removed obsolete patches
+ gcc13-fix.patch
+ mozilla-bmo1810584.patch
+- rebased patches
+- update create-tar.sh
+
+---
Old:
firefox-110.0.1.source.tar.xz
firefox-110.0.1.source.tar.xz.asc
gcc13-fix.patch
l10n-110.0.1.tar.xz
mozilla-bmo1810584.patch
New:
firefox-111.0.1.source.tar.xz
firefox-111.0.1.source.tar.xz.asc
l10n-111.0.1.tar.xz
mozilla-bmo1807652.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.rPejYy/_old 2023-04-04 21:17:58.564255344 +0200
+++ /var/tmp/diff_new_pack.rPejYy/_new 2023-04-04 21:17:58.572255395 +0200
@@ -27,10 +27,10 @@
# orig_version 70.0
# orig_suffix b3
# major 69
-# mainver %major.99
-%define major 110
+# mainver %%major.99
+%define major 111
%define mainver%major.0.1
-%define orig_version 110.0.1
+%define orig_version 111.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -93,7 +93,7 @@
BuildRequires: dejavu-fonts
BuildRequires: fdupes
BuildRequires: memory-constraints
-%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150400
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150500
BuildRequires: gcc11-c++
%else
BuildRequires: gcc-c++
@@ -108,8 +108,8 @@
# minimal requirement:
BuildRequires: rust+cargo >= 1.65
# actually used upstream:
-BuildRequires: cargo1.66
-BuildRequires: rust1.66
+BuildRequires: cargo1.67
+BuildRequires: rust1.67
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -120,7 +120,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.87
+BuildRequires: mozilla-nss-devel >= 3.88.1
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-03-11 18:22:13
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432 (New)
Package is "MozillaFirefox"
Sat Mar 11 18:22:13 2023 rev:391 rq:1070344 version:110.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-03-08 14:51:36.114358896 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432/MozillaFirefox.changes
2023-03-11 18:22:25.810377242 +0100
@@ -1,0 +2,5 @@
+Tue Mar 7 09:40:11 UTC 2023 - Martin Liška
+
+- Cherry-pick upstream changes for GCC 13 in gcc13-fix.patch.
+
+---
@@ -9 +14 @@
-- Fix 32 bit build bmo#1810584 add mozilla-bmo1810584.patch
+- Fix 32 bit build bmo#1810584 (add mozilla-bmo1810584.patch)
@@ -14 +19 @@
-- Mozilla Firefox 110.0.1 boo#1208886
+- Mozilla Firefox 110.0.1 (boo#1208886)
@@ -20 +25 @@
-Digital ID in Denmark (Bug 1819096)
+Digital ID in Denmark (bmo#1819096)
New:
gcc13-fix.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Z99ztK/_old 2023-03-11 18:22:29.706397540 +0100
+++ /var/tmp/diff_new_pack.Z99ztK/_new 2023-03-11 18:22:29.710397561 +0100
@@ -229,6 +229,7 @@
Patch26:svg-rendering.patch
Patch27:mozilla-buildfixes.patch
Patch28:mozilla-bmo1810584.patch
+Patch29:gcc13-fix.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
++ gcc13-fix.patch ++
diff --git a/tools/profiler/core/platform.cpp b/tools/profiler/core/platform.cpp
--- a/tools/profiler/core/platform.cpp
+++ b/tools/profiler/core/platform.cpp
@@ -1176,11 +1176,11 @@
if (!profiledThreadData) {
// This thread was not profiled, continue with the next one.
continue;
}
ThreadRegistry::OffThreadRef::RWFromAnyThreadWithLock lockedThreadData =
- offThreadRef.LockedRWFromAnyThread();
+ offThreadRef.GetLockedRWFromAnyThread();
MOZ_RELEASE_ASSERT(array.append(ProfiledThreadListElement{
profiledThreadData->Info().RegisterTime(),
lockedThreadData->GetJSContext(), profiledThreadData}));
}
@@ -4208,11 +4208,11 @@
ProfileBufferEntry::Kind::RunningTimes, runningTimesDiff);
}
if (threadStackSampling) {
ThreadRegistry::OffThreadRef::RWFromAnyThreadWithLock
- lockedThreadData = offThreadRef.LockedRWFromAnyThread();
+ lockedThreadData = offThreadRef.GetLockedRWFromAnyThread();
// Suspend the thread and collect its stack data in the local
// buffer.
mSampler.SuspendAndSampleAndResumeThread(
lock, lockedThreadData.DataCRef(), now,
[&](const Registers& aRegs, const TimeStamp& aNow) {
@@ -4922,11 +4922,11 @@
ThreadProfilingFeatures threadProfilingFeatures =
ActivePS::ProfilingFeaturesForThread(
aLock, aOffThreadRef.UnlockedConstReaderCRef().Info());
if (threadProfilingFeatures != ThreadProfilingFeatures::NotProfiled) {
ThreadRegistry::OffThreadRef::RWFromAnyThreadWithLock
- lockedRWFromAnyThread = aOffThreadRef.LockedRWFromAnyThread();
+ lockedRWFromAnyThread = aOffThreadRef.GetLockedRWFromAnyThread();
ProfiledThreadData* profiledThreadData = ActivePS::AddLiveProfiledThread(
aLock, MakeUnique(
aOffThreadRef.UnlockedConstReaderCRef().Info()));
lockedRWFromAnyThread->SetProfilingFeaturesAndData(
@@ -5788,11 +5788,11 @@
ThreadProfilingFeatures threadProfilingFeatures =
ActivePS::ProfilingFeaturesForThread(aLock, info);
if (threadProfilingFeatures != ThreadProfilingFeatures::NotProfiled) {
ThreadRegistry::OffThreadRef::RWFromAnyThreadWithLock lockedThreadData =
- offThreadRef.LockedRWFromAnyThread();
+ offThreadRef.GetLockedRWFromAnyThread();
ProfiledThreadData* profiledThreadData = ActivePS::AddLiveProfiledThread(
aLock, MakeUnique(info));
lockedThreadData->SetProfilingFeaturesAndData(threadProfilingFeatures,
profiledThreadData, aLock);
lockedThreadData->GetNewCpuTimeInNs();
@@ -6012,11 +6012,11 @@
ThreadProfilingFeatures::NotProfiled) {
continue;
}
ThreadRegistry::OffThreadRef::RWFromAnyThreadWithLock lockedThreadData =
-offThreadRef.LockedRWFromAnyThread();
+
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2023-03-08 14:51:33 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432 (New) Package is "MozillaFirefox" Wed Mar 8 14:51:33 2023 rev:390 rq:1069866 version:110.0.1 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2023-03-06 18:54:06.680223855 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432/MozillaFirefox.changes 2023-03-08 14:51:36.114358896 +0100 @@ -1,0 +2,5 @@ +Mon Mar 6 20:09:41 UTC 2023 - Andreas Schwab + +- Limit memory use on riscv64 + +--- Other differences: -- ++ MozillaFirefox.spec ++ --- /var/tmp/diff_new_pack.lcg23A/_old 2023-03-08 14:51:39.686378347 +0100 +++ /var/tmp/diff_new_pack.lcg23A/_new 2023-03-08 14:51:39.690378369 +0100 @@ -405,7 +405,7 @@ # Done with env-variables. source ./.obsenv.sh -%ifarch aarch64 %arm ppc64 ppc64le +%ifarch aarch64 %arm ppc64 ppc64le riscv64 %limit_build -m 2500 %endif
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-03-06 18:54:05
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432 (New)
Package is "MozillaFirefox"
Mon Mar 6 18:54:05 2023 rev:389 rq:1069444 version:110.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-02-02 18:21:34.512969125 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432/MozillaFirefox.changes
2023-03-06 18:54:06.680223855 +0100
@@ -1,0 +2,67 @@
+Sat Mar 4 16:03:22 UTC 2023 - Andreas Stieger
+
+- Fix 32 bit build bmo#1810584 add mozilla-bmo1810584.patch
+
+---
+Fri Mar 3 17:29:27 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 110.0.1 boo#1208886
+ * Fixed clearing recent cookies clears all cookies
+(bmo#1816279)
+ * Fixed WebGL crashes on Linux when ran inside a VMWare virtual
+machine (bmo#1807942)
+ * Fixed a bug with CSP serialization causing bugs with the MitID
+Digital ID in Denmark (Bug 1819096)
+
+---
+Wed Feb 15 09:56:46 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 110.0
+ * https://www.mozilla.org/en-US/firefox/110.0/releasenotes
+ MFSA 2023-05 (bsc#1208144)
+ * CVE-2023-25728 (bmo#1790345)
+Content security policy leak in violation reports using iframes
+ * CVE-2023-25730 (bmo#1794622)
+Screen hijack via browser fullscreen mode
+ * CVE-2023-25743 (bmo#1800203)
+Fullscreen notification not shown in Firefox Focus
+ * CVE-2023-0767 (bmo#1804640)
+Arbitrary memory write via PKCS 12 in NSS
+ * CVE-2023-25735 (bmo#1810711)
+Potential use-after-free from compartment mismatch in SpiderMonkey
+ * CVE-2023-25737 (bmo#1811464)
+Invalid downcast in SVGUtils::SetupStrokeGeometry
+ * CVE-2023-25738 (bmo#1811852)
+Printing on Windows could potentially crash Firefox with some
+device drivers
+ * CVE-2023-25739 (bmo#1811939)
+Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
+ * CVE-2023-25729 (bmo#1792138)
+Extensions could have opened external schemes without user knowledge
+ * CVE-2023-25732 (bmo#1804564)
+Out of bounds memory write from EncodeInputStream
+ * CVE-2023-25734 (bmo#1784451, bmo#1809923, bmo#1810143, bmo#1812338)
+Opening local .url files could cause unexpected network loads
+ * CVE-2023-25740 (bmo#1812354)
+Opening local .scf files could cause unexpected network loads
+ * CVE-2023-25731 (bmo#1801542)
+Prototype pollution when rendering URLPreview
+ * CVE-2023-25733 (bmo#1808632)
+Possible null pointer dereference in TaskbarPreviewCallback
+ * CVE-2023-25736 (bmo#1811331)
+Invalid downcast in GetTableSelectionMode
+ * CVE-2023-25741 (bmo#1437126, bmo#1812611, bmo#1813376)
+Same-origin policy leak via image drag and drop
+ * CVE-2023-25742 (bmo#1813424)
+Web Crypto ImportKey crashes tab
+ * CVE-2023-25744 (bmo#1789449, bmo#1803628, bmo#1810536)
+Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8
+ * CVE-2023-25745 (bmo#1688592, bmo#1797186, bmo#1804998,
+bmo#1806521, bmo#1813284)
+Memory safety bugs fixed in Firefox 110
+- requires
+ NSS = 3.87
+ rust/cargo = 1.66
+- update create-tar.sh
+
+---
Old:
firefox-109.0.1.source.tar.xz
firefox-109.0.1.source.tar.xz.asc
l10n-109.0.1.tar.xz
New:
firefox-110.0.1.source.tar.xz
firefox-110.0.1.source.tar.xz.asc
l10n-110.0.1.tar.xz
mozilla-bmo1810584.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.u8bZTu/_old 2023-03-06 18:54:53.712463831 +0100
+++ /var/tmp/diff_new_pack.u8bZTu/_new 2023-03-06 18:54:53.716463851 +0100
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 109
+%define major 110
%define mainver%major.0.1
-%define orig_version 109.0.1
+%define orig_version 110.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -99,17 +99,17 @@
BuildRequires: gcc-c++
%endif
%if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300
-BuildRequires: cargo >= 1.63
-BuildRequires: rust >= 1.63
+BuildRequires: cargo >= 1.65
+BuildRequires: rust >= 1.65
%else
# Newer sle/leap/tw use parallel versioned rust releases which have
# a different method for provides that we can use to request a
# specific version
# minimal requirement:
-BuildRequires: rust+cargo >= 1.63
+BuildRequires: rust+cargo >= 1.65
#
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-02-02 18:07:47
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32243 (New)
Package is "MozillaFirefox"
Thu Feb 2 18:07:47 2023 rev:388 rq:1062544 version:109.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-01-20 17:36:40.575856426 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32243/MozillaFirefox.changes
2023-02-02 18:21:34.512969125 +0100
@@ -1,0 +2,12 @@
+Wed Feb 1 19:48:47 UTC 2023 - Andreas Stieger
+
+- Mozilla Firefox 109.0.1
+ * Fixed jank when loading pages containing a large number of
+emoji characters (bmo#1809081)
+ * Fixed an issue causing authentication prompts to not appear
+when loading pages in some enterprise environments
+(bmo#1809151)
+ * ixed inconsistent sizing of event listener checkboxes inside
+the Inspector developer tool (bmo#1811760)
+
+---
Old:
firefox-109.0.source.tar.xz
firefox-109.0.source.tar.xz.asc
l10n-109.0.tar.xz
New:
firefox-109.0.1.source.tar.xz
firefox-109.0.1.source.tar.xz.asc
l10n-109.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.MJOqpS/_old 2023-02-02 18:21:43.293022996 +0100
+++ /var/tmp/diff_new_pack.MJOqpS/_new 2023-02-02 18:21:43.301023046 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 109
-%define mainver%major.0
-%define orig_version 109.0
+%define mainver%major.0.1
+%define orig_version 109.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-109.0.source.tar.xz -> firefox-109.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-109.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.32243/firefox-109.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-109.0.tar.xz -> l10n-109.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.MJOqpS/_old 2023-02-02 18:21:43.633025082 +0100
+++ /var/tmp/diff_new_pack.MJOqpS/_new 2023-02-02 18:21:43.637025108 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="109.0"
+VERSION="109.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="108.0.2"
+PREV_VERSION="109.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="4de36fef43a27c91f7b8408a117f43d55df3abaf"
-RELEASE_TIMESTAMP="20230112150232"
+RELEASE_TAG="30244986d6ff55bc3396db436fe1dba555828106"
+RELEASE_TIMESTAMP="20230127170202"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-01-20 17:36:31
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32243 (New)
Package is "MozillaFirefox"
Fri Jan 20 17:36:31 2023 rev:387 rq:1059273 version:109.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2023-01-07 17:16:30.669009364 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32243/MozillaFirefox.changes
2023-01-20 17:36:40.575856426 +0100
@@ -1,0 +2,37 @@
+Mon Jan 16 06:54:09 UTC 2023 - Wolfgang Rosenauer
+
+- Mozilla Firefox 109.0
+ MFSA 2023-01 (bsc#1207119)
+ * CVE-2023-23597 (bmo#1538028)
+Logic bug in process allocation allowed to read arbitrary
+files
+ * CVE-2023-23598 (bmo#1800425)
+Arbitrary file read from GTK drag and drop on Linux
+ * CVE-2023-23599 (bmo#1777800)
+Malicious command could be hidden in devtools output on
+Windows
+ * CVE-2023-23600 (bmo#1787034)
+Notification permissions persisted between Normal and Private
+Browsing on Android
+ * CVE-2023-23601 (bmo#1794268)
+URL being dragged from cross-origin iframe into same tab
+triggers navigation
+ * CVE-2023-23602 (bmo#1800890)
+Content Security Policy wasn't being correctly applied to
+WebSockets in WebWorkers
+ * CVE-2023-23603 (bmo#1800832)
+Calls to console.log allowed bypasing Content
+Security Policy via format directive
+ * CVE-2023-23604 (bmo#1802346)
+Creation of duplicate SystemPrincipal from less
+secure contexts
+ * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974)
+Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
+ * CVE-2023-23606 (bmo#1764974, bmo#1798591, bmo#1799201,
+bmo#1800446, bmo#1801248, bmo#1802100, bmo#1803393,
+bmo#1804626, bmo#1804971, bmo#1807004)
+Memory safety bugs fixed in Firefox 109
+- requires NSS 3.86
+- rebased patches
+
+---
Old:
firefox-108.0.2.source.tar.xz
firefox-108.0.2.source.tar.xz.asc
l10n-108.0.2.tar.xz
New:
firefox-109.0.source.tar.xz
firefox-109.0.source.tar.xz.asc
l10n-109.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.n9IpN0/_old 2023-01-20 17:36:53.359927000 +0100
+++ /var/tmp/diff_new_pack.n9IpN0/_new 2023-01-20 17:36:53.363927023 +0100
@@ -2,7 +2,7 @@
# spec file
#
# Copyright (c) 2023 SUSE LLC
-# Copyright (c) 2006-2022 Wolfgang Rosenauer
+# Copyright (c) 2006-2023 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 108
-%define mainver%major.0.2
-%define orig_version 108.0.2
+%define major 109
+%define mainver%major.0
+%define orig_version 109.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -120,7 +120,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.85
+BuildRequires: mozilla-nss-devel >= 3.86
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
++ firefox-108.0.2.source.tar.xz -> firefox-109.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-108.0.2.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.32243/firefox-109.0.source.tar.xz
differ: char 15, line 1
++ firefox-kde.patch ++
--- /var/tmp/diff_new_pack.n9IpN0/_old 2023-01-20 17:36:53.499927773 +0100
+++ /var/tmp/diff_new_pack.n9IpN0/_new 2023-01-20 17:36:53.499927773 +0100
@@ -3,7 +3,7 @@
# Date 1559300151 -7200
# Fri May 31 12:55:51 2019 +0200
# Node ID 54d41b0033b8d649d842a1f862c6fed8b9874dec
-# Parent c9baf1c9eb9359b7968a52157e8892cdd20f2c6d
+# Parent 95d798f72d832c953086aa27675498fdf84177f0
How to apply this patch:
1. Import and apply it
2. cp browser/base/content/browser.xul browser/base/content/browser-kde.xul
@@ -14,7 +14,7 @@
diff --git a/browser/components/preferences/main.js
b/browser/components/preferences/main.js
--- a/browser/components/preferences/main.js
+++ b/browser/components/preferences/main.js
-@@ -303,16 +303,23 @@ var gMainPane = {
+@@ -296,16 +296,23 @@ var gMainPane = {
}, backoffTimes[this._backoffIndex + 1 < backoffTimes.length ?
this._backoffIndex++ : backoffTimes.length - 1]);
};
@@ -38,7 +38,7 @@
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2023-01-07 17:16:07
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1563 (New)
Package is "MozillaFirefox"
Sat Jan 7 17:16:07 2023 rev:386 rq:1056394 version:108.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-12-23 10:20:53.719272451 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1563/MozillaFirefox.changes
2023-01-07 17:16:30.669009364 +0100
@@ -1,0 +2,8 @@
+Fri Jan 6 06:57:25 UTC 2023 - Luciano Santos
+
+- Mozilla Firefox 108.0.2
+ * Fixes a crash that might occur when managing browser history
+(bmo#1806408).
+- Drop merged-upstream mozilla-bmo1805809.patch.
+
+---
Old:
firefox-108.0.1.source.tar.xz
firefox-108.0.1.source.tar.xz.asc
l10n-108.0.1.tar.xz
mozilla-bmo1805809.patch
New:
firefox-108.0.2.source.tar.xz
firefox-108.0.2.source.tar.xz.asc
l10n-108.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.PvBCcp/_old 2023-01-07 17:16:45.413097324 +0100
+++ /var/tmp/diff_new_pack.PvBCcp/_new 2023-01-07 17:16:45.421097371 +0100
@@ -1,7 +1,7 @@
#
# spec file
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2006-2022 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 108
-%define mainver%major.0.1
-%define orig_version 108.0.1
+%define mainver%major.0.2
+%define orig_version 108.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -228,7 +228,6 @@
Patch25:one_swizzle_to_rule_them_all.patch
Patch26:svg-rendering.patch
Patch27:mozilla-buildfixes.patch
-Patch28:mozilla-bmo1805809.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
++ firefox-108.0.1.source.tar.xz -> firefox-108.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-108.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1563/firefox-108.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-108.0.1.tar.xz -> l10n-108.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.PvBCcp/_old 2023-01-07 17:16:45.86106 +0100
+++ /var/tmp/diff_new_pack.PvBCcp/_new 2023-01-07 17:16:45.86106 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="108.0.1"
+VERSION="108.0.2"
VERSION_SUFFIX=""
PREV_VERSION="108.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="eebe28618896b353a76ac9c220fd4b96334cd73d"
-RELEASE_TIMESTAMP="20221215175817"
+RELEASE_TAG="a486bbf619936d4f8516c853ea6ffad2d576e2a3"
+RELEASE_TIMESTAMP="20230104165113"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-12-23 10:20:48
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1563 (New)
Package is "MozillaFirefox"
Fri Dec 23 10:20:48 2022 rev:385 rq:1044163 version:108.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-12-21 16:05:50.622296633 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1563/MozillaFirefox.changes
2022-12-23 10:20:53.719272451 +0100
@@ -1,0 +2,5 @@
+Wed Dec 21 16:05:26 UTC 2022 - Wolfgang Rosenauer
+
+- add mozilla-bmo1805809.patch to fix build for x86-32 (boo#1206600)
+
+---
New:
mozilla-bmo1805809.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.oUqPfi/_old 2022-12-23 10:20:56.719289596 +0100
+++ /var/tmp/diff_new_pack.oUqPfi/_new 2022-12-23 10:20:56.723289619 +0100
@@ -228,6 +228,7 @@
Patch25:one_swizzle_to_rule_them_all.patch
Patch26:svg-rendering.patch
Patch27:mozilla-buildfixes.patch
+Patch28:mozilla-bmo1805809.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -250,7 +251,7 @@
%if 0%{?suse_version} < 1220
Obsoletes: libproxy1-pacrunner-mozjs <= 0.4.7
%endif
-ExcludeArch:armv6l armv6hl ppc ppc64 ppc64le %ix86
+ExcludeArch:armv6l armv6hl ppc ppc64 ppc64le
%description
Mozilla Firefox is a standalone web browser, designed for standards
++ mozilla-bmo1805809.patch ++
1991 lines (skipped)
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-12-21 16:05:48
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1835 (New)
Package is "MozillaFirefox"
Wed Dec 21 16:05:48 2022 rev:384 rq:1043934 version:108.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-12-02 13:12:38.465688163 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1835/MozillaFirefox.changes
2022-12-21 16:05:50.622296633 +0100
@@ -1,0 +2,42 @@
+Tue Dec 20 07:58:58 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 108.0.1 (boo#1206507)
+ * Fixes the default search engine being reset on upgrade for
+profiles which were previously copied from a different location
+
+---
+Tue Dec 13 13:54:35 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 108.0
+ https://www.mozilla.org/en-US/firefox/108.0/releasenotes/
+ MFSA 2022-51 (bsc#1206242)
+ * CVE-2022-46871 (bmo#1795697)
+libusrsctp library out of date
+ * CVE-2022-46872 (bmo#1799156)
+Arbitrary file read from a compromised content process
+ * CVE-2022-46873 (bmo#1644790)
+Firefox did not implement the CSP directive unsafe-hashes
+ * CVE-2022-46874 (bmo#1746139)
+Drag and Dropped Filenames could have been truncated to
+malicious extensions
+ * CVE-2022-46875 (bmo#1786188)
+Download Protections were bypassed by .atloc and .ftploc
+files on Mac OS
+ * CVE-2022-46877 (bmo#1795139)
+Fullscreen notification bypass
+ * CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
+bmo#1801102, bmo#1801315, bmo#1802395)
+Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
+ * CVE-2022-46879 (bmo#1736224, bmo#1793407, bmo#1794249, bmo#1795845,
+bmo#1797682, bmo#1797720, bmo#1798494, bmo#1799479)
+Memory safety bugs fixed in Firefox 108
+- requires
+ NSS >= 3.85
+ rustc/cargo 1.65
+
+---
+Thu Dec 8 08:42:14 UTC 2022 - Milachew
+
+- added translations to .desktop file.
+
+---
Old:
firefox-107.0.1.source.tar.xz
firefox-107.0.1.source.tar.xz.asc
l10n-107.0.1.tar.xz
New:
firefox-108.0.1.source.tar.xz
firefox-108.0.1.source.tar.xz.asc
l10n-108.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.bMjOu8/_old 2022-12-21 16:06:04.846373344 +0100
+++ /var/tmp/diff_new_pack.bMjOu8/_new 2022-12-21 16:06:04.850373365 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package MozillaFirefox
+# spec file
#
# Copyright (c) 2022 SUSE LLC
# Copyright (c) 2006-2022 Wolfgang Rosenauer
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 107
+%define major 108
%define mainver%major.0.1
-%define orig_version 107.0.1
+%define orig_version 108.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -99,17 +99,17 @@
BuildRequires: gcc-c++
%endif
%if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300
-BuildRequires: cargo >= 1.61
-BuildRequires: rust >= 1.61
+BuildRequires: cargo >= 1.63
+BuildRequires: rust >= 1.63
%else
# Newer sle/leap/tw use parallel versioned rust releases which have
# a different method for provides that we can use to request a
# specific version
# minimal requirement:
-BuildRequires: rust+cargo >= 1.61
+BuildRequires: rust+cargo >= 1.63
# actually used upstream:
-BuildRequires: cargo1.64
-BuildRequires: rust1.64
+BuildRequires: cargo1.65
+BuildRequires: rust1.65
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -120,7 +120,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.84
+BuildRequires: mozilla-nss-devel >= 3.85
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -128,6 +128,7 @@
BuildRequires: python36
%else
BuildRequires: python3 >= 3.5
+BuildRequires: python3-curses
BuildRequires: python3-devel
%endif
BuildRequires: rust-cbindgen >= 0.24.3
@@ -249,7 +250,7 @@
%if 0%{?suse_version} < 1220
Obsoletes: libproxy1-pacrunner-mozjs <= 0.4.7
%endif
-ExcludeArch:armv6l armv6hl
+ExcludeArch:armv6l armv6hl ppc ppc64 ppc64le %ix86
%description
Mozilla Firefox is a standalone web browser, designed for standards
@@ -372,7 +373,7 @@
export MOZILLA_OFFICIAL=1
export BUILD_OFFICIAL=1
export
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-12-02 13:12:25
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1835 (New)
Package is "MozillaFirefox"
Fri Dec 2 13:12:25 2022 rev:383 rq:1039406 version:107.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-11-17 17:24:00.128905989 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1835/MozillaFirefox.changes
2022-12-02 13:12:38.465688163 +0100
@@ -1,0 +2,14 @@
+Thu Dec 1 21:13:32 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 107.0.1:
+ * Fix an issue with accessing some sites reliably in Private
+Browsing mode or Strict ETP due to anti-adblockers
+(bmo#1717806)
+ * Fix an issue where Color Management was not available for
+some users (bmo#1799391)
+ * Fix an issue with text overlapping in the Settings Menu for
+some locales (bmo#1800379)
+ * Fix an issue where the DevTools UI is not accessible when an
+alert dialog is displayed (bmo#1801840)
+
+---
Old:
firefox-107.0.source.tar.xz
firefox-107.0.source.tar.xz.asc
l10n-107.0.tar.xz
New:
firefox-107.0.1.source.tar.xz
firefox-107.0.1.source.tar.xz.asc
l10n-107.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.0LVEsw/_old 2022-12-02 13:12:52.461765128 +0100
+++ /var/tmp/diff_new_pack.0LVEsw/_new 2022-12-02 13:12:52.465765150 +0100
@@ -1,8 +1,8 @@
#
-# spec file
+# spec file for package MozillaFirefox
#
# Copyright (c) 2022 SUSE LLC
-# 2006-2022 Wolfgang Rosenauer
+# Copyright (c) 2006-2022 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 107
-%define mainver%major.0
-%define orig_version 107.0
+%define mainver%major.0.1
+%define orig_version 107.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-107.0.source.tar.xz -> firefox-107.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-107.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1835/firefox-107.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-107.0.tar.xz -> l10n-107.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.0LVEsw/_old 2022-12-02 13:12:52.933767724 +0100
+++ /var/tmp/diff_new_pack.0LVEsw/_new 2022-12-02 13:12:52.941767768 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="107.0"
+VERSION="107.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="106.0.5"
+PREV_VERSION="107.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="5329e5f08ad8bf97709cddbe37d4d86f5918be9d"
-RELEASE_TIMESTAMP="20221110173214"
+RELEASE_TAG="a9a9c8c68badf2c5ce288111cfa036e332617e63"
+RELEASE_TIMESTAMP="20221128144904"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-11-17 17:23:52
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1597 (New)
Package is "MozillaFirefox"
Thu Nov 17 17:23:52 2022 rev:382 rq:1036230 version:107.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-11-06 12:41:43.693211917 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1597/MozillaFirefox.changes
2022-11-17 17:24:00.128905989 +0100
@@ -1,0 +2,49 @@
+Tue Nov 15 14:22:26 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 107.0
+ MFSA 2022-47 (bsc#1205270)
+ * CVE-2022-45403 (bmo#1762078)
+Service Workers might have learned size of cross-origin media files
+ * CVE-2022-45404 (bmo#1790815)
+Fullscreen notification bypass
+ * CVE-2022-45405 (bmo#1791314)
+Use-after-free in InputStream implementation
+ * CVE-2022-45406 (bmo#1791975)
+Use-after-free of a JavaScript Realm
+ * CVE-2022-45407 (bmo#1793314)
+Loading fonts on workers was not thread-safe
+ * CVE-2022-45408 (bmo#1793829)
+Fullscreen notification bypass via windowName
+ * CVE-2022-45409 (bmo#1796901)
+Use-after-free in Garbage Collection
+ * CVE-2022-45410 (bmo#1658869)
+ServiceWorker-intercepted requests bypassed SameSite cookie policy
+ * CVE-2022-45411 (bmo#1790311)
+Cross-Site Tracing was possible via non-standard override headers
+ * CVE-2022-45412 (bmo#1791029)
+Symlinks may resolve to partially uninitialized buffers
+ * CVE-2022-45413 (bmo#1791201)
+SameSite=Strict cookies could have been sent cross-site via
+intent URLs
+ * CVE-2022-40674 (bmo#1791598)
+Use-after-free vulnerability in expat
+ * CVE-2022-45415 (bmo#1793551)
+Downloaded file may have been saved with malicious extension
+ * CVE-2022-45416 (bmo#1793676)
+Keystroke Side-Channel Leakage
+ * CVE-2022-45417 (bmo#1794508)
+Service Workers in Private Browsing Mode may have been
+written to disk
+ * CVE-2022-45418 (bmo#1795815)
+Custom mouse cursor could have been drawn over browser UI
+ * CVE-2022-45419 (bmo#1716082)
+Deleting a security exception did not take effect immediately
+ * CVE-2022-45420 (bmo#1792643)
+Iframe contents could be rendered outside the iframe
+ * CVE-2022-45421 (bmo#1767920, bmo#1789808, bmo#1794061)
+Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5
+- requires
+ * NSS >= 3.84
+ * rust = 1.64
+
+---
@@ -4 +53 @@
-- Mozilla Firefox 106.0.5:
+- Mozilla Firefox 106.0.5
@@ -7 +56 @@
-- Mozilla Firefox 106.0.4:
+- Mozilla Firefox 106.0.4
Old:
firefox-106.0.5.source.tar.xz
firefox-106.0.5.source.tar.xz.asc
l10n-106.0.5.tar.xz
New:
firefox-107.0.source.tar.xz
firefox-107.0.source.tar.xz.asc
l10n-107.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.fpM6wJ/_old 2022-11-17 17:24:11.672967059 +0100
+++ /var/tmp/diff_new_pack.fpM6wJ/_new 2022-11-17 17:24:11.720967312 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package MozillaFirefox
+# spec file
#
# Copyright (c) 2022 SUSE LLC
# 2006-2022 Wolfgang Rosenauer
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 106
-%define mainver%major.0.5
-%define orig_version 106.0.5
+%define major 107
+%define mainver%major.0
+%define orig_version 107.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -108,8 +108,8 @@
# minimal requirement:
BuildRequires: rust+cargo >= 1.61
# actually used upstream:
-BuildRequires: cargo1.63
-BuildRequires: rust1.63
+BuildRequires: cargo1.64
+BuildRequires: rust1.64
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -120,7 +120,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.83
+BuildRequires: mozilla-nss-devel >= 3.84
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
++ firefox-106.0.5.source.tar.xz -> firefox-107.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-106.0.5.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1597/firefox-107.0.source.tar.xz
differ: char 15, line 1
++ l10n-106.0.5.tar.xz -> l10n-107.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-106.0.5.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1597/l10n-107.0.tar.xz differ:
char 26, line 1
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-11-06 12:41:37
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275 (New)
Package is "MozillaFirefox"
Sun Nov 6 12:41:37 2022 rev:381 rq:1033697 version:106.0.5
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-11-03 19:13:18.715699659 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/MozillaFirefox.changes
2022-11-06 12:41:43.693211917 +0100
@@ -1,0 +2,11 @@
+Sat Nov 5 13:16:42 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 106.0.5:
+ * Addresses a crash experienced by users with Intel Gemini Lake
+CPUs (bmo#1702019)
+- Mozilla Firefox 106.0.4:
+ * Fixed an issue with DRM Video playback (bmo#1797292)
+ * Fixed broken layout of datetime input when switching
+types (bmo#1797139)
+
+---
Old:
firefox-106.0.3.source.tar.xz
firefox-106.0.3.source.tar.xz.asc
l10n-106.0.3.tar.xz
New:
firefox-106.0.5.source.tar.xz
firefox-106.0.5.source.tar.xz.asc
l10n-106.0.5.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.paPEE0/_old 2022-11-06 12:41:58.669301349 +0100
+++ /var/tmp/diff_new_pack.paPEE0/_new 2022-11-06 12:41:58.673301373 +0100
@@ -1,5 +1,5 @@
#
-# spec file
+# spec file for package MozillaFirefox
#
# Copyright (c) 2022 SUSE LLC
# 2006-2022 Wolfgang Rosenauer
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 106
-%define mainver%major.0.3
-%define orig_version 106.0.3
+%define mainver%major.0.5
+%define orig_version 106.0.5
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-106.0.3.source.tar.xz -> firefox-106.0.5.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-106.0.3.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/firefox-106.0.5.source.tar.xz
differ: char 15, line 1
++ l10n-106.0.3.tar.xz -> l10n-106.0.5.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.paPEE0/_old 2022-11-06 12:41:58.977303188 +0100
+++ /var/tmp/diff_new_pack.paPEE0/_new 2022-11-06 12:41:58.981303213 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="106.0.3"
+VERSION="106.0.5"
VERSION_SUFFIX=""
-PREV_VERSION="106.0.2"
+PREV_VERSION="106.0.3"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="caedd2f22aacbb4e78ecc6572ab78395be23b206"
-RELEASE_TIMESTAMP="20221030091646"
+RELEASE_TAG="aaf1f34d6010a4ae9384998d9e2e57911eb28aa7"
+RELEASE_TIMESTAMP="20221104133228"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-11-03 19:13:16
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275 (New)
Package is "MozillaFirefox"
Thu Nov 3 19:13:16 2022 rev:380 rq:1032848 version:106.0.3
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-10-28 19:29:56.210753646 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/MozillaFirefox.changes
2022-11-03 19:13:18.715699659 +0100
@@ -1,0 +2,6 @@
+Tue Nov 1 19:26:39 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 106.0.3
+ * Fixes for other platforms
+
+---
Old:
firefox-106.0.2.source.tar.xz
firefox-106.0.2.source.tar.xz.asc
l10n-106.0.2.tar.xz
New:
firefox-106.0.3.source.tar.xz
firefox-106.0.3.source.tar.xz.asc
l10n-106.0.3.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.uUc5dV/_old 2022-11-03 19:13:31.283773562 +0100
+++ /var/tmp/diff_new_pack.uUc5dV/_new 2022-11-03 19:13:31.291773610 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 106
-%define mainver%major.0.2
-%define orig_version 106.0.2
+%define mainver%major.0.3
+%define orig_version 106.0.3
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-106.0.2.source.tar.xz -> firefox-106.0.3.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-106.0.2.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/firefox-106.0.3.source.tar.xz
differ: char 15, line 1
++ l10n-106.0.2.tar.xz -> l10n-106.0.3.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.uUc5dV/_old 2022-11-03 19:13:31.691775962 +0100
+++ /var/tmp/diff_new_pack.uUc5dV/_new 2022-11-03 19:13:31.695775985 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="106.0.2"
+VERSION="106.0.3"
VERSION_SUFFIX=""
-PREV_VERSION="106.0.1"
+PREV_VERSION="106.0.2"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="4b8c7a7aa1050236c79073316660053902e57715"
-RELEASE_TIMESTAMP="20221025065831"
+RELEASE_TAG="caedd2f22aacbb4e78ecc6572ab78395be23b206"
+RELEASE_TIMESTAMP="20221030091646"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-10-28 19:29:32
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275 (New)
Package is "MozillaFirefox"
Fri Oct 28 19:29:32 2022 rev:379 rq:1031637 version:106.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-10-23 16:33:01.807245552 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/MozillaFirefox.changes
2022-10-28 19:29:56.210753646 +0200
@@ -1,0 +2,12 @@
+Thu Oct 27 18:07:29 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 106.0.2
+ * Fix missing content on some PDF forms (bmo#1794351)
+ * Fix column width for the Notification sub-panel in Settings
+(bmo#1793558)
+ * Fix a browser freeze with accessibility enabled on some sites
+such as the Proxmox Web UI (bmo#1793748)
+ * Fix page reloading not working with Firefox View and not
+refreshing synced data (bmo#1792680, bmo#1794474)
+
+---
Old:
firefox-106.0.1.source.tar.xz
firefox-106.0.1.source.tar.xz.asc
l10n-106.0.1.tar.xz
New:
firefox-106.0.2.source.tar.xz
firefox-106.0.2.source.tar.xz.asc
l10n-106.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.kTb4cO/_old 2022-10-28 19:30:13.486840281 +0200
+++ /var/tmp/diff_new_pack.kTb4cO/_new 2022-10-28 19:30:13.494840321 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 106
-%define mainver%major.0.1
-%define orig_version 106.0.1
+%define mainver%major.0.2
+%define orig_version 106.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-106.0.1.source.tar.xz -> firefox-106.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-106.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/firefox-106.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-106.0.1.tar.xz -> l10n-106.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.kTb4cO/_old 2022-10-28 19:30:14.406844895 +0200
+++ /var/tmp/diff_new_pack.kTb4cO/_new 2022-10-28 19:30:14.414844935 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="106.0.1"
+VERSION="106.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="106.0"
+PREV_VERSION="106.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="4b58b98809817ef444fab57234d4702e4581320d"
-RELEASE_TIMESTAMP="20221019185550"
+RELEASE_TAG="4b8c7a7aa1050236c79073316660053902e57715"
+RELEASE_TIMESTAMP="20221025065831"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-10-23 16:32:45
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275 (New)
Package is "MozillaFirefox"
Sun Oct 23 16:32:45 2022 rev:378 rq:1030584 version:106.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-10-22 14:12:10.768608951 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/MozillaFirefox.changes
2022-10-23 16:33:01.807245552 +0200
@@ -1,0 +2,7 @@
+Sun Oct 23 07:34:50 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 106.0.1
+ * Addresses a crash experienced by users with AMD Zen 1 CPUs
+(bmo#1796126)
+
+---
Old:
firefox-106.0.source.tar.xz
firefox-106.0.source.tar.xz.asc
l10n-106.0.tar.xz
New:
firefox-106.0.1.source.tar.xz
firefox-106.0.1.source.tar.xz.asc
l10n-106.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.yA3uRa/_old 2022-10-23 16:33:14.619277023 +0200
+++ /var/tmp/diff_new_pack.yA3uRa/_new 2022-10-23 16:33:14.623277032 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 106
-%define mainver%major.0
-%define orig_version 106.0
+%define mainver%major.0.1
+%define orig_version 106.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-106.0.source.tar.xz -> firefox-106.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-106.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/firefox-106.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-106.0.tar.xz -> l10n-106.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.yA3uRa/_old 2022-10-23 16:33:15.067278123 +0200
+++ /var/tmp/diff_new_pack.yA3uRa/_new 2022-10-23 16:33:15.071278133 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="106.0"
+VERSION="106.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="105.0.3"
+PREV_VERSION="106.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="eecea05aff4d09b70d13842a8e07160f04ac0349"
-RELEASE_TIMESTAMP="20221010110315"
+RELEASE_TAG="4b58b98809817ef444fab57234d4702e4581320d"
+RELEASE_TIMESTAMP="20221019185550"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-10-22 14:12:03
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275 (New)
Package is "MozillaFirefox"
Sat Oct 22 14:12:03 2022 rev:377 rq:1030290 version:106.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-10-12 18:23:05.201423911 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/MozillaFirefox.changes
2022-10-22 14:12:10.768608951 +0200
@@ -1,0 +2,31 @@
+Sun Oct 16 20:08:21 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 106.0
+ * support editing of PDFs
+ * introduced Firefox View
+ * major WebRTC update
+- Better screen sharing for Windows and Linux Wayland users
+- RTP performance and reliability improvements
+- Richer statistics
+- Cross-browser and service compatibility improvements
+ * detailed releasenotes
+https://www.mozilla.org/en-US/firefox/106.0/releasenotes
+ MFSA 2022-44 (bsc#1204421)
+ * CVE-2022-42927 (bmo#1789128)
+Same-origin policy violation could have leaked cross-origin URLs
+ * CVE-2022-42928 (bmo#1791520)
+Memory Corruption in JS Engine
+ * CVE-2022-42929 (bmo#1789439)
+Denial of Service via window.print
+ * CVE-2022-42930 (bmo#1789503)
+Race condition in DOM Workers
+ * CVE-2022-42931 (bmo#1780571)
+Username saved to a plaintext file on disk
+ * CVE-2022-42932 (bmo#1789729, bmo#1791363, bmo#1792041)
+Memory safety bugs fixed in Firefox
+- added -msse2 flag to fix i386 build and workaround bmo#1795993
+- fixed used buildflags
+- renamed mozilla-i686-build.patch to mozilla-buildfixes.patch
+ as it was extended with changes for other archs
+
+---
Old:
firefox-105.0.3.source.tar.xz
firefox-105.0.3.source.tar.xz.asc
l10n-105.0.3.tar.xz
mozilla-i686-build.patch
New:
firefox-106.0.source.tar.xz
firefox-106.0.source.tar.xz.asc
l10n-106.0.tar.xz
mozilla-buildfixes.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.qtW1rl/_old 2022-10-22 14:12:30.108654784 +0200
+++ /var/tmp/diff_new_pack.qtW1rl/_new 2022-10-22 14:12:30.112654793 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 105
-%define mainver%major.0.3
-%define orig_version 105.0.3
+%define major 106
+%define mainver%major.0
+%define orig_version 106.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -54,8 +54,10 @@
%ifarch %ix86
ExclusiveArch: i586 i686
BuildArch: i686
-%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686
-mtune=generic}
+%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686
-mtune=generic -msse2}
%endif
+%{expand:%%global optflags %(echo "%optflags"|sed -e s/-Werror=return-type//) }
+%{expand:%%global optflags %(echo "%optflags"|sed -e s/-flto=auto//) }
# general build definitions
%define progname firefox
@@ -97,8 +99,8 @@
BuildRequires: gcc-c++
%endif
%if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300
-BuildRequires: cargo >= 1.59
-BuildRequires: rust >= 1.59
+BuildRequires: cargo >= 1.61
+BuildRequires: rust >= 1.61
%else
# Newer sle/leap/tw use parallel versioned rust releases which have
# a different method for provides that we can use to request a
@@ -117,8 +119,8 @@
BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
-BuildRequires: mozilla-nspr-devel >= 4.34.1
-BuildRequires: mozilla-nss-devel >= 3.82
+BuildRequires: mozilla-nspr-devel >= 4.35
+BuildRequires: mozilla-nss-devel >= 3.83
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -224,7 +226,7 @@
Patch23:mozilla-bmo531915.patch
Patch25:one_swizzle_to_rule_them_all.patch
Patch26:svg-rendering.patch
-Patch27:mozilla-i686-build.patch
+Patch27:mozilla-buildfixes.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -362,15 +364,16 @@
cat >> .obsenv.sh <= 12
-export CFLAGS="$CFLAGS -fimplicit-constexpr"
+export CFLAGS="\$CFLAGS -fimplicit-constexpr"
%endif
%endif
%endif
%ifarch %arm %ix86
# Limit RAM usage during link
-export LDFLAGS="${LDFLAGS} -Wl,--no-keep-memory -Wl,--reduce-memory-overheads"
+export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads"
# A lie to prevent -Wl,--gc-sections being set which
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-10-12 18:22:55
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275 (New)
Package is "MozillaFirefox"
Wed Oct 12 18:22:55 2022 rev:376 rq:1009258 version:105.0.3
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-09-10 20:16:53.644767684 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2275/MozillaFirefox.changes
2022-10-12 18:23:05.201423911 +0200
@@ -1,0 +2,57 @@
+Sat Oct 8 13:41:12 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 105.0.3:
+ * Fixes for other platforms
+
+---
+Wed Oct 5 18:27:01 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 105.0.2:
+ * Fixed poor contrast on various menu items with certain
+themes on Linux systems (bmo#1792063)
+ * Fixed the scrollbar appearing on the wrong side of
+`select` elements in right-to-left locales (bmo#1791219)
+ * Fixed a possible deadlock when loading some sites in
+Troubleshoot Mode (bmo#1786259)
+ * Fixed a bug causing some dynamic appearance changes to
+not appear when expected (bmo#1786521)
+ * Fixed a bug causing theme styling to not be properly applied
+to sidebars for some add-ons in Private Browsing Mode
+(bmo#1787543)
+
+---
+Thu Sep 22 22:12:39 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 105.0.1
+ * Reverted focus behavior for new windows back to the content
+area instead of the address bar (bmo#1784692)
+- added mozilla-i686-build.patch to avoid using avx2
+
+---
+Sat Sep 17 21:01:10 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 105.0
+ https://www.mozilla.org/en-US/firefox/105.0/releasenotes
+ MFSA 2022-40 (bsc#1203477)
+ * CVE-2022-40959 (bmo#1782211)
+Bypassing FeaturePolicy restrictions on transient pages
+ * CVE-2022-40960 (bmo#1787633)
+Data-race when parsing non-UTF-8 URLs in threads
+ * CVE-2022-40958 (bmo#1779993)
+Bypassing Secure Context restriction for cookies with __Host
+and __Secure prefix
+ * CVE-2022-40961 (bmo#1784588)
+Stack-buffer overflow when initializing Graphics
+ * CVE-2022-40956 (bmo#1770094)
+Content-Security-Policy base-uri bypass
+ * CVE-2022-40957 (bmo#1777604)
+Incoherent instruction cache when building WASM on ARM64
+ * CVE-2022-40962 (bmo#1767360, bmo#1776655, bmo#1777574,
+bmo#1784835, bmo#1785109, bmo#1786502, bmo#1789440)
+Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3
+- requires
+ NSS 3.82
+ Rust 1.63 (1.61)
+- removed obsolete mozilla-glibc236.patch
+
+---
Old:
firefox-104.0.2.source.tar.xz
firefox-104.0.2.source.tar.xz.asc
l10n-104.0.2.tar.xz
mozilla-glibc236.patch
New:
firefox-105.0.3.source.tar.xz
firefox-105.0.3.source.tar.xz.asc
l10n-105.0.3.tar.xz
mozilla-i686-build.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.P8OrMy/_old 2022-10-12 18:24:01.817565356 +0200
+++ /var/tmp/diff_new_pack.P8OrMy/_new 2022-10-12 18:24:01.821565366 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 104
-%define mainver%major.0.2
-%define orig_version 104.0.2
+%define major 105
+%define mainver%major.0.3
+%define orig_version 105.0.3
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -104,10 +104,10 @@
# a different method for provides that we can use to request a
# specific version
# minimal requirement:
-BuildRequires: rust+cargo >= 1.59
+BuildRequires: rust+cargo >= 1.61
# actually used upstream:
-BuildRequires: cargo1.62
-BuildRequires: rust1.62
+BuildRequires: cargo1.63
+BuildRequires: rust1.63
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -118,7 +118,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.34.1
-BuildRequires: mozilla-nss-devel >= 3.81
+BuildRequires: mozilla-nss-devel >= 3.82
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -224,7 +224,7 @@
Patch23:mozilla-bmo531915.patch
Patch25:one_swizzle_to_rule_them_all.patch
Patch26:svg-rendering.patch
-Patch27:mozilla-glibc236.patch
+Patch27:mozilla-i686-build.patch
# Firefox/browser
Patch101:
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2022-09-10 20:16:51 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083 (New) Package is "MozillaFirefox" Sat Sep 10 20:16:51 2022 rev:375 rq:1002272 version:104.0.2 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2022-09-08 14:21:36.606383258 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083/MozillaFirefox.changes 2022-09-10 20:16:53.644767684 +0200 @@ -1,0 +2,5 @@ +Fri Sep 9 05:59:03 UTC 2022 - Guillaume GARDET + +- Adjust memory requirements to fix build on aarch64 + +--- Other differences: -- ++ MozillaFirefox.spec ++ --- /var/tmp/diff_new_pack.gwFqik/_old 2022-09-10 20:16:56.196774245 +0200 +++ /var/tmp/diff_new_pack.gwFqik/_new 2022-09-10 20:16:56.200774256 +0200 @@ -401,7 +401,7 @@ source ./.obsenv.sh %ifarch aarch64 %arm ppc64 ppc64le -%limit_build -m 2000 +%limit_build -m 2500 %endif # Generating mozconfig ++ _constraints ++ --- /var/tmp/diff_new_pack.gwFqik/_old 2022-09-10 20:16:56.416774812 +0200 +++ /var/tmp/diff_new_pack.gwFqik/_new 2022-09-10 20:16:56.420774822 +0200 @@ -34,7 +34,7 @@ asimdrdm -8 +14
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-09-08 14:21:21
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083 (New)
Package is "MozillaFirefox"
Thu Sep 8 14:21:21 2022 rev:374 rq:1001583 version:104.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-08-27 11:47:55.965561860 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083/MozillaFirefox.changes
2022-09-08 14:21:36.606383258 +0200
@@ -1,0 +2,21 @@
+Wed Sep 7 06:50:24 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 104.0.2 (boo#1203177)
+ https://www.mozilla.org/en-US/firefox/104.0.2/releasenotes/
+ * Fixed a bug making it impossible to use touch or a stylus to
+drag the scrollbar on pages (bmo#1787361)
+ * Fixed an issue causing some users to crash in out-of-memory
+conditions (bmo#1774155)
+ * Fixed an issue that would sometimes affect video & audio playback
+when loaded via a cross-origin iframe src attribute (bmo#1781759)
+ * Fixed an issue that would sometimes affect video & audio playback
+when served with Content-Security-Policy: sandbox (bmo#1781063)
+
+---
+Thu Sep 1 07:04:11 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 104.0.1
+ * Addresses an issue with Youtube video playback that was
+affecting some users (boo#1203003)
+
+---
Old:
firefox-104.0.source.tar.xz
firefox-104.0.source.tar.xz.asc
l10n-104.0.tar.xz
New:
firefox-104.0.2.source.tar.xz
firefox-104.0.2.source.tar.xz.asc
l10n-104.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Y7B8fK/_old 2022-09-08 14:21:50.350417702 +0200
+++ /var/tmp/diff_new_pack.Y7B8fK/_new 2022-09-08 14:21:50.350417702 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 104
-%define mainver%major.0
-%define orig_version 104.0
+%define mainver%major.0.2
+%define orig_version 104.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-104.0.source.tar.xz -> firefox-104.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-104.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083/firefox-104.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-104.0.tar.xz -> l10n-104.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.Y7B8fK/_old 2022-09-08 14:21:50.714418542 +0200
+++ /var/tmp/diff_new_pack.Y7B8fK/_new 2022-09-08 14:21:50.718418551 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="104.0"
+VERSION="104.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="103.0.2"
+PREV_VERSION="104.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="ae56b3bb7fa30ac2160cce6fb65aa95ce6586959"
-RELEASE_TIMESTAMP="20220818191623"
+RELEASE_TAG="a265a43e0445cef2e57a792a0dc6d0429b082736"
+RELEASE_TIMESTAMP="20220902153754"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-08-27 11:47:52
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083 (New)
Package is "MozillaFirefox"
Sat Aug 27 11:47:52 2022 rev:373 rq:999342 version:104.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-08-15 19:56:21.736749305 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083/MozillaFirefox.changes
2022-08-27 11:47:55.965561860 +0200
@@ -1,0 +2,26 @@
+Sun Aug 21 11:12:14 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 104.0
+ * https://www.mozilla.org/en-US/firefox/104.0/releasenotes
+ MFSA 2022-33 (bsc#1202645)
+ * CVE-2022-38472 (bmo#1769155)
+Address bar spoofing via XSLT error handling
+ * CVE-2022-38473 (bmo#1771685)
+Cross-origin XSLT Documents would have inherited the parent's
+permissions
+ * CVE-2022-38474 (bmo#1719511)
+Recording notification not shown when microphone was
+recording on Android
+ * CVE-2022-38475 (bmo#1773266)
+Attacker could write a value to a zero-length array
+ * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363)
+Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
+ * CVE-2022-38478 (bmo#1770630, bmo#1776658)
+Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2,
+and Firefox ESR 91.13
+- requires
+ NSPR 4.34.1
+ NSS 3.81
+ rust 1.62
+
+---
Old:
firefox-103.0.2.source.tar.xz
firefox-103.0.2.source.tar.xz.asc
l10n-103.0.2.tar.xz
New:
firefox-104.0.source.tar.xz
firefox-104.0.source.tar.xz.asc
l10n-104.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.8ySG73/_old 2022-08-27 11:48:07.121588970 +0200
+++ /var/tmp/diff_new_pack.8ySG73/_new 2022-08-27 11:48:07.125588979 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 103
-%define mainver%major.0.2
-%define orig_version 103.0.2
+%define major 104
+%define mainver%major.0
+%define orig_version 104.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -106,8 +106,8 @@
# minimal requirement:
BuildRequires: rust+cargo >= 1.59
# actually used upstream:
-BuildRequires: cargo1.61
-BuildRequires: rust1.61
+BuildRequires: cargo1.62
+BuildRequires: rust1.62
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -117,8 +117,8 @@
BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
-BuildRequires: mozilla-nspr-devel >= 4.34
-BuildRequires: mozilla-nss-devel >= 3.80
+BuildRequires: mozilla-nspr-devel >= 4.34.1
+BuildRequires: mozilla-nss-devel >= 3.81
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
++ firefox-103.0.2.source.tar.xz -> firefox-104.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-103.0.2.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083/firefox-104.0.source.tar.xz
differ: char 15, line 1
++ l10n-103.0.2.tar.xz -> l10n-104.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-103.0.2.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2083/l10n-104.0.tar.xz differ:
char 26, line 1
++ mozilla-kde.patch ++
--- /var/tmp/diff_new_pack.8ySG73/_old 2022-08-27 11:48:07.365589495 +0200
+++ /var/tmp/diff_new_pack.8ySG73/_new 2022-08-27 11:48:07.369589503 +0200
@@ -3,7 +3,7 @@
# Date 1559294891 -7200
# Fri May 31 11:28:11 2019 +0200
# Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112
-# Parent b7a9df31234bb6342e8b01dcfa98b7d8ecdfd1dd
+# Parent 65e96e081f6f4b68d6b7998f4182a3764832c2ce
Description: Add KDE integration to Firefox (toolkit parts)
Author: Wolfgang Rosenauer
Author: Lubos Lunak
@@ -810,7 +810,7 @@
]
elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows":
UNIFIED_SOURCES += [
-@@ -130,16 +132,17 @@ include("/ipc/chromium/chromium-config.m
+@@ -126,16 +128,17 @@ include("/ipc/chromium/chromium-config.m
FINAL_LIBRARY = "xul"
LOCAL_INCLUDES += [
@@ -1166,7 +1166,7 @@
#include "nsISupports.h"
#include "nsString.h"
#include "nsReadableUtils.h"
-@@ -1025,17 +1025,17 @@ nsresult nsOSHelperAppService::GetHandle
+@@ -1102,17 +1102,17 @@ nsresult nsOSHelperAppService::GetHandle
nsresult nsOSHelperAppService::OSProtocolHandlerExists(
const char* aProtocolScheme, bool* aHandlerExists) {
@@ -1185,7 +1185,7 @@
nsCOMPtr handlerSvc =
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2022-08-15 19:56:18 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1521 (New) Package is "MozillaFirefox" Mon Aug 15 19:56:18 2022 rev:372 rq:994938 version:103.0.2 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2022-08-11 18:31:33.862155809 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1521/MozillaFirefox.changes 2022-08-15 19:56:21.736749305 +0200 @@ -1,0 +2,5 @@ +Sat Aug 13 06:25:20 UTC 2022 - Wolfgang Rosenauer + +- added mozilla-glibc236.patch (bmo#1782988, boo#1202323) + +--- New: mozilla-glibc236.patch Other differences: -- ++ MozillaFirefox.spec ++ --- /var/tmp/diff_new_pack.zy1bzI/_old 2022-08-15 19:56:24.348756588 +0200 +++ /var/tmp/diff_new_pack.zy1bzI/_new 2022-08-15 19:56:24.352756599 +0200 @@ -224,6 +224,7 @@ Patch23:mozilla-bmo531915.patch Patch25:one_swizzle_to_rule_them_all.patch Patch26:svg-rendering.patch +Patch27:mozilla-glibc236.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch ++ mozilla-glibc236.patch ++ # HG changeset patch # User Mike Hommey # Date 1660077764 0 # Node ID 970ebbe54477a0e518bfee8aeddf487ad9bd4365 # Parent caca601f2f5e87dd660434f3db2156e950151adb Bug 1782988 - Avoid build bustage when building against glibc 2.36 or newer. r=RyanVM Differential Revision: https://phabricator.services.mozilla.com/D153716 diff --git a/ipc/chromium/src/third_party/libevent/README.mozilla b/ipc/chromium/src/third_party/libevent/README.mozilla --- a/ipc/chromium/src/third_party/libevent/README.mozilla +++ b/ipc/chromium/src/third_party/libevent/README.mozilla @@ -17,11 +17,15 @@ evconfig-private.h can be found in the r You then need to modify the EVENT__SIZEOF_* constants in the generated Linux, Android, and BSD headers to be appropriate for both 32-bit and 64-bit platforms. Mac doesn't need this since only 64-bit is supported. Use __LP64__ to distinguish the two cases. If you get something wrong, the CHECK_EVENT_SIZEOF static assertions in message_pump_libevent.cc will fail. If a new constant is added, also add a static assertion for it to message_pump_libevent.cc. +You also need to modify the EVENT__HAVE_ARC4RANDOM and EVENT__HAVE_ARC4RANDOM_BUF +constants in the generated Linux header to account for the results of the arc4random +and arc4random_buf configure checks. + 2. No additional patches are needed at this time, but be careful to avoid clobbering changes to the various event-config.h files which have been customized over time to avoid various build bustages. diff --git a/ipc/chromium/src/third_party/libevent/linux/event2/event-config.h b/ipc/chromium/src/third_party/libevent/linux/event2/event-config.h --- a/ipc/chromium/src/third_party/libevent/linux/event2/event-config.h +++ b/ipc/chromium/src/third_party/libevent/linux/event2/event-config.h @@ -24,24 +24,28 @@ /* #undef EVENT__DISABLE_THREAD_SUPPORT */ /* Define to 1 if you have the `accept4' function. */ #define EVENT__HAVE_ACCEPT4 1 /* Define to 1 if you have the header file. */ /* #undef EVENT__HAVE_AFUNIX_H 1 */ +#ifdef HAVE_ARC4RANDOM /* Define to 1 if you have the `arc4random' function. */ -/* #undef EVENT__HAVE_ARC4RANDOM */ +#define EVENT__HAVE_ARC4RANDOM 1 +#endif /* Define to 1 if you have the `arc4random_addrandom' function. */ /* #undef EVENT__HAVE_ARC4RANDOM_ADDRANDOM */ +#ifdef HAVE_ARC4RANDOM_BUF /* Define to 1 if you have the `arc4random_buf' function. */ -/* #undef EVENT__HAVE_ARC4RANDOM_BUF */ +#define EVENT__HAVE_ARC4RANDOM_BUF 1 +#endif /* Define to 1 if you have the header file. */ #define EVENT__HAVE_ARPA_INET_H 1 /* Define to 1 if you have the `clock_gettime' function. */ #define EVENT__HAVE_CLOCK_GETTIME 1 /* Define to 1 if you have the declaration of `CTL_KERN', and to 0 if you # HG changeset patch # User Mike Hommey # Date 1660077764 0 # Node ID a61813bd9f0a0048b84a2c56a77a06eb5e269ab2 # Parent 970ebbe54477a0e518bfee8aeddf487ad9bd4365 Bug 1782988 - Fix use of arc4random_buf use in ping.cpp. r=gsvelto The code was probably never built before glibc 2.36, because before that, only Android and some BSDs had arc4random_buf, but none of those actually built this code. Differential Revision: https://phabricator.services.mozilla.com/D154024 diff --git a/toolkit/crashreporter/client/ping.cpp b/toolkit/crashreporter/client/ping.cpp ---
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-08-11 18:31:26
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1521 (New)
Package is "MozillaFirefox"
Thu Aug 11 18:31:26 2022 rev:371 rq:994312 version:103.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-08-03 21:15:53.631315441 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1521/MozillaFirefox.changes
2022-08-11 18:31:33.862155809 +0200
@@ -1,0 +2,13 @@
+Tue Aug 9 08:46:29 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 103.0.2
+ * Fixed menu shortcuts for users of the JAWS screen reader
+ * Fixed an occasional non-overridable certificate error when
+accessing device configuration pages
+
+---
+Tue Aug 2 08:05:28 UTC 2022 - Andreas Schwab
+
+- The --disable-elf-hack option only exists on ARM and X86
+
+---
Old:
firefox-103.0.1.source.tar.xz
firefox-103.0.1.source.tar.xz.asc
l10n-103.0.1.tar.xz
New:
firefox-103.0.2.source.tar.xz
firefox-103.0.2.source.tar.xz.asc
l10n-103.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.jELHYk/_old 2022-08-11 18:31:46.862186240 +0200
+++ /var/tmp/diff_new_pack.jELHYk/_new 2022-08-11 18:31:46.870186258 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 103
-%define mainver%major.0.1
-%define orig_version 103.0.1
+%define mainver%major.0.2
+%define orig_version 103.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -429,7 +429,7 @@
ac_add_options --disable-install-strip
# building with elf-hack started to fail everywhere with FF73
#%if 0%{?suse_version} > 1549
-%ifnarch aarch64 ppc64 ppc64le s390x
+%ifarch %arm %ix86 x86_64
ac_add_options --disable-elf-hack
%endif
#%endif
++ firefox-103.0.1.source.tar.xz -> firefox-103.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-103.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1521/firefox-103.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-103.0.1.tar.xz -> l10n-103.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-103.0.1.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1521/l10n-103.0.2.tar.xz differ:
char 26, line 1
++ tar_stamps ++
--- /var/tmp/diff_new_pack.jELHYk/_old 2022-08-11 18:31:47.266187185 +0200
+++ /var/tmp/diff_new_pack.jELHYk/_new 2022-08-11 18:31:47.270187195 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="103.0.1"
+VERSION="103.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="103.0"
+PREV_VERSION="103.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="75b273b771873e3ac88c0084606491108201afe6"
-RELEASE_TIMESTAMP="20220729222726"
+RELEASE_TAG="97d08aedd7235666566f23d51b4a966a0be0bc42"
+RELEASE_TIMESTAMP="20220808125904"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-08-03 21:15:49
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533 (New)
Package is "MozillaFirefox"
Wed Aug 3 21:15:49 2022 rev:370 rq:992040 version:103.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-07-11 19:07:59.327489795 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/MozillaFirefox.changes
2022-08-03 21:15:53.631315441 +0200
@@ -1,0 +2,44 @@
+Mon Aug 1 10:45:16 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 103.0.1
+ * Enabled hardware acceleration on newer AMD cards.
+ * Fixed a crash on Firefox shutdown caused by a bug in the
+audio manager
+
+---
+Wed Jul 27 07:13:07 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 103.0
+ https://www.mozilla.org/en-US/firefox/103.0/releasenotes
+ MFSA 2022-28 (bsc#1201758)
+ * CVE-2022-36319 (bmo#1737722)
+Mouse Position spoofing with CSS transforms
+ * CVE-2022-36317 (bmo#1759951)
+Long URL would hang Firefox for Android
+ * CVE-2022-36318 (bmo#1771774)
+Directory indexes for bundled resources reflected URL
+parameters
+ * CVE-2022-36314 (bmo#1773894)
+Opening local .lnk files could cause unexpected
+network loads
+ * CVE-2022-36315 (bmo#1762520)
+Preload Cache Bypasses Subresource Integrity
+ * CVE-2022-36316 (bmo#1768583)
+Performance API leaked whether a cross-site resource is
+redirecting
+ * CVE-2022-36320 (bmo#1759794, bmo#1760998)
+Memory safety bugs fixed in Firefox 103
+ * CVE-2022-2505 (bmo#1769739, bmo#1772824)
+Memory safety bugs fixed in Firefox 103 and 102.1
+- requires
+ NSS >= 3.80
+ rust = 1.61
+ rust-cbindgen >= 0.24.3
+
+---
+Wed Jul 13 07:54:21 UTC 2022 - Guillaume GARDET
+
+- Move %limit_build set before mozilla config to actually set the
+ value of %jobs to MOZ_MAKE_FLAGS to fix build on aarch64
+
+---
Old:
firefox-102.0.1.source.tar.xz
firefox-102.0.1.source.tar.xz.asc
l10n-102.0.1.tar.xz
New:
firefox-103.0.1.source.tar.xz
firefox-103.0.1.source.tar.xz.asc
l10n-103.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.ywN5Fj/_old 2022-08-03 21:16:04.407343722 +0200
+++ /var/tmp/diff_new_pack.ywN5Fj/_new 2022-08-03 21:16:04.411343733 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 102
+%define major 103
%define mainver%major.0.1
-%define orig_version 102.0.1
+%define orig_version 103.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -106,8 +106,8 @@
# minimal requirement:
BuildRequires: rust+cargo >= 1.59
# actually used upstream:
-BuildRequires: cargo1.60
-BuildRequires: rust1.60
+BuildRequires: cargo1.61
+BuildRequires: rust1.61
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -118,7 +118,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.34
-BuildRequires: mozilla-nss-devel >= 3.79
+BuildRequires: mozilla-nss-devel >= 3.80
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -128,7 +128,7 @@
BuildRequires: python3 >= 3.5
BuildRequires: python3-devel
%endif
-BuildRequires: rust-cbindgen >= 0.23.0
+BuildRequires: rust-cbindgen >= 0.24.3
BuildRequires: unzip
BuildRequires: update-desktop-files
BuildRequires: xorg-x11-libXt-devel
@@ -399,6 +399,10 @@
# Done with env-variables.
source ./.obsenv.sh
+%ifarch aarch64 %arm ppc64 ppc64le
+%limit_build -m 2000
+%endif
+
# Generating mozconfig
cat << EOF > $MOZCONFIG
mk_add_options MOZILLA_OFFICIAL=1
@@ -491,9 +495,6 @@
cat ./.obsenv.sh
cat $MOZCONFIG
%else
-%ifarch aarch64 %arm ppc64 ppc64le
-%limit_build -m 2000
-%endif
%if 0%{useccache} != 0
ccache -s
++ firefox-102.0.1.source.tar.xz -> firefox-103.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-102.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/firefox-103.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-102.0.1.tar.xz -> l10n-103.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-102.0.1.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1533/l10n-103.0.1.tar.xz differ:
char 26, line 1
++ mozilla-kde.patch ++
---
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2022-07-11 19:07:57 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1523 (New) Package is "MozillaFirefox" Mon Jul 11 19:07:57 2022 rev:369 rq:988096 version:102.0.1 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2022-06-17 21:22:11.550762948 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1523/MozillaFirefox.changes 2022-07-11 19:07:59.327489795 +0200 @@ -1,0 +2,87 @@ +Wed Jul 6 18:35:47 UTC 2022 - Andreas Stieger + +- Firefox 102.0.1: + * Fixed: Fixed bookmarks sidebar flashing white when opened in +dark mode (bmo#1776157) + * Fixed: Fixed multilingual spell checking not working with +content in both English and a non-Latin alphabet +(bmo#1773802) + * Fixed: Developer tools: Fixed an issue where the console +output keep getting scrolled to the bottom when the last +visible message is an evaluation result (bmo#1776262) + * Fixed: Fixed *Delete cookies and site data when Firefox is +closed* checkbox getting disabled on startup (bmo#1777419) + * Fixed: Various stability fixes + +--- +Sat Jun 25 12:51:46 UTC 2022 - Wolfgang Rosenauer + +- Firefox 102.0 + * You can now disable automatic opening of the download panel +every time a new download starts + * Firefox now mitigates query parameter tracking when navigating +sites in ETP strict mode + * Improved security by moving audio decoding into a separate +process with stricter sandboxing, thus improving process isolation + * https://www.mozilla.org/en-US/firefox/102.0/releasenotes + MFSA 2022-24 (bsc#1200793) + * CVE-2022-34479 (bmo#1745595) +A popup window could be resized in a way to overlay the +address bar with web content + * CVE-2022-34470 (bmo#1765951) +Use-after-free in nsSHistory + * CVE-2022-34468 (bmo#1768537) +CSP sandbox header without `allow-scripts` can be bypassed +via retargeted javascript: URI + * CVE-2022-34482 (bmo#845880) +Drag and drop of malicious image could have led to malicious +executable and potential code execution + * CVE-2022-34483 (bmo#1335845) +Drag and drop of malicious image could have led to malicious +executable and potential code execution + * CVE-2022-34476 (bmo#1387919) +ASN.1 parser could have been tricked into accepting malformed ASN.1 + * CVE-2022-34481 (bmo#1483699, bmo#1497246) +Potential integer overflow in ReplaceElementsAt + * CVE-2022-34474 (bmo#1677138) +Sandboxed iframes could redirect to external schemes + * CVE-2022-34469 (bmo#1721220) +TLS certificate errors on HSTS-protected domains could be +bypassed by the user on Firefox for Android + * CVE-2022-34471 (bmo#1766047) +Compromised server could trick a browser into an addon downgrade + * CVE-2022-34472 (bmo#1770123) +Unavailable PAC file resulted in OCSP requests being blocked + * CVE-2022-34478 (bmo#1773717) +Microsoft protocols can be attacked if a user accepts a prompt + * CVE-2022-2200 (bmo#1771381) +Undesired attributes could be set as part of prototype pollution + * CVE-2022-34480 (bmo#1454072) +Free of uninitialized pointer in lg_init + * CVE-2022-34477 (bmo#1731614) +MediaError message property leaked information on cross- +origin same-site pages + * CVE-2022-34475 (bmo#1757210) +HTML Sanitizer could have been bypassed via same-origin +script via use tags + * CVE-2022-34473 (bmo#1770888) +HTML Sanitizer could have been bypassed via use tags + * CVE-2022-34484 (bmo#1763634, bmo#1772651) +Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 + * CVE-2022-34485 (bmo#1768409, bmo#1768578) +Memory safety bugs fixed in Firefox 102 +- requires + NSPR >= 4.34 + NSS >= 3.79 + rust = 1.60 +- switch out skia-patches with webrender-patches for big endian + removed: + * mozilla-bmo1504834-part2.patch + * mozilla-bmo1504834-part4.patch + * mozilla-bmo1626236.patch + added: + * one_swizzle_to_rule_them_all.patch + * svg-rendering.patch +- add some more returns to the no-return-patch + +--- Old: firefox-101.0.1.source.tar.xz firefox-101.0.1.source.tar.xz.asc l10n-101.0.1.tar.xz mozilla-bmo1504834-part2.patch mozilla-bmo1504834-part4.patch mozilla-bmo1626236.patch New: firefox-102.0.1.source.tar.xz firefox-102.0.1.source.tar.xz.asc l10n-102.0.1.tar.xz one_swizzle_to_rule_them_all.patch svg-rendering.patch Other differences:
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-06-17 21:19:58
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1548 (New)
Package is "MozillaFirefox"
Fri Jun 17 21:19:58 2022 rev:368 rq:982081 version:101.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-06-02 21:53:56.120347657 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1548/MozillaFirefox.changes
2022-06-17 21:22:11.550762948 +0200
@@ -1,0 +2,8 @@
+Fri Jun 10 20:45:37 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 101.0.1:
+ * Fixed context menus not appearing when right-clicking
+Picture-in-Picture windows on some Linux systems (bmo#1771914)
+ * Various stability fixes
+
+---
Old:
firefox-101.0.source.tar.xz
firefox-101.0.source.tar.xz.asc
l10n-101.0.tar.xz
New:
firefox-101.0.1.source.tar.xz
firefox-101.0.1.source.tar.xz.asc
l10n-101.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.LZUo16/_old 2022-06-17 21:22:22.242768745 +0200
+++ /var/tmp/diff_new_pack.LZUo16/_new 2022-06-17 21:22:22.250768750 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 101
-%define mainver%major.0
-%define orig_version 101.0
+%define mainver%major.0.1
+%define orig_version 101.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-101.0.source.tar.xz -> firefox-101.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-101.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1548/firefox-101.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-101.0.tar.xz -> l10n-101.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.LZUo16/_old 2022-06-17 21:22:22.594768937 +0200
+++ /var/tmp/diff_new_pack.LZUo16/_new 2022-06-17 21:22:22.598768938 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="101.0"
+VERSION="101.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="100.0.2"
+PREV_VERSION="101.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="bd46064a613aac667555769b4c804a3d757cb7c5"
-RELEASE_TIMESTAMP="20220526203855"
+RELEASE_TAG="c66093146ac832a0748f0f8a31139664abf73a42"
+RELEASE_TIMESTAMP="20220608170832"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-06-02 21:53:45
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1548 (New)
Package is "MozillaFirefox"
Thu Jun 2 21:53:45 2022 rev:367 rq:980191 version:101.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-05-21 19:05:53.967274081 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1548/MozillaFirefox.changes
2022-06-02 21:53:56.120347657 +0200
@@ -1,0 +2,49 @@
+Sun May 29 08:02:45 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 101.0
+ * Reading is now easier with the prefers-contrast media query,
+which allows sites to detect if the user has requested that web
+content is presented with a higher (or lower) contrast
+ * All non-configured MIME types can now be assigned a custom
+action upon download completion
+ * allows users to use as many microphones as you want, at the
+same time, during video conferencing. The most exciting benefit
+is that you can easily switch your microphones at any time
+(if your conferencing service provider enables this flexibility)
+ MFSA 2022-20 (bsc#1200027)
+ * CVE-2022-31736 (bmo#1735923)
+Cross-Origin resource's length leaked
+ * CVE-2022-31737 (bmo#1743767)
+Heap buffer overflow in WebGL
+ * CVE-2022-31738 (bmo#1756388)
+Browser window spoof using fullscreen mode
+ * CVE-2022-31739 (bmo#1765049)
+Attacker-influenced path traversal when saving downloaded files
+ * CVE-2022-31740 (bmo#1766806)
+Register allocation problem in WASM on arm64
+ * CVE-2022-31741 (bmo#1767590)
+Uninitialized variable leads to invalid memory read
+ * CVE-2022-31742 (bmo#1730434)
+Querying a WebAuthn token with a large number of allowCredential
+entries may have leaked cross-origin information
+ * CVE-2022-31743 (bmo#1747388)
+HTML Parsing incorrectly ended HTML comments prematurely
+ * CVE-2022-31744 (bmo#1757604)
+CSP bypass enabling stylesheet injection
+ * CVE-2022-31745 (bmo#1760944)
+Incorrect Assertion caused by unoptimized array shift operations
+ * CVE-2022-1919 (bmo#1761275)
+Memory Corruption when manipulating webp images
+ * CVE-2022-31747 (bmo#1760765, bmo#1765610, bmo#1766283,
+bmo#1767365, bmo#1768559, bmo#1768734)
+Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
+ * CVE-2022-31748 (bmo#1713773, bmo#1762201, bmo#1762469,
+bmo#1762770, bmo#1764878, bmo#1765226, bmo#1765782, bmo#1765973,
+bmo#1767177, bmo#1767181, bmo#1768232, bmo#1768251, bmo#1769869)
+Memory safety bugs fixed in Firefox 101
+- requires
+ * NSS 3.78.1
+ * rust-cbindgen 0.23.0
+ * rust 1.59
+
+---
Old:
firefox-100.0.2.source.tar.xz
firefox-100.0.2.source.tar.xz.asc
l10n-100.0.2.tar.xz
New:
firefox-101.0.source.tar.xz
firefox-101.0.source.tar.xz.asc
l10n-101.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.iVBEm0/_old 2022-06-02 21:54:05.308359355 +0200
+++ /var/tmp/diff_new_pack.iVBEm0/_new 2022-06-02 21:54:05.312359360 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 100
-%define mainver%major.0.2
-%define orig_version 100.0.2
+%define major 101
+%define mainver%major.0
+%define orig_version 101.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -103,7 +103,7 @@
# Newer sle/leap/tw use parallel versioned rust releases which have
# a different method for provides that we can use to request a
# specific version
-BuildRequires: rust+cargo >= 1.57
+BuildRequires: rust+cargo >= 1.59
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.33
-BuildRequires: mozilla-nss-devel >= 3.77
+BuildRequires: mozilla-nss-devel >= 3.78.1
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -124,7 +124,7 @@
BuildRequires: python3 >= 3.5
BuildRequires: python3-devel
%endif
-BuildRequires: rust-cbindgen >= 0.19.0
+BuildRequires: rust-cbindgen >= 0.23.0
BuildRequires: unzip
BuildRequires: update-desktop-files
BuildRequires: xorg-x11-libXt-devel
++ firefox-100.0.2.source.tar.xz -> firefox-101.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-100.0.2.source.tar.xz
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-05-21 19:05:45
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1538 (New)
Package is "MozillaFirefox"
Sat May 21 19:05:45 2022 rev:366 rq:978314 version:100.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-05-06 18:58:45.085318022 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1538/MozillaFirefox.changes
2022-05-21 19:05:53.967274081 +0200
@@ -1,0 +2,20 @@
+Fri May 20 15:03:50 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 100.0.2
+ MFSA 2022-19 (bsc#1199768)
+ * CVE-2022-1802 (bmo#1770137)
+Prototype pollution in Top-Level Await implementation
+ * CVE-2022-1529 (bmo#1770048)
+Untrusted input used in JavaScript object indexing, leading
+to prototype pollution
+
+---
+Wed May 18 20:27:49 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 100.0.1:
+ * Fixed: Fixed an issue with subtitles in Picture-in-Picture
+mode while using Netflix (bmo#1768818)
+ * Fixed: Fixed an issue where some commands were unavailable in
+the Picture-in-Picture window (bmo#1768201)
+
+---
Old:
firefox-100.0.source.tar.xz
firefox-100.0.source.tar.xz.asc
l10n-100.0.tar.xz
New:
firefox-100.0.2.source.tar.xz
firefox-100.0.2.source.tar.xz.asc
l10n-100.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.aiMQcD/_old 2022-05-21 19:06:15.075304665 +0200
+++ /var/tmp/diff_new_pack.aiMQcD/_new 2022-05-21 19:06:15.079304671 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 100
-%define mainver%major.0
-%define orig_version 100.0
+%define mainver%major.0.2
+%define orig_version 100.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ create-tar.sh ++
--- /var/tmp/diff_new_pack.aiMQcD/_old 2022-05-21 19:06:15.199304845 +0200
+++ /var/tmp/diff_new_pack.aiMQcD/_new 2022-05-21 19:06:15.203304851 +0200
@@ -37,7 +37,6 @@
fi
SOURCE_TARBALL="$PRODUCT-$VERSION$VERSION_SUFFIX.source.tar.xz"
-PREV_SOURCE_TARBALL="$PRODUCT-$PREV_VERSION$PREV_VERSION_SUFFIX.source.tar.xz"
FTP_URL="https://ftp.mozilla.org/pub/$PRODUCT/releases/$VERSION$VERSION_SUFFIX/source;
FTP_CANDIDATES_BASE_URL="https://ftp.mozilla.org/pub/$PRODUCT/candidates;
# Make first letter of PRODCUT upper case
@@ -146,48 +145,22 @@
fi
}
-function locales_parse_file() {
- FILE="$1"
- cat "$FILE" | python -c "import json; import sys; \
- print('\n'.join(['{} {}'.format(key, value['revision']) \
-for key, value in sorted(json.load(sys.stdin).items())]));"
-}
-
-function locales_parse_url() {
+function locales_parse() {
URL="$1"
curl -s "$URL" | python -c "import json; import sys; \
print('\n'.join(['{} {}'.format(key, value['changeset']) \
for key, value in
sorted(json.load(sys.stdin)['locales'].items())]));"
}
-function extract_locales_file() {
-# still need to extract the locale information from the archive
-echo "extract locale changesets"
-tar -xf $SOURCE_TARBALL $LOCALE_FILE
-}
-
function locales_unchanged() {
BUILD_ID="$1"
PREV_BUILD_ID=$(get_build_number "$PREV_VERSION$PREV_VERSION_SUFFIX")
# If no json-file for one of the versions can be found, we say "they changed"
prev_url=$(locales_get "$PREV_VERSION$PREV_VERSION_SUFFIX" "$PREV_BUILD_ID")
|| return 1
- prev_content=$(locales_parse_url "$prev_url") || exit 1
+ curr_url=$(locales_get "$VERSION$VERSION_SUFFIX" "$BUILD_ID") ||
return 1
- curr_url=$(locales_get "$VERSION$VERSION_SUFFIX" "$BUILD_ID")
- if [ $? -ne 0 ]; then
-# We did not find a locales file upstream on the servers
-if [ -e $SOURCE_TARBALL ]; then
-# We can find out what the locales are, by extracting the json-file
from the tar-ball
-# instead of getting it from the server
-extract_locales_file || return 1
-curr_content=$(locales_parse_file "$LOCALE_FILE") || exit 1
- else
-# We can't know what the locales are in the current version
-return 1
- fi
- else
-curr_content=$(locales_parse_url "$curr_url") || exit 1
- fi
+ prev_content=$(locales_parse "$prev_url") || exit 1
+ curr_content=$(locales_parse "$curr_url") || exit 1
diff -y --suppress-common-lines -d <(echo "$prev_content") <(echo
"$curr_content")
}
@@ -238,7 +211,9 @@
# we
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-05-06 18:58:30
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1538 (New)
Package is "MozillaFirefox"
Fri May 6 18:58:30 2022 rev:365 rq:974815 version:100.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-04-16 00:13:44.837608886 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1538/MozillaFirefox.changes
2022-05-06 18:58:45.085318022 +0200
@@ -1,0 +2,33 @@
+Sun May 1 21:31:01 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 100.0
+ * subtitle support in PiP
+ * spell checking supports multiple languages in parallel
+ * more details here
+https://www.mozilla.org/en-US/firefox/100.0/releasenotes
+ MFSA 2022-16 (boo#1198970)
+ * CVE-2022-29914 (bmo#1746448)
+Fullscreen notification bypass using popups
+ * CVE-2022-29909 (bmo#1755081)
+Bypassing permission prompt in nested browsing contexts
+ * CVE-2022-29916 (bmo#1760674)
+Leaking browser history with CSS variables
+ * CVE-2022-29911 (bmo#1761981)
+iframe Sandbox bypass
+ * CVE-2022-29912 (bmo#1692655)
+Reader mode bypassed SameSite cookies
+ * CVE-2022-29910 (bmo#1757138)
+Firefox for Android forgot HTTP Strict Transport Security
+settings
+ * CVE-2022-29915 (bmo#1751678)
+Leaking cross-origin redirect through the Performance API
+ * CVE-2022-29917 (bmo#1684739, bmo#1706441, bmo#1753298,
+bmo#1762614, bmo#1762620, bmo#1764778)
+Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
+ * CVE-2022-29918 (bmo#1744043, bmo#1747178, bmo#1753535,
+bmo#1754017, bmo#1755847, bmo#1756172, bmo#1757477,
+bmo#1758223, bmo#1760160, bmo#1761481, bmo#1761771)
+Memory safety bugs fixed in Firefox 100
+- requires NSS 3.77
+
+---
Old:
firefox-99.0.1.source.tar.xz
firefox-99.0.1.source.tar.xz.asc
l10n-99.0.1.tar.xz
New:
firefox-100.0.source.tar.xz
firefox-100.0.source.tar.xz.asc
l10n-100.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.H6IsWn/_old 2022-05-06 18:58:55.289329185 +0200
+++ /var/tmp/diff_new_pack.H6IsWn/_new 2022-05-06 18:58:55.301329199 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 99
-%define mainver%major.0.1
-%define orig_version 99.0.1
+%define major 100
+%define mainver%major.0
+%define orig_version 100.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.33
-BuildRequires: mozilla-nss-devel >= 3.76.1
+BuildRequires: mozilla-nss-devel >= 3.77
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
++ firefox-99.0.1.source.tar.xz -> firefox-100.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-99.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1538/firefox-100.0.source.tar.xz
differ: char 15, line 1
++ l10n-99.0.1.tar.xz -> l10n-100.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-99.0.1.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1538/l10n-100.0.tar.xz differ:
char 27, line 1
++ tar_stamps ++
--- /var/tmp/diff_new_pack.H6IsWn/_old 2022-05-06 18:58:55.705329641 +0200
+++ /var/tmp/diff_new_pack.H6IsWn/_new 2022-05-06 18:58:55.705329641 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="99.0.1"
+VERSION="100.0"
VERSION_SUFFIX=""
-PREV_VERSION="99.0"
+PREV_VERSION="99.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="0f814a8ab240bb6df6bbc5a88865f979e03f0f68"
-RELEASE_TIMESTAMP="20220411174855"
+RELEASE_TAG="1c7f7adc90e2b4c8d64548938bb1499033c5be8f"
+RELEASE_TIMESTAMP="20220428192727"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-04-16 00:13:26
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1941 (New)
Package is "MozillaFirefox"
Sat Apr 16 00:13:26 2022 rev:364 rq:969574 version:99.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-04-08 00:27:12.482666195 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1941/MozillaFirefox.changes
2022-04-16 00:13:44.837608886 +0200
@@ -1,0 +2,11 @@
+Tue Apr 12 19:30:30 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 99.0.1
+ * Fixed an issue with text rendering in Bengali (bmo#1763368)
+ * Fixed a selection issue in the Download panel with drag and
+drop (bmo#1762723)
+ * Fixed: Fixed an issue preventing Zoom gallery mode for users
+who go to zoom.us URLs instead of subdomain.zoom.us URLs
+(bmo#1763801)
+
+---
Old:
firefox-99.0.source.tar.xz
firefox-99.0.source.tar.xz.asc
l10n-99.0.tar.xz
New:
firefox-99.0.1.source.tar.xz
firefox-99.0.1.source.tar.xz.asc
l10n-99.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.bbtzlw/_old 2022-04-16 00:13:57.589625913 +0200
+++ /var/tmp/diff_new_pack.bbtzlw/_new 2022-04-16 00:13:57.593625919 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 99
-%define mainver%major.0
-%define orig_version 99.0
+%define mainver%major.0.1
+%define orig_version 99.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-99.0.source.tar.xz -> firefox-99.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-99.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1941/firefox-99.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-99.0.tar.xz -> l10n-99.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.bbtzlw/_old 2022-04-16 00:13:57.945626389 +0200
+++ /var/tmp/diff_new_pack.bbtzlw/_new 2022-04-16 00:13:57.949626394 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="99.0"
+VERSION="99.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="98.0.2"
+PREV_VERSION="99.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="384926270a61c2dd2101752565a6175de3d62781"
-RELEASE_TIMESTAMP="20220330194208"
+RELEASE_TAG="0f814a8ab240bb6df6bbc5a88865f979e03f0f68"
+RELEASE_TIMESTAMP="20220411174855"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-04-08 00:26:53
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1900 (New)
Package is "MozillaFirefox"
Fri Apr 8 00:26:53 2022 rev:363 rq:967154 version:99.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-03-28 17:00:29.668963938 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1900/MozillaFirefox.changes
2022-04-08 00:27:12.482666195 +0200
@@ -1,0 +2,45 @@
+Mon Apr 4 07:34:36 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 99.0
+ * You can now toggle Narrate in ReaderMode with the keyboard
+shortcut "n."
+ * You can find added support for search???with or without
+diacritics???in the PDF viewer.
+ * The Linux sandbox has been strengthened: processes exposed to web
+content no longer have access to the X Window system (X11).
+ * Firefox now supports credit card autofill and capture in
+Germany and France.
+ MFSA 2022-13 (bsc#1197903)
+ * CVE-2022-1097 (bmo#1745667)
+Use-after-free in NSSToken objects
+ * CVE-2022-28281 (bmo#1755621)
+Out of bounds write due to unexpected WebAuthN Extensions
+ * CVE-2022-28282 (bmo#1751609)
+Use-after-free in DocumentL10n::TranslateDocument
+ * CVE-2022-28283 (bmo#1754066)
+Missing security checks for fetching sourceMapURL
+ * CVE-2022-28284 (bmo#1754522)
+Script could be executed via svg's use element
+ * CVE-2022-28285 (bmo#1756957)
+Incorrect AliasSet used in JIT Codegen
+ * CVE-2022-28286 (bmo#1735265)
+iframe contents could be rendered outside the border
+ * CVE-2022-28287 (bmo#1741515)
+Text Selection could crash Firefox
+ * CVE-2022-24713 (bmo#1758509)
+Denial of Service via complex regular expressions
+ * CVE-2022-28289 (bmo#1663508, bmo#1744525, bmo#1753508,
+bmo#1757476, bmo#1757805, bmo#1758549, bmo#1758776)
+Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
+ * CVE-2022-28288 (bmo#1746415, bmo#1746495, bmo#1746500,
+bmo#1747282, bmo#1748759, bmo#1749056, bmo#1749786,
+bmo#1751679, bmo#1752120, bmo#1756010, bmo#1756017,
+bmo#1757213, bmo#1757258, bmo#1757427)
+Memory safety bugs fixed in Firefox 99
+- requires NSS >= 3.76.1
+- remove obsolete patch
+ * mozilla-bmo1756347.patch
+ * mozilla-bmo1757571.patch
+- update create-tar.sh
+
+---
Old:
firefox-98.0.2.source.tar.xz
firefox-98.0.2.source.tar.xz.asc
l10n-98.0.2.tar.xz
mozilla-bmo1756347.patch
mozilla-bmo1757571.patch
New:
firefox-99.0.source.tar.xz
firefox-99.0.source.tar.xz.asc
l10n-99.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.mvbZIu/_old 2022-04-08 00:27:27.362499189 +0200
+++ /var/tmp/diff_new_pack.mvbZIu/_new 2022-04-08 00:27:27.378499009 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 98
-%define mainver%major.0.2
-%define orig_version 98.0.2
+%define major 99
+%define mainver%major.0
+%define orig_version 99.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.33
-BuildRequires: mozilla-nss-devel >= 3.75
+BuildRequires: mozilla-nss-devel >= 3.76.1
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -219,8 +219,6 @@
Patch21:mozilla-libavcodec58_91.patch
Patch22:mozilla-silence-no-return-type.patch
Patch23:mozilla-bmo531915.patch
-Patch24:mozilla-bmo1756347.patch
-Patch25:mozilla-bmo1757571.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
++ create-tar.sh ++
--- /var/tmp/diff_new_pack.mvbZIu/_old 2022-04-08 00:27:27.654495911 +0200
+++ /var/tmp/diff_new_pack.mvbZIu/_new 2022-04-08 00:27:27.686495552 +0200
@@ -37,6 +37,7 @@
fi
SOURCE_TARBALL="$PRODUCT-$VERSION$VERSION_SUFFIX.source.tar.xz"
+PREV_SOURCE_TARBALL="$PRODUCT-$PREV_VERSION$PREV_VERSION_SUFFIX.source.tar.xz"
FTP_URL="https://ftp.mozilla.org/pub/$PRODUCT/releases/$VERSION$VERSION_SUFFIX/source;
FTP_CANDIDATES_BASE_URL="https://ftp.mozilla.org/pub/$PRODUCT/candidates;
# Make first letter of PRODCUT upper case
@@ -145,22 +146,48 @@
fi
}
-function locales_parse() {
+function locales_parse_file() {
+ FILE="$1"
+ cat "$FILE" | python -c "import json; import
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-03-28 16:59:45
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1900 (New)
Package is "MozillaFirefox"
Mon Mar 28 16:59:45 2022 rev:362 rq:964778 version:98.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-03-13 20:24:18.559594833 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1900/MozillaFirefox.changes
2022-03-28 17:00:29.668963938 +0200
@@ -1,0 +2,45 @@
+Thu Mar 24 21:49:57 UTC 2022 - Andreas Stieger
+
+- MozillaFirefox 98.0.2:
+ * Fixed: Fixed an issue preventing users from typing in Address
+Bar after opening new tab and pressing cmd + enter
+(bmo#1757376)
+ * Fixed: Fixed an issue causing some users to crash in out-of-
+memory conditions (bmo#1757618)
+ * Fixed: Fixed an issue in session history which caused some
+sites to fail to load (bmo#1758664)
+ * Fixed: Fixed an add-on specific compatibility issue
+(bmo#1759162)
+
+---
+Wed Mar 23 15:14:22 UTC 2022 - Simon Vogl
+
+- Change mozilla-kde.patch to follow the GNOME registry
+ behavior for new MIME types to avoid opening downloaded files
+ without any inquiries (bsc#1197319)
+
+---
+Tue Mar 22 12:22:51 UTC 2022 - Guillaume GARDET
+
+- Add patch to fix start-up on aarch64:
+ * mozilla-bmo1757571.patch
+
+---
+Thu Mar 17 14:52:39 UTC 2022 - Dirk M??ller
+
+- exclude slow cpus for building
+
+---
+Thu Mar 17 09:18:01 UTC 2022 - Martin Sirringhaus
+
+- Add cpu-flag `asimdrdm` to aarch64 constraints, to select newer,
+ faster buildhosts, as the others struggle to build FF.
+
+---
+Mon Mar 14 22:48:42 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 98.0.1:
+ * Yandex and Mail.ru have been removed as optional search
+providers in the drop-down search menu in Firefox
+
+---
Old:
firefox-98.0.source.tar.xz
firefox-98.0.source.tar.xz.asc
l10n-98.0.tar.xz
New:
firefox-98.0.2.source.tar.xz
firefox-98.0.2.source.tar.xz.asc
l10n-98.0.2.tar.xz
mozilla-bmo1757571.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.FfYK3w/_old 2022-03-28 17:00:43.832983180 +0200
+++ /var/tmp/diff_new_pack.FfYK3w/_new 2022-03-28 17:00:43.840983191 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 98
-%define mainver%major.0
-%define orig_version 98.0
+%define mainver%major.0.2
+%define orig_version 98.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -220,6 +220,7 @@
Patch22:mozilla-silence-no-return-type.patch
Patch23:mozilla-bmo531915.patch
Patch24:mozilla-bmo1756347.patch
+Patch25:mozilla-bmo1757571.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
++ _constraints ++
--- /var/tmp/diff_new_pack.FfYK3w/_old 2022-03-28 17:00:43.984983387 +0200
+++ /var/tmp/diff_new_pack.FfYK3w/_new 2022-03-28 17:00:43.992983397 +0200
@@ -9,6 +9,7 @@
15
+ SLOW_CPU
armv6l
@@ -27,6 +28,18 @@
aarch64
+
+
+
+asimdrdm
+
+
+8
+
+
+
+
+
ppc64le
s390x
++ firefox-98.0.source.tar.xz -> firefox-98.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-98.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1900/firefox-98.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-98.0.tar.xz -> l10n-98.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-98.0.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1900/l10n-98.0.2.tar.xz differ:
char 27, line 1
++ mozilla-bmo1757571.patch ++
1083 lines (skipped)
++ mozilla-kde.patch ++
--- /var/tmp/diff_new_pack.FfYK3w/_old 2022-03-28 17:00:44.284983794 +0200
+++ /var/tmp/diff_new_pack.FfYK3w/_new 2022-03-28 17:00:44.288983800 +0200
@@ -941,12 +941,13 @@
new file mode 100644
--- /dev/null
+++ b/uriloader/exthandler/unix/nsKDERegistry.cpp
-@@ -0,0 +1,86 @@
+@@ -0,0 +1,89 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*/
+/* This
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-03-13 20:24:17
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.25692 (New)
Package is "MozillaFirefox"
Sun Mar 13 20:24:17 2022 rev:361 rq:960656 version:98.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-02-21 17:46:18.819588912 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.25692/MozillaFirefox.changes
2022-03-13 20:24:18.559594833 +0100
@@ -1,0 +2,27 @@
+Tue Mar 8 10:27:16 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 98.0
+ * Firefox has a new optimized download flow
+ * other changes as documented here
+https://www.mozilla.org/en-US/firefox/98.0/releasenotes
+ MFSA 2022-10 (bsc#1196900)
+ * CVE-2022-26383 (bmo#1742421)
+Browser window spoof using fullscreen mode
+ * CVE-2022-26384 (bmo#1744352)
+iframe allow-scripts sandbox bypass
+ * CVE-2022-26387 (bmo#1752979)
+Time-of-check time-of-use bug when verifying add-on signatures
+ * CVE-2022-26381 (bmo#1736243)
+Use-after-free in text reflows
+ * CVE-2022-26382 (bmo#1741888)
+Autofill Text could be exfiltrated via side-channel attacks
+ * CVE-2022-26385 (bmo#1747526)
+Use-after-free in thread shutdown
+ * CVE-2022-0843 (bmo#1746523, bmo#1749062, bmo#1749164, bmo#1749214,
+bmo#1749610, bmo#1750032, bmo#1752100, bmo#1752405, bmo#1753612,
+bmo#1754508)
+Memory safety bugs fixed in Firefox 98
+- requires NSS 3.75
+- add mozilla-bmo1756347.patch to fix i586 build
+
+---
@@ -14,0 +42,11 @@
+
+---
+Mon Feb 14 19:31:29 UTC 2022 - Luciano Santos
+
+- Remove bashisms ("source" and "function" keywords) from
+ mozilla.sh.in to ally with the #!/bin/sh shebang. If the end user
+ has either dash-sh package or busybox-sh to handle Bourn Shell
+ scripts rather than having bash-sh package, the script would
+ fail. Using "." instead of "source" and "create_langpack_link()"
+ function definition is enough to keep both sides sane,
+ behavior-wise.
Old:
firefox-97.0.1.source.tar.xz
firefox-97.0.1.source.tar.xz.asc
l10n-97.0.1.tar.xz
New:
firefox-98.0.source.tar.xz
firefox-98.0.source.tar.xz.asc
l10n-98.0.tar.xz
mozilla-bmo1756347.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.laI5DQ/_old 2022-03-13 20:24:30.923609347 +0100
+++ /var/tmp/diff_new_pack.laI5DQ/_new 2022-03-13 20:24:30.939609365 +0100
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 97
-%define mainver%major.0.1
-%define orig_version 97.0.1
+%define major 98
+%define mainver%major.0
+%define orig_version 98.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.33
-BuildRequires: mozilla-nss-devel >= 3.74
+BuildRequires: mozilla-nss-devel >= 3.75
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -219,6 +219,7 @@
Patch21:mozilla-libavcodec58_91.patch
Patch22:mozilla-silence-no-return-type.patch
Patch23:mozilla-bmo531915.patch
+Patch24:mozilla-bmo1756347.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -685,12 +686,6 @@
%fdupes %{buildroot}%{progdir}
%fdupes %{buildroot}%{_datadir}
-%clean
-rm -rf %{buildroot}
-%if %localize
-rm -rf %{_tmppath}/translations.*
-%endif
-
%post
# update mime and desktop database
%mime_database_post
++ firefox-97.0.1.source.tar.xz -> firefox-98.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-97.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.25692/firefox-98.0.source.tar.xz
differ: char 15, line 1
++ l10n-97.0.1.tar.xz -> l10n-98.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-97.0.1.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.25692/l10n-98.0.tar.xz differ:
char 26, line 1
++ mozilla-bmo1756347.patch ++
# HG changeset patch
# User Wolfgang Rosenauer
# Parent f805a250257be9c3ea570b34557150450e16dfec
diff --git a/js/src/jit/GenerateAtomicOperations.py
b/js/src/jit/GenerateAtomicOperations.py
--- a/js/src/jit/GenerateAtomicOperations.py
+++ b/js/src/jit/GenerateAtomicOperations.py
@@ -5,40 +5,41 @@
# This script generates
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-02-21 17:45:57
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1958 (New)
Package is "MozillaFirefox"
Mon Feb 21 17:45:57 2022 rev:360 rq:955949 version:97.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-02-10 23:11:59.744196099 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1958/MozillaFirefox.changes
2022-02-21 17:46:18.819588912 +0100
@@ -1,0 +2,15 @@
+Fri Feb 18 20:38:22 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 97.0.1
+ * Fixed: Fixed an issue where TikTok videos would fail to load
+when selected from a user's profile page (bmo#1750973)
+ * Fixed: Fixed an issue which led to Picture-in-Picture mode
+being unable to be toggled on Hulu (bmo#1753401)
+ * Fixed: Works around problems with WebRoot SecureAnywhere
+antivirus rendering Firefox unusable in some situations
+(bmo#1752466)
+ * Fixed: Fixed an issue causing users to see the Restore
+Session screen unexpectedly when starting Firefox
+(bmo#1749996)
+
+---
Old:
firefox-97.0.source.tar.xz
firefox-97.0.source.tar.xz.asc
l10n-97.0.tar.xz
New:
firefox-97.0.1.source.tar.xz
firefox-97.0.1.source.tar.xz.asc
l10n-97.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.GJ0rMI/_old 2022-02-21 17:46:31.023592545 +0100
+++ /var/tmp/diff_new_pack.GJ0rMI/_new 2022-02-21 17:46:31.027592545 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 97
-%define mainver%major.0
-%define orig_version 97.0
+%define mainver%major.0.1
+%define orig_version 97.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-97.0.source.tar.xz -> firefox-97.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-97.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1958/firefox-97.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-97.0.tar.xz -> l10n-97.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.GJ0rMI/_old 2022-02-21 17:46:31.463592676 +0100
+++ /var/tmp/diff_new_pack.GJ0rMI/_new 2022-02-21 17:46:31.463592676 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="97.0"
+VERSION="97.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="96.0.3"
+PREV_VERSION="97.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="71dce12fda8b1cf9c396a1900b4edf9844206ea5"
-RELEASE_TIMESTAMP="20220202182137"
+RELEASE_TAG="0f0ba6e8029d8148743c4aa50c2be4c4c643f8a4"
+RELEASE_TIMESTAMP="20220216172458"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2022-02-10 23:11:36 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1956 (New) Package is "MozillaFirefox" Thu Feb 10 23:11:36 2022 rev:359 rq:952887 version:97.0 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2022-02-01 14:02:49.972123808 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1956/MozillaFirefox.changes 2022-02-10 23:11:59.744196099 +0100 @@ -1,0 +2,70 @@ +Tue Feb 8 08:40:45 UTC 2022 - Wolfgang Rosenauer + +- Mozilla Firefox 97.0 + MFSA 2022-04 (bsc#1195682) + * CVE-2022-22753 (bmo#1732435) +Privilege Escalation to SYSTEM on Windows via Maintenance Service + * CVE-2022-22754 (bmo#1750565) +Extensions could have bypassed permission confirmation during update + * CVE-2022-22755 (bmo#1309630) +XSL could have allowed JavaScript execution after a tab was closed + * CVE-2022-22756 (bmo#1317873) +Drag and dropping an image could have resulted in the dropped +object being an executable + * CVE-2022-22757 (bmo#1720098) +Remote Agent did not prevent local websites from connecting + * CVE-2022-22758 (bmo#1728742) +tel: links could have sent USSD codes to the dialer on +Firefox for Android + * CVE-2022-22759 (bmo#1739957) +Sandboxed iframes could have executed script if the parent +appended elements + * CVE-2022-22760 (bmo#1740985, bmo#1748503) +Cross-Origin responses could be distinguished between script +and non-script content-types + * CVE-2022-22761 (bmo#1745566) +frame-ancestors Content Security Policy directive was not +enforced for framed extension pages + * CVE-2022-22762 (bmo#1743931) +JavaScript Dialogs could have been displayed over other +domains on Firefox for Android + * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545, +bmo#1748210, bmo#1748279) +Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 + * CVE-2022-0511 (bmo#1713579, bmo#1735448, bmo#1743821, bmo#1746313, +bmo#1746314, bmo#1746316, bmo#1746321, bmo#1746322, bmo#1746323, +bmo#1746412, bmo#1746430, bmo#1746451, bmo#1746488, bmo#1746875, +bmo#1746898, bmo#1746905, bmo#1746907, bmo#1746917, bmo#1747128, +bmo#1747137, bmo#1747331, bmo#1747346, bmo#1747439, bmo#1747457, +bmo#1747870, bmo#1749051, bmo#1749274, bmo#1749831) +Memory safety bugs fixed in Firefox 97 +- requires NSS 3.74 +- requires rust 1.57 + +--- +Mon Feb 7 22:21:29 UTC 2022 - Dirk M??ller + +- remove memoryperjob and use %limit instead. this allows to + adapt to more worker types, and lowers the time the package + is stuck in "scheduling". raising memory above 8 to lower + risk for LTO jobs to run OOM +- add hack to disable -Wl,--gc-section which avoids a binutils + segfault on x86 +- change mozilla-reduce-rust-debuginfo.patch: use -g1 everywhere + +--- +Sun Jan 30 23:58:34 UTC 2022 - Dirk M??ller + +- disable ccache, this adds about 1 minute of build time and + over 2 GB of disk space usage without benefit on OBS builds +- build with rust-simd like upstream does +- use -g1 for debuginfo generation as this is what upstream + does as well and it saves ~ 2GB of writes +- use %limit on x86_64 to scale down to less capable workers +- disable install stripping so that debuginfo is useful +- use autopatch +- cleanup constraints to specify only jobs, physicalmemory + and memoryperjob to be more flexible on which host to build + on + +--- Old: firefox-96.0.3.source.tar.xz firefox-96.0.3.source.tar.xz.asc l10n-96.0.3.tar.xz New: firefox-97.0.source.tar.xz firefox-97.0.source.tar.xz.asc l10n-97.0.tar.xz Other differences: -- ++ MozillaFirefox.spec ++ --- /var/tmp/diff_new_pack.DPFn2h/_old 2022-02-10 23:12:14.048232326 +0100 +++ /var/tmp/diff_new_pack.DPFn2h/_new 2022-02-10 23:12:14.048232326 +0100 @@ -2,7 +2,7 @@ # spec file # # Copyright (c) 2022 SUSE LLC -# 2006-2021 Wolfgang Rosenauer +# 2006-2022 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 96 -%define mainver%major.0.3 -%define orig_version 96.0.3 +%define major 97 +%define mainver%major.0
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-02-01 14:02:32
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1898 (New)
Package is "MozillaFirefox"
Tue Feb 1 14:02:32 2022 rev:358 rq:949716 version:96.0.3
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-01-26 21:26:32.966172376 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1898/MozillaFirefox.changes
2022-02-01 14:02:49.972123808 +0100
@@ -1,0 +2,7 @@
+Fri Jan 28 15:26:45 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 96.0.3 (bsc#1195230)
+ * Fixed an issue that allowed unexpected data to be submitted in
+some of our search telemetry (bmo#1752317)
+
+---
Old:
firefox-96.0.2.source.tar.xz
firefox-96.0.2.source.tar.xz.asc
l10n-96.0.2.tar.xz
New:
firefox-96.0.3.source.tar.xz
firefox-96.0.3.source.tar.xz.asc
l10n-96.0.3.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.FUCPIf/_old 2022-02-01 14:03:01.880042180 +0100
+++ /var/tmp/diff_new_pack.FUCPIf/_new 2022-02-01 14:03:01.884042152 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 96
-%define mainver%major.0.2
-%define orig_version 96.0.2
+%define mainver%major.0.3
+%define orig_version 96.0.3
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-96.0.2.source.tar.xz -> firefox-96.0.3.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-96.0.2.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1898/firefox-96.0.3.source.tar.xz
differ: char 15, line 1
++ l10n-96.0.2.tar.xz -> l10n-96.0.3.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.FUCPIf/_old 2022-02-01 14:03:02.268039520 +0100
+++ /var/tmp/diff_new_pack.FUCPIf/_new 2022-02-01 14:03:02.272039493 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="96.0.2"
+VERSION="96.0.3"
VERSION_SUFFIX=""
-PREV_VERSION="96.0.1"
+PREV_VERSION="96.0.2"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="78c76c55ba02435ac7b4e57af6e6e938c9510812"
-RELEASE_TIMESTAMP="20220119190439"
+RELEASE_TAG="08a730393ae6e9e8f7096f1a040dc66948f245b1"
+RELEASE_TIMESTAMP="20220126154723"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-01-26 21:26:30
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1938 (New)
Package is "MozillaFirefox"
Wed Jan 26 21:26:30 2022 rev:357 rq:948332 version:96.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-01-23 12:16:05.956303020 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1938/MozillaFirefox.changes
2022-01-26 21:26:32.966172376 +0100
@@ -1,0 +2,5 @@
+Mon Jan 24 07:42:03 UTC 2022 - Martin Li??ka
+
+- Enable -fimplicit-constexpr for GCC 12+.
+
+---
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.mQ9hdq/_old 2022-01-26 21:26:35.158157262 +0100
+++ /var/tmp/diff_new_pack.mQ9hdq/_new 2022-01-26 21:26:35.162157234 +0100
@@ -401,6 +401,9 @@
%if 0%{?clang_build} == 0
export CC=gcc
export CXX=g++
+%if 0%{?gcc_version:%{gcc_version}} >= 12
+export CFLAGS="$CFLAGS -fimplicit-constexpr"
+%endif
%endif
%endif
%ifarch %arm %ix86
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-01-23 12:15:08
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1938 (New)
Package is "MozillaFirefox"
Sun Jan 23 12:15:08 2022 rev:356 rq:947863 version:96.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-01-15 21:45:30.609623950 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1938/MozillaFirefox.changes
2022-01-23 12:16:05.956303020 +0100
@@ -1,0 +2,11 @@
+Thu Jan 20 23:21:44 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 96.0.2
+ * Fix an issue that caused tab height to display inconsistently
+on Linux when audio was played (bmo#1714276)
+ * Fix an issue that caused Lastpass dropdowns to appear blank in
+Private Browsing mode (bmo#1748158)
+ * Fix a crash encountered when resizing a Facebook app
+(bmo#1746084)
+
+---
Old:
firefox-96.0.1.source.tar.xz
firefox-96.0.1.source.tar.xz.asc
l10n-96.0.1.tar.xz
New:
firefox-96.0.2.source.tar.xz
firefox-96.0.2.source.tar.xz.asc
l10n-96.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.71edse/_old 2022-01-23 12:16:24.672177928 +0100
+++ /var/tmp/diff_new_pack.71edse/_new 2022-01-23 12:16:24.672177928 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 96
-%define mainver%major.0.1
-%define orig_version 96.0.1
+%define mainver%major.0.2
+%define orig_version 96.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-96.0.1.source.tar.xz -> firefox-96.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-96.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1938/firefox-96.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-96.0.1.tar.xz -> l10n-96.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.71edse/_old 2022-01-23 12:16:25.088175147 +0100
+++ /var/tmp/diff_new_pack.71edse/_new 2022-01-23 12:16:25.092175121 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="96.0.1"
+VERSION="96.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="96.0"
+PREV_VERSION="96.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="be5a26bea29ae03aceaba84e36f205f01c2be791"
-RELEASE_TIMESTAMP="20220113185450"
+RELEASE_TAG="78c76c55ba02435ac7b4e57af6e6e938c9510812"
+RELEASE_TIMESTAMP="20220119190439"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-01-15 21:45:12
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1892 (New)
Package is "MozillaFirefox"
Sat Jan 15 21:45:12 2022 rev:355 rq:946473 version:96.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2022-01-13 00:22:37.467941210 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1892/MozillaFirefox.changes
2022-01-15 21:45:30.609623950 +0100
@@ -1,0 +2,7 @@
+Fri Jan 14 16:56:42 UTC 2022 - Andreas Stieger
+
+- Mozilla Firefox 96.0.1
+ * Fixed: Improvements to make the parsing of content-length
+headers more robust (bmo#1749957, boo#1194677)
+
+---
Old:
firefox-96.0.source.tar.xz
firefox-96.0.source.tar.xz.asc
l10n-96.0.tar.xz
New:
firefox-96.0.1.source.tar.xz
firefox-96.0.1.source.tar.xz.asc
l10n-96.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.09iIgc/_old 2022-01-15 21:45:40.117628985 +0100
+++ /var/tmp/diff_new_pack.09iIgc/_new 2022-01-15 21:45:40.125628988 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 96
-%define mainver%major.0
-%define orig_version 96.0
+%define mainver%major.0.1
+%define orig_version 96.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-96.0.source.tar.xz -> firefox-96.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-96.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1892/firefox-96.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-96.0.tar.xz -> l10n-96.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.09iIgc/_old 2022-01-15 21:45:40.665629275 +0100
+++ /var/tmp/diff_new_pack.09iIgc/_new 2022-01-15 21:45:40.669629277 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="96.0"
+VERSION="96.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="95.0.2"
+PREV_VERSION="96.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="fc698f2bd31f78fb8586e62c7b660a08d6971b92"
-RELEASE_TIMESTAMP="20220106144528"
+RELEASE_TAG="be5a26bea29ae03aceaba84e36f205f01c2be791"
+RELEASE_TIMESTAMP="20220113185450"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2022-01-13 00:22:14
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1892 (New)
Package is "MozillaFirefox"
Thu Jan 13 00:22:14 2022 rev:354 rq:945699 version:96.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-12-30 15:55:43.856668902 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1892/MozillaFirefox.changes
2022-01-13 00:22:37.467941210 +0100
@@ -1,0 +2,58 @@
+Sat Jan 8 10:32:46 UTC 2022 - Wolfgang Rosenauer
+
+- Mozilla Firefox 96.0
+ * https://www.mozilla.org/en-US/firefox/96.0/releasenotes
+ MFSA 2022-01 (bsc#1194547)
+ * CVE-2022-22746 (bmo#1735071)
+Calling into reportValidity could have lead to fullscreen
+window spoof
+ * CVE-2022-22743 (bmo#1739220)
+Browser window spoof using fullscreen mode
+ * CVE-2022-22742 (bmo#1739923)
+Out-of-bounds memory access when inserting text in edit mode
+ * CVE-2022-22741 (bmo#1740389)
+Browser window spoof using fullscreen mode
+ * CVE-2022-22740 (bmo#1742334)
+Use-after-free of ChannelEventQueue::mOwner
+ * CVE-2022-22738 (bmo#1742382)
+Heap-buffer-overflow in blendGaussianBlur
+ * CVE-2022-22737 (bmo#1745874)
+Race condition when playing audio files
+ * CVE-2021-4140 (bmo#1746720)
+Iframe sandbox bypass with XSLT
+ * CVE-2022-22750 (bmo#1566608)
+IPC passing of resource handles could have lead to sandbox
+bypass
+ * CVE-2022-22749 (bmo#1705094)
+Lack of URL restrictions when scanning QR codes
+ * CVE-2022-22748 (bmo#1705211)
+Spoofed origin on external protocol launch dialog
+ * CVE-2022-22745 (bmo#1735856)
+Leaking cross-origin URLs through securitypolicyviolation
+event
+ * CVE-2022-22744 (bmo#1737252)
+The 'Copy as curl' feature in DevTools did not fully escape
+website-controlled data, potentially leading to command
+injection
+ * CVE-2022-22747 (bmo#1735028)
+Crash when handling empty pkcs7 sequence
+ * CVE-2022-22736 (bmo#1742692)
+Potential local privilege escalation when loading modules
+from the install directory.
+ * CVE-2022-22739 (bmo#1744158)
+Missing throttling on external protocol launch dialog
+ * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366,
+bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869,
+bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011)
+Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
+ * CVE-2022-22752 (bmo#1740534, bmo#1741210, bmo#1742770)
+Memory safety bugs fixed in Firefox 96
+- removed obsolete patches
+ * mozilla-bmo1745560.patch
+ * mozilla-bmo1744896.patch
+ * mozilla-sandbox-fips.patch
+- requires
+ NSPR >= 4.33
+ NSS >= 3.73.1
+
+---
Old:
firefox-95.0.2.source.tar.xz
firefox-95.0.2.source.tar.xz.asc
l10n-95.0.2.tar.xz
mozilla-bmo1744896.patch
mozilla-bmo1745560.patch
mozilla-sandbox-fips.patch
New:
firefox-96.0.source.tar.xz
firefox-96.0.source.tar.xz.asc
l10n-96.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.doWkoq/_old 2022-01-13 00:22:52.223951831 +0100
+++ /var/tmp/diff_new_pack.doWkoq/_new 2022-01-13 00:22:52.227951834 +0100
@@ -1,7 +1,7 @@
#
# spec file
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
# 2006-2021 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 95
-%define mainver%major.0.2
-%define orig_version 95.0.2
+%define major 96
+%define mainver%major.0
+%define orig_version 96.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -116,8 +116,8 @@
BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
-BuildRequires: mozilla-nspr-devel >= 4.32
-BuildRequires: mozilla-nss-devel >= 3.71
+BuildRequires: mozilla-nspr-devel >= 4.33
+BuildRequires: mozilla-nss-devel >= 3.73.1
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -203,28 +203,25 @@
Patch2: mozilla-kde.patch
Patch3: mozilla-ntlm-full-path.patch
Patch4: mozilla-aarch64-startup-crash.patch
-Patch6: mozilla-sandbox-fips.patch
-Patch7: mozilla-fix-aarch64-libopus.patch
-Patch9: mozilla-s390-context.patch
-Patch10:mozilla-pgo.patch
-Patch11:
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-12-30 15:55:28
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1896 (New)
Package is "MozillaFirefox"
Thu Dec 30 15:55:28 2021 rev:353 rq:943041 version:95.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-12-18 20:29:34.698220294 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1896/MozillaFirefox.changes
2021-12-30 15:55:43.856668902 +0100
@@ -1,0 +2,16 @@
+Tue Dec 28 17:45:28 UTC 2021 - Bj??rn Lie
+
+- Add upstream patches:
+ * mozilla-bmo1745560.patch: Fix build against wayland 1.20.
+ * mozilla-bmo1744896.patch: Create WaylandVsyncSource on window
+creation
+
+---
+Mon Dec 20 21:57:30 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 95.0.2
+ * Addresses frequent crashes experienced by users with C/E/Z-Series
+"Bobcat" CPUs running on Windows 7, 8, and 8.1.
+- updated constraints for ppc and x86-64
+
+---
Old:
firefox-95.0.1.source.tar.xz
firefox-95.0.1.source.tar.xz.asc
l10n-95.0.1.tar.xz
New:
firefox-95.0.2.source.tar.xz
firefox-95.0.2.source.tar.xz.asc
l10n-95.0.2.tar.xz
mozilla-bmo1744896.patch
mozilla-bmo1745560.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.hqBgVp/_old 2021-12-30 15:55:56.416678586 +0100
+++ /var/tmp/diff_new_pack.hqBgVp/_new 2021-12-30 15:55:56.420678590 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 95
-%define mainver%major.0.1
-%define orig_version 95.0.1
+%define mainver%major.0.2
+%define orig_version 95.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -223,6 +223,8 @@
Patch28:mozilla-libavcodec58_91.patch
Patch29:mozilla-silence-no-return-type.patch
Patch31:mozilla-bmo531915.patch
+Patch32:mozilla-bmo1745560.patch
+Patch33:mozilla-bmo1744896.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -351,6 +353,8 @@
%patch28 -p1
%patch29 -p1
%patch31 -p1
+%patch32 -p1
+%patch33 -p1
# Firefox
%patch101 -p1
%patch102 -p1
++ _constraints ++
--- /var/tmp/diff_new_pack.hqBgVp/_old 2021-12-30 15:55:56.508678657 +0100
+++ /var/tmp/diff_new_pack.hqBgVp/_new 2021-12-30 15:55:56.512678660 +0100
@@ -51,7 +51,7 @@
-16
+18
@@ -62,10 +62,10 @@
-25
+36
-10
+11
2500
++ firefox-95.0.1.source.tar.xz -> firefox-95.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-95.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1896/firefox-95.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-95.0.1.tar.xz -> l10n-95.0.2.tar.xz ++
++ mozilla-bmo1744896.patch ++
diff -up firefox-95.0.2/widget/gtk/nsWindow.cpp.1744896
firefox-95.0.2/widget/gtk/nsWindow.cpp
--- firefox-95.0.2/widget/gtk/nsWindow.cpp.1744896 2021-12-23
11:54:31.522539340 +0100
+++ firefox-95.0.2/widget/gtk/nsWindow.cpp 2021-12-23 11:55:56.070270174
+0100
@@ -5765,6 +5765,17 @@ nsresult nsWindow::Create(nsIWidget* aPa
}
}
#endif
+#ifdef MOZ_WAYLAND
+ // Initialize the window specific VsyncSource early in order to avoid races
+ // with BrowserParent::UpdateVsyncParentVsyncSource().
+ // Only use for toplevel windows for now, see bug 1619246.
+ if (GdkIsWaylandDisplay() &&
+ StaticPrefs::widget_wayland_vsync_enabled_AtStartup() &&
+ mWindowType == eWindowType_toplevel) {
+mWaylandVsyncSource = new WaylandVsyncSource();
+MOZ_RELEASE_ASSERT(mWaylandVsyncSource);
+ }
+#endif
// We create input contexts for all containers, except for
// toplevel popup windows
@@ -6077,19 +6088,12 @@ void nsWindow::ResumeCompositorFromCompo
void nsWindow::WaylandStartVsync() {
#ifdef MOZ_WAYLAND
- // only use for toplevel windows for now - see bug 1619246
- if (!GdkIsWaylandDisplay() ||
- !StaticPrefs::widget_wayland_vsync_enabled_AtStartup() ||
- mWindowType != eWindowType_toplevel) {
+ if (!mWaylandVsyncSource) {
return;
}
LOG("nsWindow::WaylandStartVsync() [%p]\n", (void*)this);
- if (!mWaylandVsyncSource) {
-mWaylandVsyncSource = new WaylandVsyncSource();
- }
-
WaylandVsyncSource::WaylandDisplay& display =
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-12-18 20:29:25
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2520 (New)
Package is "MozillaFirefox"
Sat Dec 18 20:29:25 2021 rev:352 rq:941230 version:95.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-12-12 00:56:55.378556091 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2520/MozillaFirefox.changes
2021-12-18 20:29:34.698220294 +0100
@@ -1,0 +2,13 @@
+Fri Dec 17 13:49:16 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 95.0.1 (bsc#1193845)
+ * Fixed frequent
+MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING error
+messages when trying to connect to various microsoft.com
+domains (bmo#1745600)
+ * Fix for a WebRender crash on some Linux/X11 systems (bmo#1741956)
+ * Fix for a frequent Windows shutdown crash (bmo#1738984)
+ * Fix websites contrast issues for some Linux users with
+Dark mode set at OS level (bmo#1740518)
+
+---
Old:
firefox-95.0.source.tar.xz
firefox-95.0.source.tar.xz.asc
l10n-95.0.tar.xz
New:
firefox-95.0.1.source.tar.xz
firefox-95.0.1.source.tar.xz.asc
l10n-95.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.HlR2Kg/_old 2021-12-18 20:29:46.582226894 +0100
+++ /var/tmp/diff_new_pack.HlR2Kg/_new 2021-12-18 20:29:46.586226896 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 95
-%define mainver%major.0
-%define orig_version 95.0
+%define mainver%major.0.1
+%define orig_version 95.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-95.0.source.tar.xz -> firefox-95.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-95.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2520/firefox-95.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-95.0.tar.xz -> l10n-95.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-95.0.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2520/l10n-95.0.1.tar.xz differ:
char 26, line 1
++ tar_stamps ++
--- /var/tmp/diff_new_pack.HlR2Kg/_old 2021-12-18 20:29:46.858227047 +0100
+++ /var/tmp/diff_new_pack.HlR2Kg/_new 2021-12-18 20:29:46.858227047 +0100
@@ -1,8 +1,8 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="95.0"
+VERSION="95.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="94.0.2"
+PREV_VERSION="95.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-12-12 00:56:09
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2520 (New)
Package is "MozillaFirefox"
Sun Dec 12 00:56:09 2021 rev:351 rq:936364 version:95.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-11-27 00:51:06.298847516 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2520/MozillaFirefox.changes
2021-12-12 00:56:55.378556091 +0100
@@ -1,0 +2,56 @@
+Sat Dec 4 12:07:21 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 95.0
+ * You can now move the Picture-in-Picture toggle button to the
+opposite side of the video. Simply look for the new context menu
+option Move Picture-in-Picture Toggle to Left (Right) Side.
+ * To better protect Firefox users against side-channel attacks such
+as Spectre, Site Isolation is now enabled for all Firefox 95 users.
+ * https://www.mozilla.org/en-US/firefox/95.0/releasenotes
+ MFSA 2021-52 (bsc#1193485)
+ * CVE-2021-43536 (bmo#1730120)
+URL leakage when navigating while executing asynchronous
+function
+ * CVE-2021-43537 (bmo#1738237)
+Heap buffer overflow when using structured clone
+ * CVE-2021-43538 (bmo#1739091)
+Missing fullscreen and pointer lock notification when
+requesting both
+ * CVE-2021-43539 (bmo#1739683)
+GC rooting failure when calling wasm instance methods
+ * MOZ-2021-0010 (bmo#1735852)
+Use-after-free in fullscreen objects on MacOS
+ * CVE-2021-43540 (bmo#1636629)
+WebExtensions could have installed persistent ServiceWorkers
+ * CVE-2021-43541 (bmo#1696685)
+External protocol handler parameters were unescaped
+ * CVE-2021-43542 (bmo#1723281)
+XMLHttpRequest error codes could have leaked the existence of
+an external protocol handler
+ * CVE-2021-43543 (bmo#1738418)
+Bypass of CSP sandbox directive when embedding
+ * CVE-2021-43544 (bmo#1739934)
+Receiving a malicious URL as text through a SEND intent could
+have led to XSS
+ * CVE-2021-43545 (bmo#1720926)
+Denial of Service when using the Location API in a loop
+ * CVE-2021-43546 (bmo#1737751)
+Cursor spoofing could overlay user interface when native
+cursor is zoomed
+ * MOZ-2021-0009 (bmo#1393362, bmo#1736046, bmo#1736751,
+bmo#1737009, bmo#1739372, bmo#1739421)
+Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
+- requires
+ NSS >= 3.72
+
+---
+Thu Dec 2 20:32:42 UTC 2021 - Andreas Stieger
+
+- remove x-scheme-handler/ftp from firefox.desktop boo#1193321
+
+---
+Thu Nov 25 20:21:07 UTC 2021 - Bj??rn Lie
+
+- Drop unused libidl-devel BuildRequires.
+
+---
Old:
firefox-94.0.2.source.tar.xz
firefox-94.0.2.source.tar.xz.asc
l10n-94.0.2.tar.xz
New:
firefox-95.0.source.tar.xz
firefox-95.0.source.tar.xz.asc
l10n-95.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.ueV5rc/_old 2021-12-12 00:57:03.846561906 +0100
+++ /var/tmp/diff_new_pack.ueV5rc/_new 2021-12-12 00:57:03.850561908 +0100
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 94
-%define mainver%major.0.2
-%define orig_version 94.0.2
+%define major 95
+%define mainver%major.0
+%define orig_version 95.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -113,7 +113,6 @@
%endif
BuildRequires: libXcomposite-devel
BuildRequires: libcurl-devel
-BuildRequires: libidl-devel
BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
@@ -493,6 +492,8 @@
ac_add_options --with-google-safebrowsing-api-keyfile=%{SOURCE19}
ac_add_options --with-unsigned-addon-scopes=app
ac_add_options --allow-addon-sideload
+# at least temporary until the "wasi-sysroot" issue is solved
+ac_add_options --without-wasm-sandboxed-libraries
%if %branding
ac_add_options --enable-official-branding
%endif
@@ -549,6 +550,7 @@
ac_add_options --prefix=%{_prefix}
ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
ac_add_options --disable-updater
+ac_add_options --without-wasm-sandboxed-libraries
%if %branding
ac_add_options --enable-official-branding
%endif
++ MozillaFirefox.desktop ++
--- /var/tmp/diff_new_pack.ueV5rc/_old 2021-12-12 00:57:03.918561955 +0100
+++ /var/tmp/diff_new_pack.ueV5rc/_new 2021-12-12 00:57:03.918561955 +0100
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-11-27 00:50:35
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1895 (New)
Package is "MozillaFirefox"
Sat Nov 27 00:50:35 2021 rev:350 rq:933355 version:94.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-11-08 17:24:32.828707603 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1895/MozillaFirefox.changes
2021-11-27 00:51:06.298847516 +0100
@@ -1,0 +2,9 @@
+Tue Nov 23 22:00:38 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 94.0.2:
+ * Update preference design for Firefox Suggest for improved clarity
+ * Resolved general instability/crashes on Linux caused by a file
+descriptor leak when backgrounding tabs using WebGL
+(bmo#1741997)
+
+---
Old:
firefox-94.0.1.source.tar.xz
firefox-94.0.1.source.tar.xz.asc
l10n-94.0.1.tar.xz
New:
firefox-94.0.2.source.tar.xz
firefox-94.0.2.source.tar.xz.asc
l10n-94.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Q6YptL/_old 2021-11-27 00:51:17.406809164 +0100
+++ /var/tmp/diff_new_pack.Q6YptL/_new 2021-11-27 00:51:17.406809164 +0100
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 94
-%define mainver%major.0.1
-%define orig_version 94.0.1
+%define mainver%major.0.2
+%define orig_version 94.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-94.0.1.source.tar.xz -> firefox-94.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-94.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1895/firefox-94.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-94.0.1.tar.xz -> l10n-94.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.Q6YptL/_old 2021-11-27 00:51:17.810807769 +0100
+++ /var/tmp/diff_new_pack.Q6YptL/_new 2021-11-27 00:51:17.814807755 +0100
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="94.0.1"
+VERSION="94.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="94.0"
+PREV_VERSION="94.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="d1b7f0b74a8771c2311c1bfbd6aefa2e18adb020"
-RELEASE_TIMESTAMP="20211103134640"
+RELEASE_TAG="f09593707108af9f9f4d580cf748c3537639ecd4"
+RELEASE_TIMESTAMP="2029140621"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-11-08 17:24:08
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1890 (New)
Package is "MozillaFirefox"
Mon Nov 8 17:24:08 2021 rev:349 rq:929844 version:94.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-10-29 22:33:23.383663004 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1890/MozillaFirefox.changes
2021-11-08 17:24:32.828707603 +0100
@@ -1,0 +2,55 @@
+Fri Nov 5 18:02:48 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 94.0.1:
+ * fixes for other platforms
+
+---
+Sat Oct 30 07:52:22 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 94.0
+ * https://www.mozilla.org/en-US/firefox/94.0/releasenotes
+ MFSA 2021-48 (bsc#1192250)
+ * CVE-2021-38503 (bmo#1729517)
+iframe sandbox rules did not apply to XSLT stylesheets
+ * CVE-2021-38504 (bmo#1730156)
+Use-after-free in file picker dialog
+ * CVE-2021-38505 (bmo#1730194)
+Windows 10 Cloud Clipboard may have recorded sensitive user data
+ * CVE-2021-38506 (bmo#1730750)
+Firefox could be coaxed into going into fullscreen mode
+without notification or warning
+ * CVE-2021-38507 (bmo#1730935)
+Opportunistic Encryption in HTTP2 could be used to bypass the
+Same-Origin-Policy on services hosted on other ports
+ * MOZ-2021-0003 (bmo#1736886)
+Universal XSS in Firefox for Android via QR Code URLs
+ * CVE-2021-38508 (bmo#1366818)
+Permission Prompt could be overlaid, resulting in user
+confusion and potential spoofing
+ * MOZ-2021-0004 (bmo#1659155)
+Web Extensions could access pre-redirect URL when their
+context menu was triggered by a user
+ * CVE-2021-38509 (bmo#1718571)
+Javascript alert box could have been spoofed onto an
+arbitrary domain
+ * CVE-2021-38510 (bmo#1731779)
+Download Protections were bypassed by .inetloc files on Mac OS
+ * MOZ-2021-0005 (bmo#1719203)
+'Copy Image Link' context menu action could have been abused
+to see authentication tokens
+ * MOZ-2021-0006 (bmo#1724233)
+URL Parsing may incorrectly parse internationalized domains
+ * MOZ-2021-0007 (bmo#1606864, bmo#1712671, bmo#1730048, bmo#1735152)
+Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
+- removed obsolete patches
+ * mozilla-bmo1602730.patch
+ * mozilla-bmo1725828.patch
+ * mozilla-bmo1729124.patch
+- requires
+ NSS >= 3.71
+ rust >= 1.53
+- fix Plasma detection (boo#1191825)
+- fix Link error "undefined hidden symbol:"
+ https://github.com/openSUSE/firefox-maintenance/issues/37
+
+---
Old:
firefox-93.0.source.tar.xz
firefox-93.0.source.tar.xz.asc
l10n-93.0.tar.xz
mozilla-bmo1602730.patch
mozilla-bmo1725828.patch
mozilla-bmo1729124.patch
New:
firefox-94.0.1.source.tar.xz
firefox-94.0.1.source.tar.xz.asc
l10n-94.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.H2RYdb/_old 2021-11-08 17:24:44.244715101 +0100
+++ /var/tmp/diff_new_pack.H2RYdb/_new 2021-11-08 17:24:44.244715101 +0100
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 93
-%define mainver%major.0
-%define orig_version 93.0
+%define major 94
+%define mainver%major.0.1
+%define orig_version 94.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -100,13 +100,13 @@
BuildRequires: gcc-c++
%endif
%if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300
-BuildRequires: cargo >= 1.51
-BuildRequires: rust >= 1.51
+BuildRequires: cargo >= 1.53
+BuildRequires: rust >= 1.53
%else
# Newer sle/leap/tw use parallel versioned rust releases which have
# a different method for provides that we can use to request a
# specific version
-BuildRequires: rust+cargo >= 1.51
+BuildRequires: rust+cargo >= 1.53
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -118,7 +118,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.32
-BuildRequires: mozilla-nss-devel >= 3.70
+BuildRequires: mozilla-nss-devel >= 3.71
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -218,15 +218,12 @@
Patch20:mozilla-fix-top-level-asm.patch
Patch21:mozilla-bmo1504834-part4.patch
Patch22:mozilla-bmo849632.patch
-Patch24:mozilla-bmo1602730.patch
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-10-29 22:33:08
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1890 (New)
Package is "MozillaFirefox"
Fri Oct 29 22:33:08 2021 rev:348 rq:927811 version:93.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-10-20 20:24:40.125392315 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1890/MozillaFirefox.changes
2021-10-29 22:33:23.383663004 +0200
@@ -1,0 +2,14 @@
+Tue Oct 26 19:48:24 UTC 2021 - Wolfgang Rosenauer
+
+- Drop unused pkgconfig(gdk-x11-2.0) BuildRequires
+- (re-)enable LTO on Tumbleweed
+
+---
+Wed Oct 20 06:49:52 UTC 2021 - Martin Sirringhaus
+
+- Rebase mozilla-sandbox-fips.patch to punch another hole in the
+ sandbox containment, to be able to open /proc/sys/crypto/fips_enabled
+ from within the newly introduced socket process sandbox.
+ This fixes bsc#1191815 and bsc#1190141
+
+---
@@ -4 +18 @@
-- Add patch to fix build on aarch64 - bmo#1729124
+- Add patch to fix build on aarch64 (bmo#1729124)
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.LnIE2t/_old 2021-10-29 22:33:26.071664019 +0200
+++ /var/tmp/diff_new_pack.LnIE2t/_new 2021-10-29 22:33:26.075664021 +0200
@@ -145,7 +145,6 @@
%else
BuildRequires: clang-devel >= 5
%endif
-BuildRequires: pkgconfig(gdk-x11-2.0)
BuildRequires: pkgconfig(glib-2.0) >= 2.22
BuildRequires: pkgconfig(gobject-2.0)
BuildRequires: pkgconfig(gtk+-3.0) >= 3.14.0
@@ -522,7 +521,7 @@
%endif
%ifarch x86_64
# LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506)
-%if 0%{?suse_version} > 1500 && 0%{?suse_version} < 1550
+%if 0%{?suse_version} > 1500
ac_add_options --enable-lto
%if 0%{?do_profiling}
ac_add_options MOZ_PGO=1
++ mozilla-sandbox-fips.patch ++
--- /var/tmp/diff_new_pack.LnIE2t/_old 2021-10-29 22:33:26.383664137 +0200
+++ /var/tmp/diff_new_pack.LnIE2t/_new 2021-10-29 22:33:26.383664137 +0200
@@ -4,15 +4,11 @@
http://bugzilla.suse.com/show_bug.cgi?id=1167132
bsc#1174284 - Firefox tab just crashed in FIPS mode
-diff --git a/security/sandbox/linux/Sandbox.cpp
b/security/sandbox/linux/Sandbox.cpp
a/security/sandbox/linux/Sandbox.cpp
-+++ b/security/sandbox/linux/Sandbox.cpp
-@@ -650,16 +650,17 @@ void SetMediaPluginSandbox(const char* a
- SANDBOX_LOG_ERROR("failed to open plugin file %s: %s", aFilePath,
- strerror(errno));
- MOZ_CRASH("failed while trying to open the plugin file ");
- }
-
+Index: firefox-93.0/security/sandbox/linux/Sandbox.cpp
+===
+--- firefox-93.0.orig/security/sandbox/linux/Sandbox.cpp
firefox-93.0/security/sandbox/linux/Sandbox.cpp
+@@ -655,6 +655,7 @@ void SetMediaPluginSandbox(const char* a
auto files = new SandboxOpenedFiles();
files->Add(std::move(plugin));
files->Add("/dev/urandom", SandboxOpenedFile::Dup::YES);
@@ -20,20 +16,11 @@
files->Add("/etc/ld.so.cache"); // Needed for NSS in clearkey.
files->Add("/sys/devices/system/cpu/cpu0/tsc_freq_khz");
files->Add("/sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq");
- files->Add("/proc/cpuinfo"); // Info also available via CPUID instruction.
- files->Add("/proc/sys/crypto/fips_enabled"); // Needed for NSS in clearkey.
- #ifdef __i386__
- files->Add("/proc/self/auxv"); // Info also in process's address space.
- #endif
-diff --git a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
a/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
-+++ b/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
-@@ -315,16 +315,18 @@ void SandboxBrokerPolicyFactory::InitCon
- policy->AddDir(rdwr, "/dev/dri");
- }
-
- // Bug 1575985: WASM library sandbox needs RW access to /dev/null
- policy->AddPath(rdwr, "/dev/null");
+Index:
firefox-93.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+===
+---
firefox-93.0.orig/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
firefox-93.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+@@ -320,6 +320,8 @@ void SandboxBrokerPolicyFactory::InitCon
// Read permissions
policy->AddPath(rdonly, "/dev/urandom");
@@ -42,8 +29,12 @@
policy->AddPath(rdonly, "/proc/cpuinfo");
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-10-20 20:23:50
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1890 (New)
Package is "MozillaFirefox"
Wed Oct 20 20:23:50 2021 rev:347 rq:926026 version:93.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-10-12 21:48:30.291798842 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1890/MozillaFirefox.changes
2021-10-20 20:24:40.125392315 +0200
@@ -1,0 +2,6 @@
+Mon Oct 18 12:44:44 UTC 2021 - Guillaume GARDET
+
+- Add patch to fix build on aarch64 - bmo#1729124
+ * mozilla-bmo1729124.patch
+
+---
New:
mozilla-bmo1729124.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.RtsIna/_old 2021-10-20 20:24:42.233393616 +0200
+++ /var/tmp/diff_new_pack.RtsIna/_new 2021-10-20 20:24:42.233393616 +0200
@@ -227,6 +227,7 @@
Patch29:mozilla-silence-no-return-type.patch
Patch30:mozilla-bmo1725828.patch
Patch31:mozilla-bmo531915.patch
+Patch32:mozilla-bmo1729124.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -357,6 +358,7 @@
%patch29 -p1
%patch30 -p1
%patch31 -p1
+%patch32 -p1
# Firefox
%patch101 -p1
%patch102 -p1
++ mozilla-bmo1729124.patch ++
# HG changeset patch
# User Zhao Jiazhong
# Date 1631000649 0
# Node ID eac40293649628d32911c909219d514bebb8ce63
# Parent 6582d77235867224aaf8621bad8ee167dfb31460
Bug 1729124 - [MIPS64][ARM64] Fix gcc build issue. r=lth
The SpecificRegs struct needs a constructor.
Differential Revision: https://phabricator.services.mozilla.com/D124535
diff --git a/js/src/wasm/WasmBCRegDefs.h b/js/src/wasm/WasmBCRegDefs.h
--- a/js/src/wasm/WasmBCRegDefs.h
+++ b/js/src/wasm/WasmBCRegDefs.h
@@ -374,25 +374,31 @@ struct SpecificRegs {
};
#elif defined(JS_CODEGEN_ARM)
struct SpecificRegs {
RegI64 abiReturnRegI64;
SpecificRegs() : abiReturnRegI64(ReturnReg64) {}
};
#elif defined(JS_CODEGEN_ARM64)
-struct SpecificRegs {};
+struct SpecificRegs {
+ // Required by gcc.
+ SpecificRegs() {}
+};
#elif defined(JS_CODEGEN_MIPS32)
struct SpecificRegs {
RegI64 abiReturnRegI64;
SpecificRegs() : abiReturnRegI64(ReturnReg64) {}
};
#elif defined(JS_CODEGEN_MIPS64)
-struct SpecificRegs {};
+struct SpecificRegs {
+ // Required by gcc.
+ SpecificRegs() {}
+};
#else
struct SpecificRegs {
# ifndef JS_64BIT
RegI64 abiReturnRegI64;
# endif
SpecificRegs() { MOZ_CRASH("BaseCompiler porting interface: SpecificRegs"); }
};
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-10-12 21:48:11
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2443 (New)
Package is "MozillaFirefox"
Tue Oct 12 21:48:11 2021 rev:346 rq:923417 version:93.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-09-30 23:43:49.936499394 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2443/MozillaFirefox.changes
2021-10-12 21:48:30.291798842 +0200
@@ -1,0 +2,40 @@
+Fri Oct 1 18:33:33 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 93.0
+ * supports the new AVIF image format
+ * PDF viewer now supports filling more forms (XFA-based forms)
+ * now blocks downloads that rely on insecure connections,
+protecting against potentially malicious or unsafe downloads
+ * Improved web compatibility for privacy protections with SmartBlock 3.0
+ * Introducing a new referrer tracking protection in Strict Tracking
+Protection and Private Browsing
+ * TLS ciphersuites that use 3DES have been disabled. Such
+ciphersuites can only be enabled when deprecated versions of
+TLS are also enabled
+ * The download panel now follows the Firefox visual styles
+ MFSA 2021-43 (bsc#1191332)
+ * CVE-2021-38496 (bmo#1725335)
+Use-after-free in MessageTask
+ * CVE-2021-38497 (bmo#1726621)
+Validation message could have been overlaid on another origin
+ * CVE-2021-38498 (bmo#1729642)
+Use-after-free of nsLanguageAtomService object
+ * CVE-2021-32810 (bmo#1729813)
+
https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw)
+Data race in crossbeam-deque
+ * CVE-2021-38500 (bmo#1725854, bmo#1728321)
+Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15,
+and Firefox ESR 91.2
+ * CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176)
+Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
+ * CVE-2021-38499 (bmo#1667102, bmo#1723170, bmo#1725356, bmo#1727364)
+Memory safety bugs fixed in Firefox 93
+- removed obsolete mozilla-bmo1708709.patch
+- require NSS >= 3.70
+- allow to override wayland detection by defining MOZ_ENABLE_WAYLAND
+ explicitely as 0 or 1
+- fix aarch64 build by updating constraints
+- add mozilla-bmo1725828.patch to fix widevine (bsc#1190842)
+- add mozilla-bmo531915.patch to fix build for i586
+
+---
Old:
firefox-92.0.1.source.tar.xz
firefox-92.0.1.source.tar.xz.asc
l10n-92.0.1.tar.xz
mozilla-bmo1708709.patch
New:
firefox-93.0.source.tar.xz
firefox-93.0.source.tar.xz.asc
l10n-93.0.tar.xz
mozilla-bmo1725828.patch
mozilla-bmo531915.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.iHXduP/_old 2021-10-12 21:48:45.531820659 +0200
+++ /var/tmp/diff_new_pack.iHXduP/_new 2021-10-12 21:48:45.531820659 +0200
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 92
-%define mainver%major.0.1
-%define orig_version 92.0.1
+%define major 93
+%define mainver%major.0
+%define orig_version 93.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -118,7 +118,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.32
-BuildRequires: mozilla-nss-devel >= 3.69.1
+BuildRequires: mozilla-nss-devel >= 3.70
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -224,8 +224,9 @@
Patch26:mozilla-bmo1626236.patch
Patch27:mozilla-s390x-skia-gradient.patch
Patch28:mozilla-libavcodec58_91.patch
-Patch29:mozilla-bmo1708709.patch
-Patch30:mozilla-silence-no-return-type.patch
+Patch29:mozilla-silence-no-return-type.patch
+Patch30:mozilla-bmo1725828.patch
+Patch31:mozilla-bmo531915.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -355,6 +356,7 @@
%patch28 -p1
%patch29 -p1
%patch30 -p1
+%patch31 -p1
# Firefox
%patch101 -p1
%patch102 -p1
++ _constraints ++
--- /var/tmp/diff_new_pack.iHXduP/_old 2021-10-12 21:48:45.647820825 +0200
+++ /var/tmp/diff_new_pack.iHXduP/_new 2021-10-12 21:48:45.651820831 +0200
@@ -35,13 +35,13 @@
4
-30
+36
1000
-9
+12
++ firefox-92.0.1.source.tar.xz -> firefox-93.0.source.tar.xz ++
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-09-30 23:43:12
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2443 (New)
Package is "MozillaFirefox"
Thu Sep 30 23:43:12 2021 rev:345 rq:921893 version:92.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-09-13 16:24:18.638729417 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2443/MozillaFirefox.changes
2021-09-30 23:43:49.936499394 +0200
@@ -1,0 +2,9 @@
+Sat Sep 25 10:10:56 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 92.0.1
+ * Fixed: Fixes an issue where audio playback was not working on
+some Linux systems (bmo#1730499)
+ * Fixed: Fixes issues with the findbar close button on
+different operating systems (bmo#1728368)
+
+---
Old:
firefox-92.0.source.tar.xz
firefox-92.0.source.tar.xz.asc
l10n-92.0.tar.xz
New:
firefox-92.0.1.source.tar.xz
firefox-92.0.1.source.tar.xz.asc
l10n-92.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.GCXuU0/_old 2021-09-30 23:44:00.964512021 +0200
+++ /var/tmp/diff_new_pack.GCXuU0/_new 2021-09-30 23:44:00.964512021 +0200
@@ -29,8 +29,8 @@
# major 69
# mainver %major.99
%define major 92
-%define mainver%major.0
-%define orig_version 92.0
+%define mainver%major.0.1
+%define orig_version 92.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-92.0.source.tar.xz -> firefox-92.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-92.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2443/firefox-92.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-92.0.tar.xz -> l10n-92.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.GCXuU0/_old 2021-09-30 23:44:01.252512350 +0200
+++ /var/tmp/diff_new_pack.GCXuU0/_new 2021-09-30 23:44:01.256512355 +0200
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="92.0"
+VERSION="92.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="91.0.2"
+PREV_VERSION="92.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="74a9748f90655e731a34c298948869e67ceaa102"
-RELEASE_TIMESTAMP="20210903235534"
+RELEASE_TAG="d7bbc5812f7f36a9378165fffd7a058ddb0118ec"
+RELEASE_TIMESTAMP="20210922161155"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-09-13 16:24:11
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899 (New)
Package is "MozillaFirefox"
Mon Sep 13 16:24:11 2021 rev:344 rq:917452 version:92.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-09-03 21:26:20.822187716 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/MozillaFirefox.changes
2021-09-13 16:24:18.638729417 +0200
@@ -1,0 +2,41 @@
+Mon Sep 6 10:16:28 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 92.0
+ * More secure connections: Firefox can now automatically upgrade to
+HTTPS using HTTPS RR as Alt-Svc headers
+ * Full-range color levels are now supported for video playback on
+many systems
+ MFSA 2021-38 (bsc#1190269)
+ * CVE-2021-29993 (bmo#1708544, bmo#1708767, bmo#1712240,
+bmo#1712242, bmo#1729259)
+Handling custom intents could lead to crashes and UI spoofs
+ * CVE-2021-38491 (bmo#1551886)
+Mixed-Content-Blocking was unable to check opaque origins
+ * CVE-2021-38492 (bmo#1721107)
+Navigating to `mk:` URL scheme could load Internet Explorer
+ * CVE-2021-38493 (bmo#1723391, bmo#1724101, bmo#1724107)
+Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and
+Firefox ESR 91.1
+ * CVE-2021-38494 (bmo#1723920, bmo#1725638)
+Memory safety bugs fixed in Firefox 92
+- updated appdata
+- remove mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
+ (does not apply anymore; unclear if obsolete)
+- bring back mozilla-silence-no-return-type.patch and
+ run post-build-checks everywhere again
+- requires NSS 3.69.1
+
+---
+Tue Aug 31 00:33:39 UTC 2021 - Atri Bhattacharya
+
+- Add mozilla-bmo1708709.patch: On [wayland] popup can be wrongly
+ repositioned due to rounding errors when font scaling != 1
+ (bmo#1708709); patch taken from upstream bug report and rebased
+ to apply cleanly against current version.
+
+---
+Sun Aug 29 14:45:29 UTC 2021 - Martin Li??ka
+
+- Bump using with GCC (tested locally).
+
+---
Old:
firefox-91.0.2.source.tar.xz
firefox-91.0.2.source.tar.xz.asc
l10n-91.0.2.tar.xz
mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
New:
firefox-92.0.source.tar.xz
firefox-92.0.source.tar.xz.asc
l10n-92.0.tar.xz
mozilla-bmo1708709.patch
mozilla-silence-no-return-type.patch
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.0PFJu6/_old 2021-09-13 16:24:29.794742314 +0200
+++ /var/tmp/diff_new_pack.0PFJu6/_new 2021-09-13 16:24:29.798742318 +0200
@@ -20,10 +20,6 @@
%define _dwz_low_mem_die_limit 4000
%define _dwz_max_die_limit 2
-%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150100
-#!BuildIgnore: post-build-checks
-%endif
-
# changed with every update
# orig_version vs. mainver: To have beta-builds
# FF70beta3 would be released as FF69.99
@@ -32,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 91
-%define mainver%major.0.2
-%define orig_version 91.0.2
+%define major 92
+%define mainver%major.0
+%define orig_version 92.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -44,7 +40,7 @@
%define do_profiling 0
# upstream default is clang (to use gcc for large parts set to 0)
-%define clang_build1
+%define clang_build0
# PIE, full relro
%define build_hardened 1
@@ -66,9 +62,9 @@
# general build definitions
%define progname firefox
+%define appname Firefox
%define pkgname MozillaFirefox
%define srcname firefox
-%define appname Firefox
%define progdir %{_prefix}/%_lib/%{progname}
%define gnome_dir %{_prefix}
%define desktop_file_name %{progname}
@@ -122,7 +118,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.32
-BuildRequires: mozilla-nss-devel >= 3.68
+BuildRequires: mozilla-nss-devel >= 3.69.1
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -211,7 +207,6 @@
Patch4: mozilla-aarch64-startup-crash.patch
Patch6: mozilla-sandbox-fips.patch
Patch7: mozilla-fix-aarch64-libopus.patch
-Patch8: mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
Patch9: mozilla-s390-context.patch
Patch10:
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-09-03 21:25:43
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899 (New)
Package is "MozillaFirefox"
Fri Sep 3 21:25:43 2021 rev:343 rq:914799 version:91.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-08-19 10:01:36.483220962 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/MozillaFirefox.changes
2021-09-03 21:26:20.822187716 +0200
@@ -1,0 +2,8 @@
+Fri Aug 27 22:47:48 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 91.0.2:
+ * Fixed: Firefox no longer clears authentication data when
+purging trackers, to avoid repeatedly prompting for a
+password (bmo#1721084)
+
+---
Old:
firefox-91.0.1.source.tar.xz
firefox-91.0.1.source.tar.xz.asc
l10n-91.0.1.tar.xz
New:
firefox-91.0.2.source.tar.xz
firefox-91.0.2.source.tar.xz.asc
l10n-91.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.jA3Wy7/_old 2021-09-03 21:26:32.338199727 +0200
+++ /var/tmp/diff_new_pack.jA3Wy7/_new 2021-09-03 21:26:32.342199732 +0200
@@ -33,8 +33,8 @@
# major 69
# mainver %major.99
%define major 91
-%define mainver%major.0.1
-%define orig_version 91.0.1
+%define mainver%major.0.2
+%define orig_version 91.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-91.0.1.source.tar.xz -> firefox-91.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-91.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/firefox-91.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-91.0.1.tar.xz -> l10n-91.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.jA3Wy7/_old 2021-09-03 21:26:32.698200102 +0200
+++ /var/tmp/diff_new_pack.jA3Wy7/_new 2021-09-03 21:26:32.702200107 +0200
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="91.0.1"
+VERSION="91.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="91.0"
+PREV_VERSION="91.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="7dafd5f51c0afd1ae627bb4762ac0c140a6cd5f5"
-RELEASE_TIMESTAMP="20210816143654"
+RELEASE_TAG="1aa232202866276c3ee7a2748b2bb291bf4fe6fa"
+RELEASE_TIMESTAMP="20210823123856"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-08-19 10:00:42
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899 (New)
Package is "MozillaFirefox"
Thu Aug 19 10:00:42 2021 rev:342 rq:912837 version:91.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-07-29 21:31:09.340830788 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/MozillaFirefox.changes
2021-08-19 10:01:36.483220962 +0200
@@ -1,0 +2,54 @@
+Wed Aug 18 06:34:01 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 91.0.1
+ * Fixed an issue causing buttons on the tab bar to be resized when
+loading certain websites (bmo#1704404)
+ * Fixed an issue which caused tabs from private windows to be
+visible in non-private windows when viewing switch-to-tab results
+in the address bar panel (bmo#1720369)
+ * Various stability fixes
+ MFSA 2021-37 (bsc#1189547)
+ * CVE-2021-29991 (bmo#1724896)
+Header Splitting possible with HTTP/3 Responses
+
+---
+Mon Aug 9 14:55:22 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 91.0
+ MFSA 2021-33 (bsc#1188891)
+ * CVE-2021-29986 (bmo#1696138)
+Race condition when resolving DNS names could have led to
+memory corruption
+ * CVE-2021-29981 (bmo#1707774)
+Live range splitting could have led to conflicting
+assignments in the JIT
+ * CVE-2021-29988 (bmo#1717922)
+Memory corruption as a result of incorrect style treatment
+ * CVE-2021-29983 (bmo#1719088)
+Firefox for Android could get stuck in fullscreen mode
+ * CVE-2021-29984 (bmo#1720031)
+Incorrect instruction reordering during JIT optimization
+ * CVE-2021-29980 (bmo#1722204)
+Uninitialized memory in a canvas object could have led to
+memory corruption
+ * CVE-2021-29987 (bmo#1716129)
+Users could have been tricked into accepting unwanted
+permissions on Linux
+ * CVE-2021-29985 (bmo#1722083)
+Use-after-free media channels
+ * CVE-2021-29982 (bmo#1715318)
+Single bit data leak due to incorrect JIT optimization and
+type confusion
+ * CVE-2021-29989 (bmo#1662676, bmo#1666184, bmo#1719178,
+bmo#1719998, bmo#1720568)
+Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
+ * CVE-2021-29990 (bmo#1544190, bmo#1716481, bmo#1717778,
+bmo#1719319, bmo#1722073)
+Memory safety bugs fixed in Firefox 91
+- requires
+ * rustc/cargo >= 1.51
+ * NSPR >= 4.32
+ * NSS >= 3.68
+- force-disable webrender on BE platforms
+
+---
Old:
firefox-90.0.2.source.tar.xz
firefox-90.0.2.source.tar.xz.asc
l10n-90.0.2.tar.xz
New:
firefox-91.0.1.source.tar.xz
firefox-91.0.1.source.tar.xz.asc
l10n-91.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.1AJX8K/_old 2021-08-19 10:01:47.355207747 +0200
+++ /var/tmp/diff_new_pack.1AJX8K/_new 2021-08-19 10:01:47.359207742 +0200
@@ -32,9 +32,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 90
-%define mainver%major.0.2
-%define orig_version 90.0.2
+%define major 91
+%define mainver%major.0.1
+%define orig_version 91.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -54,6 +54,9 @@
# define if ccache should be used or not
%define useccache 1
+# SLE-12 doesn't have this macro
+%{!?_rpmmacrodir: %global _rpmmacrodir %{_rpmconfigdir}/macros.d}
+
# Firefox only supports i686
%ifarch %ix86
ExclusiveArch: i586 i686
@@ -100,7 +103,15 @@
%else
BuildRequires: gcc-c++
%endif
-BuildRequires: cargo >= 1.47
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300
+BuildRequires: cargo >= 1.51
+BuildRequires: rust >= 1.51
+%else
+# Newer sle/leap/tw use parallel versioned rust releases which have
+# a different method for provides that we can use to request a
+# specific version
+BuildRequires: rust+cargo >= 1.51
+%endif
%if 0%{useccache} != 0
BuildRequires: ccache
%endif
@@ -110,8 +121,8 @@
BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
-BuildRequires: mozilla-nspr-devel >= 4.31
-BuildRequires: mozilla-nss-devel >= 3.66
+BuildRequires: mozilla-nspr-devel >= 4.32
+BuildRequires: mozilla-nss-devel >= 3.68
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -121,7 +132,6 @@
BuildRequires: python3 >= 3.5
BuildRequires: python3-devel
%endif
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-07-29 21:30:54
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899 (New)
Package is "MozillaFirefox"
Thu Jul 29 21:30:54 2021 rev:341 rq:908075 version:90.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-07-22 22:42:47.467244328 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/MozillaFirefox.changes
2021-07-29 21:31:09.340830788 +0200
@@ -1,0 +2,9 @@
+Sat Jul 24 07:15:54 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 90.0.2:
+ * Changed: Updates to support DoH Canada rollout (bmo#1713036)
+ * Fixed: Fixed truncated output when printing (bmo#1720621)
+ * Fixed: Fixed menu styling on some Gtk themes (bmo#1720441,
+bmo#1720874)
+
+---
Old:
firefox-90.0.1.source.tar.xz
firefox-90.0.1.source.tar.xz.asc
l10n-90.0.1.tar.xz
New:
firefox-90.0.2.source.tar.xz
firefox-90.0.2.source.tar.xz.asc
l10n-90.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.jgdPsL/_old 2021-07-29 21:31:22.032815159 +0200
+++ /var/tmp/diff_new_pack.jgdPsL/_new 2021-07-29 21:31:22.032815159 +0200
@@ -33,8 +33,8 @@
# major 69
# mainver %major.99
%define major 90
-%define mainver%major.0.1
-%define orig_version 90.0.1
+%define mainver%major.0.2
+%define orig_version 90.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-90.0.1.source.tar.xz -> firefox-90.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-90.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/firefox-90.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-90.0.1.tar.xz -> l10n-90.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-90.0.1.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/l10n-90.0.2.tar.xz differ:
char 26, line 1
++ tar_stamps ++
--- /var/tmp/diff_new_pack.jgdPsL/_old 2021-07-29 21:31:22.572814495 +0200
+++ /var/tmp/diff_new_pack.jgdPsL/_new 2021-07-29 21:31:22.572814495 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="90.0.1"
+VERSION="90.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="90.0"
+PREV_VERSION="90.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="3d2c7096604506dc42cb52a2fe4981361fdbab46"
-RELEASE_TIMESTAMP="20210716144314"
+RELEASE_TAG="cda19fb46018c9cb8dc5e6127ebb2cfd04aa9be4"
+RELEASE_TIMESTAMP="20210721174149"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-07-22 22:42:34
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899 (New)
Package is "MozillaFirefox"
Thu Jul 22 22:42:34 2021 rev:340 rq:907201 version:90.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-07-17 23:36:51.941864745 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/MozillaFirefox.changes
2021-07-22 22:42:47.467244328 +0200
@@ -1,0 +2,12 @@
+Mon Jul 19 20:08:56 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 90.0.1 (boo#1188480):
+ * Fixed: Fixed busy looping processing some HTTP3 responses
+(bmo#1720079)
+ * Fixed: Fixed transient errors authenticating with some smart
+cards (bmo#1715325)
+ * Fixed: Fixed a rare crash on shutdown (bmo#1707057)
+ * Fixed: Fixed a race on startup that caused about:support to
+end up empty after upgrade (bmo#1717894, boo#1188330)
+
+---
Old:
firefox-90.0.source.tar.xz
firefox-90.0.source.tar.xz.asc
l10n-90.0.tar.xz
New:
firefox-90.0.1.source.tar.xz
firefox-90.0.1.source.tar.xz.asc
l10n-90.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.bKLamu/_old 2021-07-22 22:42:58.031230559 +0200
+++ /var/tmp/diff_new_pack.bKLamu/_new 2021-07-22 22:42:58.035230554 +0200
@@ -33,8 +33,8 @@
# major 69
# mainver %major.99
%define major 90
-%define mainver%major.0
-%define orig_version 90.0
+%define mainver%major.0.1
+%define orig_version 90.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-90.0.source.tar.xz -> firefox-90.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-90.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.1899/firefox-90.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-90.0.tar.xz -> l10n-90.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.bKLamu/_old 2021-07-22 22:42:58.383230100 +0200
+++ /var/tmp/diff_new_pack.bKLamu/_new 2021-07-22 22:42:58.383230100 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="90.0"
+VERSION="90.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="89.0.2"
+PREV_VERSION="90.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="47c82d2ce122eab0664b51c372d99fc868227506"
-RELEASE_TIMESTAMP="20210705185941"
+RELEASE_TAG="3d2c7096604506dc42cb52a2fe4981361fdbab46"
+RELEASE_TIMESTAMP="20210716144314"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-07-17 23:36:28
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2632 (New)
Package is "MozillaFirefox"
Sat Jul 17 23:36:28 2021 rev:339 rq:906586 version:90.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-06-25 15:01:44.960181686 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2632/MozillaFirefox.changes
2021-07-17 23:36:51.941864745 +0200
@@ -1,0 +2,35 @@
+Sun Jul 11 08:53:02 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 90.0
+ MFSA 2021-28 (bsc#1188275)
+ * CVE-2021-29970 (bmo#1709976)
+Use-after-free in accessibility features of a document
+ * CVE-2021-29971 (bmo#1713638)
+Granted permissions only compared host; omitting scheme and
+port on Android
+ * CVE-2021-30547 (bmo#1715766)
+Out of bounds write in ANGLE
+ * CVE-2021-29972 (bmo#1696816)
+Use of out-of-date library included use-after-free
+vulnerability
+ * CVE-2021-29973 (bmo#1701932)
+Password autofill on HTTP websites was enabled without user
+interaction on Android
+ * CVE-2021-29974 (bmo#1704843)
+HSTS errors could be overridden when network partitioning was
+enabled
+ * CVE-2021-29975 (bmo#1713259)
+Text message could be overlaid on top of another website
+ * CVE-2021-29976 (bmo#1700895, bmo#1703334, bmo#1706910,
+bmo#1711576, bmo#1714391)
+Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12
+ * CVE-2021-29977 (bmo#1665836, bmo#1686138, bmo#1704316,
+bmo#1706314, bmo#1709931, bmo#1712084, bmo#1712357,
+bmo#1714066)
+Memory safety bugs fixed in Firefox 90
+- requires
+ NSPR 4.31
+ NSS 3.66
+- Gtk2 support removed (was only for Flash plugin before)
+
+---
Old:
firefox-89.0.2.source.tar.xz
firefox-89.0.2.source.tar.xz.asc
l10n-89.0.2.tar.xz
New:
firefox-90.0.source.tar.xz
firefox-90.0.source.tar.xz.asc
l10n-90.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.MGmKpE/_old 2021-07-17 23:37:00.645797646 +0200
+++ /var/tmp/diff_new_pack.MGmKpE/_new 2021-07-17 23:37:00.645797646 +0200
@@ -32,9 +32,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 89
-%define mainver%major.0.2
-%define orig_version 89.0.2
+%define major 90
+%define mainver%major.0
+%define orig_version 90.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -110,8 +110,8 @@
BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
-BuildRequires: mozilla-nspr-devel >= 4.30
-BuildRequires: mozilla-nss-devel >= 3.64
+BuildRequires: mozilla-nspr-devel >= 4.31
+BuildRequires: mozilla-nss-devel >= 3.66
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -142,9 +142,7 @@
BuildRequires: pkgconfig(gdk-x11-2.0)
BuildRequires: pkgconfig(glib-2.0) >= 2.22
BuildRequires: pkgconfig(gobject-2.0)
-BuildRequires: pkgconfig(gtk+-2.0) >= 2.18.0
BuildRequires: pkgconfig(gtk+-3.0) >= 3.14.0
-BuildRequires: pkgconfig(gtk+-unix-print-2.0)
BuildRequires: pkgconfig(gtk+-unix-print-3.0)
BuildRequires: pkgconfig(libffi)
BuildRequires: pkgconfig(libpulse)
@@ -439,6 +437,7 @@
mk_add_options MOZ_MAKE_FLAGS=%{?jobs:-j%jobs}
mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj
. \$topsrcdir/browser/config/mozconfig
+ac_add_options --disable-bootstrap
ac_add_options --prefix=%{_prefix}
ac_add_options --libdir=%{_libdir}
ac_add_options --includedir=%{_includedir}
@@ -733,8 +732,6 @@
%dir %{progdir}/distribution/
%{progdir}/distribution/extensions/
%{progdir}/defaults/
-%dir %{progdir}/gtk2
-%{progdir}/gtk2/libmozgtk.so
%{progdir}/gmp-clearkey/
%attr(755,root,root) %{progdir}/%{progname}.sh
%{progdir}/%{progname}
++ firefox-89.0.2.source.tar.xz -> firefox-90.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-89.0.2.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2632/firefox-90.0.source.tar.xz
differ: char 15, line 1
++ l10n-89.0.2.tar.xz -> l10n-90.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-89.0.2.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2632/l10n-90.0.tar.xz differ:
char 26, line 1
++ mozilla-kde.patch ++
--- /var/tmp/diff_new_pack.MGmKpE/_old 2021-07-17 23:37:00.869795920 +0200
+++ /var/tmp/diff_new_pack.MGmKpE/_new 2021-07-17 23:37:00.869795920 +0200
@@ -3,7 +3,7 @@
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-06-25 15:01:12
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2625 (New)
Package is "MozillaFirefox"
Fri Jun 25 15:01:12 2021 rev:338 rq:901588 version:89.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-06-11 22:30:06.786071887 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2625/MozillaFirefox.changes
2021-06-25 15:01:44.960181686 +0200
@@ -1,0 +2,20 @@
+Wed Jun 23 16:54:20 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 89.0.2 (boo#1187648):
+ * Fix occasional hangs with Software WebRender on Linux (bmo#1708224)
+
+---
+Sat Jun 19 09:00:20 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 89.0.1 (boo#1187475):
+ * Updated translations, including full Spanish (Mexico)
+localization and other improvements (bmo#1714946)
+ * Fix various font related regressions (bmo#1694174)
+ * Linux: Fix performance and stability regressions with
+WebRender (bmo#1715895, bmo#1715902)
+ * Enterprise: Fix for the `DisableDeveloperTools` policy not
+having effect anymore (bmo#1715777)
+ * Linux: Fix broken scrollbars on some GTK themes (bmo#1714103)
+ * Various stability fixes
+
+---
Old:
firefox-89.0.source.tar.xz
firefox-89.0.source.tar.xz.asc
l10n-89.0.tar.xz
New:
firefox-89.0.2.source.tar.xz
firefox-89.0.2.source.tar.xz.asc
l10n-89.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.vYjxyt/_old 2021-06-25 15:01:56.068195236 +0200
+++ /var/tmp/diff_new_pack.vYjxyt/_new 2021-06-25 15:01:56.072195241 +0200
@@ -33,8 +33,8 @@
# major 69
# mainver %major.99
%define major 89
-%define mainver%major.0
-%define orig_version 89.0
+%define mainver%major.0.2
+%define orig_version 89.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-89.0.source.tar.xz -> firefox-89.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-89.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2625/firefox-89.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-89.0.tar.xz -> l10n-89.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-89.0.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2625/l10n-89.0.2.tar.xz differ:
char 26, line 1
++ tar_stamps ++
--- /var/tmp/diff_new_pack.vYjxyt/_old 2021-06-25 15:01:56.392195631 +0200
+++ /var/tmp/diff_new_pack.vYjxyt/_new 2021-06-25 15:01:56.396195636 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="89.0"
+VERSION="89.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="88.0.1"
+PREV_VERSION="89.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="1ce0b546a957ed918a0b1f5476786864fbce87e1"
-RELEASE_TIMESTAMP="20210527174632"
+RELEASE_TAG="9fcea995d1dabc5a4f4ef3811dc0e6e00d88cbe3"
+RELEASE_TIMESTAMP="20210622155641"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-06-11 22:29:58
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32437 (New)
Package is "MozillaFirefox"
Fri Jun 11 22:29:58 2021 rev:337 rq:897726 version:89.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-05-15 23:17:04.192529352 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.32437/MozillaFirefox.changes
2021-06-11 22:30:06.786071887 +0200
@@ -1,0 +2,39 @@
+Sat May 29 20:55:56 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 89.0
+ * UI redesign
+ * The Event Timing API is now supported
+ * The CSS forced-colors media query is now supported
+ MFSA 2021-23 (bsc#1186696)
+ * CVE-2021-29965 (bmo#1709257)
+Password Manager on Firefox for Android susceptible to domain
+spoofing
+ * CVE-2021-29960 (bmo#1675965)
+Filenames printed from private browsing mode incorrectly
+retained in preferences
+ * CVE-2021-29961 (bmo#1700235)
+Firefox UI spoof using `` elements and CSS scaling
+ * CVE-2021-29963 (bmo#1705068)
+Shared cookies for search suggestions in private browsing mode
+ * CVE-2021-29964 (bmo#1706501)
+Out of bounds-read when parsing a `WM_COPYDATA` message
+ * CVE-2021-29959 (bmo#1395819)
+Devices could be re-enabled without additional permission prompt
+ * CVE-2021-29962 (bmo#1701673)
+No rate-limiting for popups on Firefox for Android
+ * CVE-2021-29967 (bmo#1602862, bmo#1703191, bmo#1703760,
+bmo#1704722, bmo#1706041)
+Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11
+ * CVE-2021-29966 (bmo#1660307, bmo#1686154, bmo#1702948, bmo#1708124)
+Memory safety bugs fixed in Firefox 89
+- require
+ NSS >= 3.64
+ rust-cbindgen >= 0.19.0
+- do not rely on nodejs10 packagename anymore
+- updated mozilla.keyring
+- switched TW/x86_64 to clang as the last platform due to
+ https://bugs.gentoo.org/792705
+- but LTO with clang is broken in TW so disable LTO for it
+ https://bugs.llvm.org/show_bug.cgi?id=47872
+
+---
Old:
firefox-88.0.1.source.tar.xz
firefox-88.0.1.source.tar.xz.asc
l10n-88.0.1.tar.xz
New:
firefox-89.0.source.tar.xz
firefox-89.0.source.tar.xz.asc
l10n-89.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.W676yE/_old 2021-06-11 22:30:15.462086921 +0200
+++ /var/tmp/diff_new_pack.W676yE/_new 2021-06-11 22:30:15.462086921 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package MozillaFirefox
+# spec file
#
# Copyright (c) 2021 SUSE LLC
# 2006-2021 Wolfgang Rosenauer
@@ -32,9 +32,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 88
-%define mainver%major.0.1
-%define orig_version 88.0.1
+%define major 89
+%define mainver%major.0
+%define orig_version 89.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -45,13 +45,6 @@
# upstream default is clang (to use gcc for large parts set to 0)
%define clang_build1
-%if 0%{?is_opensuse} && 0%{?suse_version} >= 1550
-%ifarch x86_64
-# on Tumbleweed/x86_64 this does not work due to undefined
-# references to `__rust_probestack'
-%define clang_build0
-%endif
-%endif
# PIE, full relro
%define build_hardened 1
@@ -118,9 +111,9 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.30
-BuildRequires: mozilla-nss-devel >= 3.63.1
+BuildRequires: mozilla-nss-devel >= 3.64
BuildRequires: nasm >= 2.14
-BuildRequires: nodejs10 >= 10.22.1
+BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
BuildRequires: python-libxml2
BuildRequires: python36
@@ -129,7 +122,7 @@
BuildRequires: python3-devel
%endif
BuildRequires: rust >= 1.47
-BuildRequires: rust-cbindgen >= 0.16.0
+BuildRequires: rust-cbindgen >= 0.19.0
BuildRequires: unzip
BuildRequires: update-desktop-files
BuildRequires: xorg-x11-libXt-devel
@@ -512,7 +505,7 @@
%endif
%ifarch x86_64
# LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506)
-%if 0%{?suse_version} > 1500
+%if 0%{?suse_version} > 1500 && 0%{?suse_version} < 1550
ac_add_options --enable-lto
%if 0%{?do_profiling}
ac_add_options MOZ_PGO=1
++ firefox-88.0.1.source.tar.xz -> firefox-89.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-88.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.32437/firefox-89.0.source.tar.xz
differ: char 15, line 1
++
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2021-05-15 23:15:58 Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2988 (New) Package is "MozillaFirefox" Sat May 15 23:15:58 2021 rev:336 rq:892688 version:88.0.1 Changes: --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2021-05-08 22:07:00.545848728 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2988/MozillaFirefox.changes 2021-05-15 23:17:04.192529352 +0200 @@ -1,0 +2,5 @@ +Thu May 6 13:40:10 UTC 2021 - Guillaume GARDET + +- Relax RAM and disk constraints for aarch64 + +--- Other differences: -- ++ _constraints ++ --- /var/tmp/diff_new_pack.dY30PE/_old 2021-05-15 23:17:06.152521698 +0200 +++ /var/tmp/diff_new_pack.dY30PE/_new 2021-05-15 23:17:06.156521682 +0200 @@ -34,11 +34,14 @@ 4 + +30 + 1000 -12 +9
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-05-08 22:06:59
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2988 (New)
Package is "MozillaFirefox"
Sat May 8 22:06:59 2021 rev:335 rq:890833 version:88.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-05-05 20:39:08.547137318 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2988/MozillaFirefox.changes
2021-05-08 22:07:00.545848728 +0200
@@ -1,0 +2,17 @@
+Wed May 5 15:13:20 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 88.0.1
+ * Fixed: Resolved an issue caused by a recent Widevine plugin
+update which prevented some purchased video content from
+playing correctly (bmo#1705138)
+ * Fixed: Fixed corruption of videos playing on Twitter or
+WebRTC calls on some Gen6 Intel graphics chipsets
+(bmo#1708937)
+ * Fixed: Fixed menulists in Preferences being unreadable for
+users with High Contrast Mode enabled (bmo#1706496)
+ MFSA 2021-20 (bsc#1185633)
+ * CVE-2021-29952 (bmo#1704227)
+Race condition in Web Render Components
+- devel package: move macros to /usr/lib/rpm/macros.d (boo#1185658)
+
+---
Old:
firefox-88.0.source.tar.xz
firefox-88.0.source.tar.xz.asc
l10n-88.0.tar.xz
New:
firefox-88.0.1.source.tar.xz
firefox-88.0.1.source.tar.xz.asc
l10n-88.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Gpb1th/_old 2021-05-08 22:07:09.137811519 +0200
+++ /var/tmp/diff_new_pack.Gpb1th/_new 2021-05-08 22:07:09.141811501 +0200
@@ -33,8 +33,8 @@
# major 69
# mainver %major.99
%define major 88
-%define mainver%major.0
-%define orig_version 88.0
+%define mainver%major.0.1
+%define orig_version 88.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -687,8 +687,8 @@
mkdir -p %{buildroot}%{_bindir}
install -m 755 %SOURCE12 %{buildroot}%{_bindir}
# inspired by mandriva
-mkdir -p %{buildroot}%{_sysconfdir}/rpm
-cat <<'FIN' >%{buildroot}%{_sysconfdir}/rpm/macros.%{progname}
+mkdir -p %{buildroot}%{_rpmmacrodir}
+cat <<'FIN' >%{buildroot}%{_rpmmacrodir}/macros.%{progname}
# Macros from %{name} package
%%firefox_major %{major}
%%firefox_version%{version}
@@ -781,7 +781,7 @@
%files devel
%defattr(-,root,root)
%{_bindir}/mozilla-get-app-id
-%config %{_sysconfdir}/rpm/macros.%{progname}
+%{_rpmmacrodir}/macros.%{progname}
%endif
%if %localize
++ firefox-88.0.source.tar.xz -> firefox-88.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-88.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2988/firefox-88.0.1.source.tar.xz
differ: char 16, line 1
++ l10n-88.0.tar.xz -> l10n-88.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.Gpb1th/_old 2021-05-08 22:07:09.457810133 +0200
+++ /var/tmp/diff_new_pack.Gpb1th/_new 2021-05-08 22:07:09.457810133 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="88.0"
+VERSION="88.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="87.0"
+PREV_VERSION="88.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="38ee7c9c51c5c95d854c6e9eaa962f21d4f17753"
-RELEASE_TIMESTAMP="20210415204500"
+RELEASE_TAG="179e1482851c07d65bf29a21c9e42ea312fc87fa"
+RELEASE_TIMESTAMP="20210504152106"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-05-05 20:39:06
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2988 (New)
Package is "MozillaFirefox"
Wed May 5 20:39:06 2021 rev:334 rq:889851 version:88.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-04-23 17:49:54.410720024 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2988/MozillaFirefox.changes
2021-05-05 20:39:08.547137318 +0200
@@ -1,0 +2,5 @@
+Sun May 2 12:03:26 UTC 2021 - Wolfgang Rosenauer
+
+- add compatibility for libavcodec58_134
+
+---
Other differences:
--
++ mozilla-libavcodec58_91.patch ++
--- /var/tmp/diff_new_pack.MuYEOy/_old 2021-05-05 20:39:11.319125422 +0200
+++ /var/tmp/diff_new_pack.MuYEOy/_new 2021-05-05 20:39:11.323125405 +0200
@@ -1,20 +1,34 @@
-Index: firefox-78.0.2/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
-===
firefox-78.0.2.orig/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
-+++ firefox-78.0.2/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
-@@ -30,6 +30,7 @@ static FFmpegLibWrapper sLibAV;
+# HG changeset patch
+# Parent e4abeadbbb7a0c63c17177f1d14ea04c77c6128e
+
+diff --git a/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
b/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
+--- a/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
b/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
+@@ -22,23 +22,27 @@ class FFmpegDecoderModule {
+ static already_AddRefed Create(FFmpegLibWrapper*);
+ };
+
+ static FFmpegLibWrapper sLibAV;
+
static const char* sLibs[] = {
// clang-format off
#if defined(XP_DARWIN)
++ "libavcodec.58.134.dylib",
+ "libavcodec.58.91.dylib",
"libavcodec.58.dylib",
"libavcodec.57.dylib",
"libavcodec.56.dylib",
-@@ -37,6 +38,7 @@ static const char* sLibs[] = {
+ "libavcodec.55.dylib",
"libavcodec.54.dylib",
"libavcodec.53.dylib",
#else
++ "libavcodec.so.58.134",
+ "libavcodec.so.58.91",
"libavcodec.so.58",
"libavcodec-ffmpeg.so.58",
"libavcodec-ffmpeg.so.57",
+ "libavcodec-ffmpeg.so.56",
+ "libavcodec.so.57",
+ "libavcodec.so.56",
+ "libavcodec.so.55",
+ "libavcodec.so.54",
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-04-23 17:49:47
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.12324 (New)
Package is "MozillaFirefox"
Fri Apr 23 17:49:47 2021 rev:333 rq:886904 version:88.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-04-06 17:30:35.531178775 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.12324/MozillaFirefox.changes
2021-04-23 17:49:54.410720024 +0200
@@ -1,0 +2,74 @@
+Sun Apr 18 09:01:32 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 88.0
+ * New: PDF forms now support JavaScript embedded in PDF files.
+Some PDF forms use JavaScript for validation and other
+interactive features
+ * New: Print updates: Margin units are now localized
+ * New: Smooth pinch-zooming using a touchpad is now supported
+on Linux
+ * New: To protect against cross-site privacy leaks, Firefox now
+isolates window.name data to the website that created it.
+Learn more
+ * Changed: Firefox will not prompt for access to your
+microphone or camera if you???ve already granted access to the
+same device on the same site in the same tab within the past
+50 seconds. This new grace period reduces the number of times
+you???re prompted to grant device access
+ * Changed: The ???Take a Screenshot??? feature was removed from the
+Page Actions menu in the url bar. To take a screenshot,
+right-click to open the context menu. You can also add a
+screenshots shortcut directly to your toolbar via the
+Customize menu. Open the Firefox menu and select Customize???
+ * Changed: FTP support has been disabled, and its full removal
+is planned for an upcoming release. Addressing this security
+risk reduces the likelihood of an attack while also removing
+support for a non-encrypted protocol
+ * Developer: Introduced a new toggle button in the Network
+panel for switching between JSON formatted HTTP response and
+raw data (as received over the wire).
+!enter image description here
+ * Enterprise: Various bug fixes and new policies have been
+implemented in the latest version of Firefox. You can see
+more details in the Firefox for Enterprise 88 Release Notes.
+ * Fixed: Screen readers no longer incorrectly read content that
+websites have visually hidden, as in the case of articles in
+the Google Help panel
+ MFSA 2021-16 (bsc#1184960)
+ * CVE-2021-23994 (bmo#1699077)
+Out of bound write due to lazy initialization
+ * CVE-2021-23995 (bmo#1699835)
+Use-after-free in Responsive Design Mode
+ * CVE-2021-23996 (bmo#1701834)
+Content rendered outside of webpage viewport
+ * CVE-2021-23997 (bmo#1701942)
+Use-after-free when freeing fonts from cache
+ * CVE-2021-23998 (bmo#1667456)
+Secure Lock icon could have been spoofed
+ * CVE-2021-23999 (bmo#1691153)
+Blob URLs may have been granted additional privileges
+ * CVE-2021-24000 (bmo#1694698)
+requestPointerLock() could be applied to a tab different from
+the visible tab
+ * CVE-2021-24001 (bmo#1694727)
+Testing code could have enabled session history manipulations
+by a compromised content process
+ * CVE-2021-24002 (bmo#1702374)
+Arbitrary FTP command execution on FTP servers using an
+encoded URL
+ * CVE-2021-29945 (bmo#1700690)
+Incorrect size computation in WebAssembly JIT could lead to
+null-reads
+ * CVE-2021-29944 (bmo#1697604)
+HTML injection vulnerability in Firefox for Android's Reader View
+ * CVE-2021-29946 (bmo#1698503)
+Port blocking could be bypassed
+ * CVE-2021-29947 (bmo#1651449, bmo#1674142, bmo#1693476,
+bmo#1696886, bmo#1700091)
+Memory safety bugs fixed in Firefox 88
+- requires
+ * NSPR 4.30
+ * NSS 3.63.1
+- align wayland support logic
+
+---
Old:
firefox-87.0.source.tar.xz
firefox-87.0.source.tar.xz.asc
l10n-87.0.tar.xz
New:
firefox-88.0.source.tar.xz
firefox-88.0.source.tar.xz.asc
l10n-88.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.wbsVjy/_old 2021-04-23 17:50:03.570735772 +0200
+++ /var/tmp/diff_new_pack.wbsVjy/_new 2021-04-23 17:50:03.574735780 +0200
@@ -32,9 +32,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 87
+%define major 88
%define mainver%major.0
-%define orig_version 87.0
+%define orig_version 88.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -85,11
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-04-06 17:29:23
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2401 (New)
Package is "MozillaFirefox"
Tue Apr 6 17:29:23 2021 rev:332 rq:881766 version:87.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-03-16 15:43:14.540925599 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2401/MozillaFirefox.changes
2021-04-06 17:30:35.531178775 +0200
@@ -1,0 +2,44 @@
+Sat Mar 27 10:40:46 UTC 2021 - Manfred Hollstein
+
+- Switch to clang_build globally; just on TW/x86_64 it does not work
+ due to unreolved externals `__rust_probestack' - disable clang_build
+ then.
+- useccache: Add conditionals to enable/disable ccache.
+
+---
+Tue Mar 23 16:42:19 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 87.0
+ * requires NSS 3.62
+ * removed obsolete BigEndian ICU build workaround
+ * rebased patches
+ MFSA 2021-10 (bsc#1183942)
+ * CVE-2021-23981 (bmo#1692832)
+Texture upload into an unbound backing buffer resulted in an
+out-of-bound read
+ * CVE-2021-23982 (bmo#1677046)
+Internal network hosts could have been probed by a malicious
+webpage
+ * CVE-2021-23983 (bmo#1692684)
+Transitions for invalid ::marker properties resulted in memory
+corruption
+ * CVE-2021-23984 (bmo#1693664)
+Malicious extensions could have spoofed popup information
+ * CVE-2021-23985 (bmo#1659129)
+Devtools remote debugging feature could have been enabled
+without indication to the user
+ * CVE-2021-23986 (bmo#1692623)
+A malicious extension could have performed credential-less
+same origin policy violations
+ * CVE-2021-23987 (bmo#1513519, bmo#1683439, bmo#1690169,
+bmo#1690718)
+Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
+ * CVE-2021-23988 (bmo#1684994, bmo#1686653)
+Memory safety bugs fixed in Firefox 87
+
+---
+Tue Mar 16 14:26:35 UTC 2021 - Martin Li??ka
+
+- Set memory limits for DWZ to 4x.
+
+---
Old:
firefox-86.0.1.source.tar.xz
firefox-86.0.1.source.tar.xz.asc
l10n-86.0.1.tar.xz
New:
firefox-87.0.source.tar.xz
firefox-87.0.source.tar.xz.asc
l10n-87.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.ztvVuN/_old 2021-04-06 17:30:51.867197251 +0200
+++ /var/tmp/diff_new_pack.ztvVuN/_new 2021-04-06 17:30:51.871197256 +0200
@@ -17,6 +17,9 @@
#
+%define _dwz_low_mem_die_limit 4000
+%define _dwz_max_die_limit 2
+
%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150100
#!BuildIgnore: post-build-checks
%endif
@@ -29,9 +32,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 86
-%define mainver%major.0.1
-%define orig_version 86.0.1
+%define major 87
+%define mainver%major.0
+%define orig_version 87.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -41,13 +44,23 @@
%define do_profiling 0
# upstream default is clang (to use gcc for large parts set to 0)
+%define clang_build1
+%if 0%{?is_opensuse} && 0%{?suse_version} >= 1550
+%ifarch x86_64
+# on Tumbleweed/x86_64 this does not work due to undefined
+# references to `__rust_probestack'
%define clang_build 0
+%endif
+%endif
# PIE, full relro
%define build_hardened 1
%bcond_with only_print_mozconfig
+# define if ccache should be used or not
+%define useccache 1
+
# Firefox only supports i686
%ifarch %ix86
ExclusiveArch: i586 i686
@@ -93,7 +106,9 @@
BuildRequires: gcc-c++
%endif
BuildRequires: cargo >= 1.47
+%if 0%{useccache} != 0
BuildRequires: ccache
+%endif
BuildRequires: libXcomposite-devel
BuildRequires: libcurl-devel
BuildRequires: libidl-devel
@@ -101,7 +116,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.29
-BuildRequires: mozilla-nss-devel >= 3.61
+BuildRequires: mozilla-nss-devel >= 3.62
BuildRequires: nasm >= 2.14
BuildRequires: nodejs10 >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -452,7 +467,9 @@
#%endif
ac_add_options --with-system-nspr
ac_add_options --with-system-nss
+%if 0%{useccache} != 0
ac_add_options --with-ccache
+%endif
%if %{localize}
ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
%endif
@@ -502,17 +519,9 @@
%endif
EOF
%if !%{with only_print_mozconfig}
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-03-16 15:41:58
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2401 (New)
Package is "MozillaFirefox"
Tue Mar 16 15:41:58 2021 rev:331 rq:878728 version:86.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-03-02 12:30:36.363588331 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2401/MozillaFirefox.changes
2021-03-16 15:43:14.540925599 +0100
@@ -1,0 +2,15 @@
+Sat Mar 13 08:23:06 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 86.0.1
+ * Fixed: Fixed an issue on Apple Silicon machines that caused
+Firefox to be unresponsive after system sleep (bmo#1682713)
+ * Fixed: Fixed an issue causing windows to gain or lose focus
+unexpectedly (bmo#1694927)
+ * Fixed: Fixed truncation of date and time widgets due to
+incorrect width calculation (bmo#1695578)
+ * Fixed: Fixed an issue causing unexpected behavior with
+extensions managing tab groups (bmo#1694699)
+ * Fixed: Fixed a frequent Linux crash on browser launch
+(bmo#1694670)
+
+---
Old:
firefox-86.0.source.tar.xz
firefox-86.0.source.tar.xz.asc
l10n-86.0.tar.xz
New:
firefox-86.0.1.source.tar.xz
firefox-86.0.1.source.tar.xz.asc
l10n-86.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.LEapxq/_old 2021-03-16 15:43:36.156960194 +0100
+++ /var/tmp/diff_new_pack.LEapxq/_new 2021-03-16 15:43:36.160960200 +0100
@@ -30,8 +30,8 @@
# major 69
# mainver %major.99
%define major 86
-%define mainver%major.0
-%define orig_version 86.0
+%define mainver%major.0.1
+%define orig_version 86.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-86.0.source.tar.xz -> firefox-86.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-86.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2401/firefox-86.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-86.0.tar.xz -> l10n-86.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.LEapxq/_old 2021-03-16 15:43:36.544960815 +0100
+++ /var/tmp/diff_new_pack.LEapxq/_new 2021-03-16 15:43:36.548960821 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="86.0"
+VERSION="86.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="85.0.2"
+PREV_VERSION="86.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="89345511871ef6489580b994be21189e84462393"
-RELEASE_TIMESTAMP="20210222142601"
+RELEASE_TAG="79d8545221202e234cf587c0b36c9aaa6cdc3a41"
+RELEASE_TIMESTAMP="20210310152336"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-03-02 12:27:21
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2378 (New)
Package is "MozillaFirefox"
Tue Mar 2 12:27:21 2021 rev:330 rq:874847 version:86.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-02-22 14:58:15.397780500 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2378/MozillaFirefox.changes
2021-03-02 12:30:36.363588331 +0100
@@ -1,0 +2,53 @@
+Sun Feb 21 18:14:12 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 86.0
+ * requires NSS >= 3.61
+ * requires rust-cbindgen >= 0.16.0
+ * Firefox now supports simultaneously watching multiple videos in
+Picture-in-Picture.
+ * Total Cookie Protection to Strict Mode
+ * https://www.mozilla.org/en-US/firefox/86.0/releasenotes
+ MSFA 2021-07 (bsc#1182614)
+ * CVE-2021-23969 (bmo#1542194)
+Content Security Policy violation report could have contained
+the destination of a redirect
+ * CVE-2021-23970 (bmo#1681724)
+Multithreaded WASM triggered assertions validating separation
+of script domains
+ * CVE-2021-23968 (bmo#1687342)
+Content Security Policy violation report could have contained
+the destination of a redirect
+ * CVE-2021-23974 (bmo#1528997, bmo#1683627)
+noscript elements could have led to an HTML Sanitizer bypass
+ * CVE-2021-23971 (bmo#1678545)
+A website's Referrer-Policy could have been be overridden,
+potentially resulting in the full URL being sent as a Referrer
+ * CVE-2021-23976 (bmo#1684627)
+Local spoofing of web manifests for arbitrary pages in
+Firefox for Android
+ * CVE-2021-23977 (bmo#1684761)
+Malicious application could read sensitive data from Firefox
+for Android's application directories
+ * CVE-2021-23972 (bmo#1683536)
+HTTP Auth phishing warning was omitted when a redirect is
+cached
+ * CVE-2021-23975 (bmo#1685145)
+about:memory Measure function caused an incorrect pointer
+operation
+ * CVE-2021-23973 (bmo#1690976)
+MediaError message property could have leaked information
+about cross-origin resources
+ * CVE-2021-23978 (bmo#1682928, bmo#1687391, bmo#1687597, bmo#786797)
+Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
+ * CVE-2021-23979 (bmo#1663222, bmo#107, bmo#1672120, bmo#1678463,
+bmo#1678927, bmo#1679560, bmo#1681297, bmo#1681684, bmo#1683490,
+bmo#1684377, bmo#1684902)
+Memory safety bugs fixed in Firefox 86
+- updated create-tar.sh (bsc#1182357)
+- removed obsolete mozilla-bmo1554971.patch
+- remove buildsymbols subpackage
+ * we haven't done anything with it for years
+ * mozilla is collecting those from our debuginfo packages
+ * would require a local dump_syms tool
+
+---
Old:
firefox-85.0.2.source.tar.xz
firefox-85.0.2.source.tar.xz.asc
l10n-85.0.2.tar.xz
mozilla-bmo1554971.patch
New:
firefox-86.0.source.tar.xz
firefox-86.0.source.tar.xz.asc
l10n-86.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.XzLTSS/_old 2021-03-02 12:30:52.799599737 +0100
+++ /var/tmp/diff_new_pack.XzLTSS/_new 2021-03-02 12:30:52.803599740 +0100
@@ -29,9 +29,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 85
-%define mainver%major.0.2
-%define orig_version 85.0.2
+%define major 86
+%define mainver%major.0
+%define orig_version 86.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -101,7 +101,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.29
-BuildRequires: mozilla-nss-devel >= 3.60.1
+BuildRequires: mozilla-nss-devel >= 3.61
BuildRequires: nasm >= 2.14
BuildRequires: nodejs10 >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -112,7 +112,7 @@
BuildRequires: python3-devel
%endif
BuildRequires: rust >= 1.47
-BuildRequires: rust-cbindgen >= 0.15.0
+BuildRequires: rust-cbindgen >= 0.16.0
BuildRequires: unzip
BuildRequires: update-desktop-files
BuildRequires: xorg-x11-libXt-devel
@@ -175,7 +175,7 @@
Source11: firefox.1
Source12: mozilla-get-app-id
Source13: spellcheck.js
-Source14:
https://github.com/openSUSE/firefox-scripts/raw/5e54f4a/create-tar.sh
+Source14:
https://github.com/openSUSE/firefox-scripts/raw/4503820/create-tar.sh
Source15: firefox-appdata.xml
Source16: %{name}.changes
Source17:
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-02-22 14:58:12
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2378 (New)
Package is "MozillaFirefox"
Mon Feb 22 14:58:12 2021 rev:329 rq:873231 version:85.0.2
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-02-15 23:10:52.074908987 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2378/MozillaFirefox.changes
2021-02-22 14:58:15.397780500 +0100
@@ -1,0 +2,11 @@
+Wed Feb 17 18:40:41 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 85.0.2
+ * Fixed: Fixed a deadlock during startup (bmo#1679933)
+
+---
+Wed Feb 17 11:19:01 UTC 2021 - Michel Normand
+
+- Use %limit_build macros for PowerPC to avoid oom build failure
+
+---
Old:
firefox-85.0.1.source.tar.xz
firefox-85.0.1.source.tar.xz.asc
l10n-85.0.1.tar.xz
New:
firefox-85.0.2.source.tar.xz
firefox-85.0.2.source.tar.xz.asc
l10n-85.0.2.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.5WFBrA/_old 2021-02-22 14:58:50.221820833 +0100
+++ /var/tmp/diff_new_pack.5WFBrA/_new 2021-02-22 14:58:50.225820837 +0100
@@ -30,8 +30,8 @@
# major 69
# mainver %major.99
%define major 85
-%define mainver%major.0.1
-%define orig_version 85.0.1
+%define mainver%major.0.2
+%define orig_version 85.0.2
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -431,7 +431,7 @@
echo ""
cat << EOF
%else
-%ifarch aarch64 %arm
+%ifarch aarch64 %arm ppc64 ppc64le
%limit_build -m 2000
%endif
cat << EOF > $MOZCONFIG
++ firefox-85.0.1.source.tar.xz -> firefox-85.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-85.0.1.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2378/firefox-85.0.2.source.tar.xz
differ: char 15, line 1
++ l10n-85.0.1.tar.xz -> l10n-85.0.2.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.5WFBrA/_old 2021-02-22 14:58:50.581821250 +0100
+++ /var/tmp/diff_new_pack.5WFBrA/_new 2021-02-22 14:58:50.581821250 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="85.0.1"
+VERSION="85.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="85.0"
+PREV_VERSION="85.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="30fa4718813e735a3b4a0a5135352bfe2a655a8b"
-RELEASE_TIMESTAMP="20210204182252"
+RELEASE_TAG="f48eab99cc33d79d1ad62211c1f8d9d9c1cb6727"
+RELEASE_TIMESTAMP="20210208133944"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-02-15 23:10:49
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28504 (New)
Package is "MozillaFirefox"
Mon Feb 15 23:10:49 2021 rev:328 rq:870519 version:85.0.1
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-01-29 14:55:48.209395196 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28504/MozillaFirefox.changes
2021-02-15 23:10:52.074908987 +0100
@@ -1,0 +2,13 @@
+Tue Feb 9 09:05:26 UTC 2021 - Andreas Stieger
+
+- Mozilla Firefox 85.0.1
+ MFSA 2021-06 (bsc#1181848)
+ * MOZ-2021-0001 (bmo#1676636)
+Buffer overflow in depth pitch calculations for compressed
+textures
+ * Fixed: Avoid printing an extra blank page at the end of some
+documents (bmo#1689789).
+ * Fixed: Fixed a browser crash in case of unexpected Cache API
+state (bmo#1684838).
+
+---
Old:
firefox-85.0.source.tar.xz
firefox-85.0.source.tar.xz.asc
l10n-85.0.tar.xz
New:
firefox-85.0.1.source.tar.xz
firefox-85.0.1.source.tar.xz.asc
l10n-85.0.1.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Rk0zU7/_old 2021-02-15 23:12:48.343082642 +0100
+++ /var/tmp/diff_new_pack.Rk0zU7/_new 2021-02-15 23:12:48.347082648 +0100
@@ -30,8 +30,8 @@
# major 69
# mainver %major.99
%define major 85
-%define mainver%major.0
-%define orig_version 85.0
+%define mainver%major.0.1
+%define orig_version 85.0.1
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
++ firefox-85.0.source.tar.xz -> firefox-85.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-85.0.source.tar.xz
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.28504/firefox-85.0.1.source.tar.xz
differ: char 15, line 1
++ l10n-85.0.tar.xz -> l10n-85.0.1.tar.xz ++
++ tar_stamps ++
--- /var/tmp/diff_new_pack.Rk0zU7/_old 2021-02-15 23:12:48.695083167 +0100
+++ /var/tmp/diff_new_pack.Rk0zU7/_new 2021-02-15 23:12:48.699083174 +0100
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="85.0"
+VERSION="85.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="84.0.2"
+PREV_VERSION="85.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="cd908cffd02e1563b2218d985873f958a2e2c55d"
-RELEASE_TIMESTAMP="20210118153634"
+RELEASE_TAG="30fa4718813e735a3b4a0a5135352bfe2a655a8b"
+RELEASE_TIMESTAMP="20210204182252"
commit MozillaFirefox for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2021-01-29 14:55:31
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28504 (New)
Package is "MozillaFirefox"
Fri Jan 29 14:55:31 2021 rev:327 rq:867008 version:85.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2021-01-14 15:03:55.630646450 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28504/MozillaFirefox.changes
2021-01-29 14:55:48.209395196 +0100
@@ -1,0 +2,49 @@
+Sun Jan 24 11:53:58 UTC 2021 - Wolfgang Rosenauer
+
+- Mozilla Firefox 85.0
+ * Adobe Flash is completely history
+ * supercookie protection
+ * new bookmark handling and features
+ MFSA 2021-03 (bsc#1181414)
+ * CVE-2021-23953 (bmo#1683940)
+Cross-origin information leakage via redirected PDF requests
+ * CVE-2021-23954 (bmo#1684020)
+Type confusion when using logical assignment operators in
+JavaScript switch statements
+ * CVE-2021-23955 (bmo#1684837)
+Clickjacking across tabs through misusing requestPointerLock
+ * CVE-2021-23956 (bmo#1338637)
+File picker dialog could have been used to disclose a
+complete directory
+ * CVE-2021-23957 (bmo#1584582)
+Iframe sandbox could have been bypassed on Android via the
+intent URL scheme
+ * CVE-2021-23958 (bmo#1642747)
+Screen sharing permission leaked across tabs
+ * CVE-2021-23959 (bmo#1659035)
+Cross-Site Scripting in error pages on Firefox for Android
+ * CVE-2021-23960 (bmo#1675755)
+Use-after-poison for incorrectly redeclared JavaScript
+variables during GC
+ * CVE-2021-23961 (bmo#1677940)
+More internal network hosts could have been probed by a
+malicious webpage
+ * CVE-2021-23962 (bmo#1677194)
+Use-after-poison in
+nsTreeBodyFrame::RowCountChanged
+ * CVE-2021-23963 (bmo#1680793)
+Permission prompt inaccessible after asking for additional
+permissions
+ * CVE-2021-23964 (bmo#1662507, bmo#1666285, bmo#1673526, bmo#1674278,
+bmo#1674835, bmo#1675097, bmo#1675844, bmo#1675868, bmo#1677590,
+bmo#1677888, bmo#1680410, bmo#1681268, bmo#1682068, bmo#1682938,
+bmo#1683736, bmo#1685260, bmo#1685925)
+Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
+ * CVE-2021-23965 (bmo#1670378, bmo#1673555, bmo#1676812, bmo#1678582,
+bmo#1684497)
+Memory safety bugs fixed in Firefox 85
+- requires NSS 3.60.1
+- requires rust 1.47
+- remove obsolete mozilla-pipewire-0-3.patch
+
+---
Old:
firefox-84.0.2.source.tar.xz
firefox-84.0.2.source.tar.xz.asc
l10n-84.0.2.tar.xz
mozilla-pipewire-0-3.patch
New:
firefox-85.0.source.tar.xz
firefox-85.0.source.tar.xz.asc
l10n-85.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.LA1wer/_old 2021-01-29 14:56:20.841443207 +0100
+++ /var/tmp/diff_new_pack.LA1wer/_new 2021-01-29 14:56:20.841443207 +0100
@@ -2,7 +2,7 @@
# spec file for package MozillaFirefox
#
# Copyright (c) 2021 SUSE LLC
-# 2006-2020 Wolfgang Rosenauer
+# 2006-2021 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -29,9 +29,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 84
-%define mainver%major.0.2
-%define orig_version 84.0.2
+%define major 85
+%define mainver%major.0
+%define orig_version 85.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -92,7 +92,7 @@
%else
BuildRequires: gcc-c++
%endif
-BuildRequires: cargo >= 1.44
+BuildRequires: cargo >= 1.47
BuildRequires: ccache
BuildRequires: libXcomposite-devel
BuildRequires: libcurl-devel
@@ -101,7 +101,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.29
-BuildRequires: mozilla-nss-devel >= 3.59.1
+BuildRequires: mozilla-nss-devel >= 3.60.1
BuildRequires: nasm >= 2.14
BuildRequires: nodejs10 >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -111,7 +111,7 @@
BuildRequires: python3 >= 3.5
BuildRequires: python3-devel
%endif
-BuildRequires: rust >= 1.44
+BuildRequires: rust >= 1.47
BuildRequires: rust-cbindgen >= 0.15.0
BuildRequires: unzip
BuildRequires: update-desktop-files
@@ -207,7 +207,6 @@
Patch20:mozilla-fix-top-level-asm.patch
Patch21:mozilla-bmo1504834-part4.patch
Patch22:mozilla-bmo849632.patch
-Patch23:
[opensuse-commit] commit MozillaFirefox for openSUSE:Factory
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at 2020-11-26 23:09:40
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5913 (New)
Package is "MozillaFirefox"
Thu Nov 26 23:09:40 2020 rev:322 rq:849574 version:83.0
Changes:
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-11-10 13:40:13.400381712 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5913/MozillaFirefox.changes
2020-11-26 23:10:29.208893902 +0100
@@ -1,0 +2,70 @@
+Sun Nov 15 12:16:53 UTC 2020 - Wolfgang Rosenauer
+
+- Mozilla Firefox 83.0
+ * major update for SpiderMonkey improving performance significantly
+ * optional HTTPS-Only mode
+ * more improvements
+https://www.mozilla.org/en-US/firefox/83.0/releasenotes/
+ MFSA 2020-50 (bsc#1178824))
+ * CVE-2020-26951 (bmo#1667113)
+Parsing mismatches could confuse and bypass security
+sanitizer for chrome privileged code
+ * CVE-2020-26952 (bmo#1667685)
+Out of memory handling of JITed, inlined functions could lead
+to a memory corruption
+ * CVE-2020-16012 (bmo#1642028)
+Variable time processing of cross-origin images during
+drawImage calls
+ * CVE-2020-26953 (bmo#1656741)
+Fullscreen could be enabled without displaying the security UI
+ * CVE-2020-26954 (bmo#1657026)
+Local spoofing of web manifests for arbitrary pages in
+Firefox for Android
+ * CVE-2020-26955 (bmo#1663261)
+Cookies set during file downloads are shared between normal
+and Private Browsing Mode in Firefox for Android
+ * CVE-2020-26956 (bmo#1666300)
+XSS through paste (manual and clipboard API)
+ * CVE-2020-26957 (bmo#1667179)
+OneCRL was not working in Firefox for Android
+ * CVE-2020-26958 (bmo#1669355)
+Requests intercepted through ServiceWorkers lacked MIME type
+restrictions
+ * CVE-2020-26959 (bmo#1669466)
+Use-after-free in WebRequestService
+ * CVE-2020-26960 (bmo#1670358)
+Potential use-after-free in uses of nsTArray
+ * CVE-2020-15999 (bmo#1672223)
+Heap buffer overflow in freetype
+ * CVE-2020-26961 (bmo#1672528)
+DoH did not filter IPv4 mapped IP Addresses
+ * CVE-2020-26962 (bmo#610997)
+Cross-origin iframes supported login autofill
+ * CVE-2020-26963 (bmo#1314912)
+History and Location interfaces could have been used to hang
+the browser
+ * CVE-2020-26964 (bmo#1658865)
+Firefox for Android's Remote Debugging via USB could have
+been abused by untrusted apps on older versions of Android
+ * CVE-2020-26965 (bmo#1661617)
+Software keyboards may have remembered typed passwords
+ * CVE-2020-26966 (bmo#1663571)
+Single-word search queries were also broadcast to local
+network
+ * CVE-2020-26967 (bmo#1665820)
+Mutation Observers could break or confuse Firefox Screenshots
+feature
+ * CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697,
+bmo#1657739, bmo#1660236, bmo#1667912, bmo#1671479,
+bmo#1671923)
+Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
+ * CVE-2020-26969 (bmo#1623920, bmo#1651705, bmo#1667872,
+bmo#1668876)
+Memory safety bugs fixed in Firefox 83
+- requires
+ NSS >= 3.58
+ nodejs >= 10.22.1
+- removed obsolete mozilla-ppc-altivec_static_inline.patch
+- disable LTO on TW because of ICEs in gcc
+
+---
Old:
firefox-82.0.3.source.tar.xz
firefox-82.0.3.source.tar.xz.asc
l10n-82.0.3.tar.xz
mozilla-ppc-altivec_static_inline.patch
New:
firefox-83.0.source.tar.xz
firefox-83.0.source.tar.xz.asc
l10n-83.0.tar.xz
Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.pEUCD2/_old 2020-11-26 23:11:06.260924936 +0100
+++ /var/tmp/diff_new_pack.pEUCD2/_new 2020-11-26 23:11:06.264924937 +0100
@@ -29,9 +29,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 82
-%define mainver%major.0.3
-%define orig_version 82.0.3
+%define major 83
+%define mainver%major.0
+%define orig_version 83.0
%define orig_suffix%{nil}
%define update_channel release
%define branding 1
@@ -101,9 +101,9 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.29
-BuildRequires: mozilla-nss-devel >= 3.57
+BuildRequires: mozilla-nss-devel >= 3.58
BuildRequires: nasm >= 2.14
-BuildRequires: nodejs10 >= 10.21.0
+BuildRequires: nodejs10 >= 10.22.1
%if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
BuildRequires: python-libxml2
BuildRequires: python36
@@ -195,7 +195,6 @@
Patch8:
