2 Sat Aug 25 15:56:51 UTC 2018 - wr@rosenauer.org

     2 Sun Oct 21 07:24:17 UTC 2018 - wr@rosenauer.org

     3 

     3 

     4 - update to Firefox 62.0b20

     4 - update to Firefox 63.0b14

     5 

     6 -------------------------------------------------------------------

     7 Tue Oct  2 21:28:31 UTC 2018 - astieger@suse.com

     8 

     9 - Mozilla Firefox 62.0.3:

    10   MFSA 2018-24

    11   * CVE-2018-12386 (bsc#1110506, bmo#1493900)

    12     Type confusion in JavaScript allowed remote code execution

    13   * CVE-2018-12387 (bsc#1110507, bmo#1493903)

    14     Array.prototype.push stack pointer vulnerability may enable

    15     exploits in the sandboxed content process

    16 

    17 -------------------------------------------------------------------

    18 Sat Sep 22 09:03:53 UTC 2018 - astieger@suse.com

    19 

    20 - Mozilla Firefox 62.0.2:

    21   MFSA 2018-22

    22   * CVE-2018-12385 (boo#1109363, bmo#1490585)

    23     Crash in TransportSecurityInfo due to cached data

    24   * Unvisited bookmarks can once again be autofilled in the address

    25     bar

    26   * Fix WebGL rendering issues

    27   * Fix fallback on startup when a language pack is missing

    28   * Avoid crash when sharing a profile with newer (as yet

    29     unreleased) versions of Firefox

    30   * Do not undo removal of search engines when using a language

    31     pack

    32   * Fixed rendering of some web sites

    33   * Restored compatibility with some sites using deprecated TLS

    34     settings

    35 - disable rust debug symbols to fix build on %ix86

    36 

    37 -------------------------------------------------------------------

    38 Mon Sep  3 10:47:43 UTC 2018 - wr@rosenauer.org

    39 

    40 - update to Firefox 62.0

    41   * Firefox Home (the default New Tab) now allows users to display

    42     up to 4 rows of top sites, Pocket stories, and highlights

    43   * "Reopen in Container" tab menu option appears for users with

    44     Containers that lets them choose to reopen a tab in a different

    45     container

    46   * In advance of removing all trust for Symantec-issued certificates

    47     in Firefox 63, a preference was added that allows users to distrust

    48     certificates issued by Symantec. To use this preference, go to

    49     about:config in the address bar and set the preference

    50     "security.pki.distrust_ca_policy" to 2.

    51   * Support for CSS Shapes, allowing for richer web page layouts.

    52     This goes hand in hand with a brand new Shape Path Editor in the

    53     CSS inspector.

    54   * CSS Variable Fonts (OpenType Font Variations) support, which makes

    55     it possible to create beautiful typography with a single font file

    56   * Added Canadian English (en-CA) locale

    57   MFSA 2018-20 (bsc#1107343)

    58   * CVE-2018-12377 (bmo#1470260)

    59     Use-after-free in refresh driver timers

    60   * CVE-2018-12378 (bmo#1459383)

    61     Use-after-free in IndexedDB

    62   * CVE-2018-12379 (bmo#1473113) (updater is disabled for us)

    63     Out-of-bounds write with malicious MAR file

    64   * CVE-2017-16541 (bmo#1412081)

    65     Proxy bypass using automount and autofs

    66   * CVE-2018-12381 (bmo#1435319)

    67     Dragging and dropping Outlook email message results in page navigation

    68   * CVE-2018-12382 (bmo#1479311) (Android only)

    69     Addressbar spoofing with javascript URI on Firefox for Android

    70   * CVE-2018-12383 (bmo#1475775)

    71     Setting a master password post-Firefox 58 does not delete

    72     unencrypted previously stored passwords

    73   * CVE-2018-12375

    74     Memory safety bugs fixed in Firefox 62

    75   * CVE-2018-12376

    76     Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2

     6 - removed obsolete patches

    78 - removed obsolete patch