|
1 ------------------------------------------------------------------- |
|
2 Thu Dec 2 20:32:42 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de> |
|
3 |
|
4 - remove x-scheme-handler/ftp from firefox.desktop boo#1193321 |
|
5 |
|
6 ------------------------------------------------------------------- |
|
7 Thu Nov 25 20:21:07 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com> |
|
8 |
|
9 - Drop unused libidl-devel BuildRequires. |
|
10 |
|
11 ------------------------------------------------------------------- |
|
12 Tue Nov 23 22:00:38 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de> |
|
13 |
|
14 - Mozilla Firefox 94.0.2: |
|
15 * Update preference design for Firefox Suggest for improved clarity |
|
16 * Resolved general instability/crashes on Linux caused by a file |
|
17 descriptor leak when backgrounding tabs using WebGL |
|
18 (bmo#1741997) |
|
19 |
|
20 ------------------------------------------------------------------- |
|
21 Fri Nov 5 18:02:48 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de> |
|
22 |
|
23 - Mozilla Firefox 94.0.1: |
|
24 * fixes for other platforms |
|
25 |
|
26 ------------------------------------------------------------------- |
|
27 Sat Oct 30 07:52:22 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org> |
|
28 |
|
29 - Mozilla Firefox 94.0 |
|
30 * https://www.mozilla.org/en-US/firefox/94.0/releasenotes |
|
31 MFSA 2021-48 (bsc#1192250) |
|
32 * CVE-2021-38503 (bmo#1729517) |
|
33 iframe sandbox rules did not apply to XSLT stylesheets |
|
34 * CVE-2021-38504 (bmo#1730156) |
|
35 Use-after-free in file picker dialog |
|
36 * CVE-2021-38505 (bmo#1730194) |
|
37 Windows 10 Cloud Clipboard may have recorded sensitive user data |
|
38 * CVE-2021-38506 (bmo#1730750) |
|
39 Firefox could be coaxed into going into fullscreen mode |
|
40 without notification or warning |
|
41 * CVE-2021-38507 (bmo#1730935) |
|
42 Opportunistic Encryption in HTTP2 could be used to bypass the |
|
43 Same-Origin-Policy on services hosted on other ports |
|
44 * MOZ-2021-0003 (bmo#1736886) |
|
45 Universal XSS in Firefox for Android via QR Code URLs |
|
46 * CVE-2021-38508 (bmo#1366818) |
|
47 Permission Prompt could be overlaid, resulting in user |
|
48 confusion and potential spoofing |
|
49 * MOZ-2021-0004 (bmo#1659155) |
|
50 Web Extensions could access pre-redirect URL when their |
|
51 context menu was triggered by a user |
|
52 * CVE-2021-38509 (bmo#1718571) |
|
53 Javascript alert box could have been spoofed onto an |
|
54 arbitrary domain |
|
55 * CVE-2021-38510 (bmo#1731779) |
|
56 Download Protections were bypassed by .inetloc files on Mac OS |
|
57 * MOZ-2021-0005 (bmo#1719203) |
|
58 'Copy Image Link' context menu action could have been abused |
|
59 to see authentication tokens |
|
60 * MOZ-2021-0006 (bmo#1724233) |
|
61 URL Parsing may incorrectly parse internationalized domains |
|
62 * MOZ-2021-0007 (bmo#1606864, bmo#1712671, bmo#1730048, bmo#1735152) |
|
63 Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 |
|
64 - removed obsolete patches |
|
65 * mozilla-bmo1602730.patch |
|
66 * mozilla-bmo1725828.patch |
|
67 * mozilla-bmo1729124.patch |
|
68 - requires |
|
69 NSS >= 3.71 |
|
70 rust >= 1.53 |
|
71 - fix Plasma detection (boo#1191825) |
|
72 - fix Link error "undefined hidden symbol:" |
|
73 https://github.com/openSUSE/firefox-maintenance/issues/37 |
|
74 |
1 ------------------------------------------------------------------- |
75 ------------------------------------------------------------------- |
2 Tue Oct 26 19:48:24 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org> |
76 Tue Oct 26 19:48:24 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org> |
3 |
77 |
4 - Drop unused pkgconfig(gdk-x11-2.0) BuildRequires |
78 - Drop unused pkgconfig(gdk-x11-2.0) BuildRequires |
5 - (re-)enable LTO on Tumbleweed |
79 - (re-)enable LTO on Tumbleweed |