1 -------------------------------------------------------------------

     2 Sun Mar 26 08:55:39 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>

     3 

     4 - Mozilla Firefox 111.0.1 (boo#1209688)

     5   * Fixed a crash on macOS while pinch-zooming under some circumstances

     6     (bmo#1658986)

     7   * Fixed a bug causing Firefox to freeze on startup for some

     8     Windows users (bmo#1823159)

     9 

    10 -------------------------------------------------------------------

    11 Tue Mar 14 14:29:09 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>

    12 

    13 - Mozilla Firefox 111.0

    14   * https://www.mozilla.org/en-US/firefox/111.0/releasenotes

    15   MFSA 2023-09 (bsc#1209173)

    16   * CVE-2023-28159 (bmo#1783561)

    17     Fullscreen Notification could have been hidden by download

    18     popups on Android

    19   * CVE-2023-25748 (bmo#1798798)

    20     Fullscreen Notification could have been hidden by window

    21     prompts on Android

    22   * CVE-2023-25749 (bmo#1810705)

    23     Firefox for Android may have opened third-party apps without

    24     a prompt

    25   * CVE-2023-25750 (bmo#1814733)

    26     Potential ServiceWorker cache leak during private browsing mode

    27   * CVE-2023-25751 (bmo#1814899)

    28     Incorrect code generation during JIT compilation

    29   * CVE-2023-28160 (bmo#1802385)

    30     Redirect to Web Extension files may have leaked local path

    31   * CVE-2023-28164 (bmo#1809122)

    32     URL being dragged from a removed cross-origin iframe into the

    33     same tab triggered navigation

    34   * CVE-2023-28161 (bmo#1811181)

    35     One-time permissions granted to a local file were extended to

    36     other local files loaded in the same tab

    37   * CVE-2023-28162 (bmo#1811327)

    38     Invalid downcast in Worklets

    39   * CVE-2023-25752 (bmo#1811627)

    40     Potential out-of-bounds when accessing throttled streams

    41   * CVE-2023-28163 (bmo#1817768)

    42     Windows Save As dialog resolved environment variables

    43   * CVE-2023-28176 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442,

    44     bmo#1818674)

    45     Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9

    46   * CVE-2023-28177 (bmo#1803109, bmo#1808832, bmo#1809542, bmo#1817336)

    47     Memory safety bugs fixed in Firefox 111

    48 - ensure gcc11-c++ gets used on Leap 15.5

    49 - requires NSS >= 3.88.1

    50 - removed obsolete patches

    51   gcc13-fix.patch

    52   mozilla-bmo1810584.patch

    53 - rebased patches

    54 - update create-tar.sh

    55