--- a/MozillaFirefox/MozillaFirefox.changes Sat Feb 05 15:04:53 2022 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Wed Mar 02 15:34:50 2022 +0100
@@ -1,10 +1,91 @@
-------------------------------------------------------------------
+Fri Feb 18 20:38:22 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 97.0.1
+ * Fixed: Fixed an issue where TikTok videos would fail to load
+ when selected from a user's profile page (bmo#1750973)
+ * Fixed: Fixed an issue which led to Picture-in-Picture mode
+ being unable to be toggled on Hulu (bmo#1753401)
+ * Fixed: Works around problems with WebRoot SecureAnywhere
+ antivirus rendering Firefox unusable in some situations
+ (bmo#1752466)
+ * Fixed: Fixed an issue causing users to see the Restore
+ Session screen unexpectedly when starting Firefox
+ (bmo#1749996)
+
+-------------------------------------------------------------------
+Mon Feb 14 19:31:29 UTC 2022 - Luciano Santos <luc14n0@opensuse.org>
+
+- Remove bashisms ("source" and "function" keywords) from
+ mozilla.sh.in to ally with the #!/bin/sh shebang. If the end user
+ has either dash-sh package or busybox-sh to handle Bourn Shell
+ scripts rather than having bash-sh package, the script would
+ fail. Using "." instead of "source" and "create_langpack_link()"
+ function definition is enough to keep both sides sane,
+ behavior-wise.
+
+-------------------------------------------------------------------
+Tue Feb 8 08:40:45 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 97.0
+ MFSA 2022-04 (bsc#1195682)
+ * CVE-2022-22753 (bmo#1732435)
+ Privilege Escalation to SYSTEM on Windows via Maintenance Service
+ * CVE-2022-22754 (bmo#1750565)
+ Extensions could have bypassed permission confirmation during update
+ * CVE-2022-22755 (bmo#1309630)
+ XSL could have allowed JavaScript execution after a tab was closed
+ * CVE-2022-22756 (bmo#1317873)
+ Drag and dropping an image could have resulted in the dropped
+ object being an executable
+ * CVE-2022-22757 (bmo#1720098)
+ Remote Agent did not prevent local websites from connecting
+ * CVE-2022-22758 (bmo#1728742)
+ tel: links could have sent USSD codes to the dialer on
+ Firefox for Android
+ * CVE-2022-22759 (bmo#1739957)
+ Sandboxed iframes could have executed script if the parent
+ appended elements
+ * CVE-2022-22760 (bmo#1740985, bmo#1748503)
+ Cross-Origin responses could be distinguished between script
+ and non-script content-types
+ * CVE-2022-22761 (bmo#1745566)
+ frame-ancestors Content Security Policy directive was not
+ enforced for framed extension pages
+ * CVE-2022-22762 (bmo#1743931)
+ JavaScript Dialogs could have been displayed over other
+ domains on Firefox for Android
+ * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545,
+ bmo#1748210, bmo#1748279)
+ Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
+ * CVE-2022-0511 (bmo#1713579, bmo#1735448, bmo#1743821, bmo#1746313,
+ bmo#1746314, bmo#1746316, bmo#1746321, bmo#1746322, bmo#1746323,
+ bmo#1746412, bmo#1746430, bmo#1746451, bmo#1746488, bmo#1746875,
+ bmo#1746898, bmo#1746905, bmo#1746907, bmo#1746917, bmo#1747128,
+ bmo#1747137, bmo#1747331, bmo#1747346, bmo#1747439, bmo#1747457,
+ bmo#1747870, bmo#1749051, bmo#1749274, bmo#1749831)
+ Memory safety bugs fixed in Firefox 97
+- requires NSS 3.74
+- requires rust 1.57
+
+-------------------------------------------------------------------
+Mon Feb 7 22:21:29 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- remove memoryperjob and use %limit instead. this allows to
+ adapt to more worker types, and lowers the time the package
+ is stuck in "scheduling". raising memory above 8 to lower
+ risk for LTO jobs to run OOM
+- add hack to disable -Wl,--gc-section which avoids a binutils
+ segfault on x86
+- change mozilla-reduce-rust-debuginfo.patch: use -g1 everywhere
+
+-------------------------------------------------------------------
Sun Jan 30 23:58:34 UTC 2022 - Dirk Müller <dmueller@suse.com>
-- disable ccache, this adds about 1 minute of build time and
+- disable ccache, this adds about 1 minute of build time and
over 2 GB of disk space usage without benefit on OBS builds
- build with rust-simd like upstream does
-- use -g1 for debuginfo generation as this is what upstream
+- use -g1 for debuginfo generation as this is what upstream
does as well and it saves ~ 2GB of writes
- use %limit on x86_64 to scale down to less capable workers
- disable install stripping so that debuginfo is useful