Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox115
changeset 1190 2a24a948b5cf
parent 1189 ba0c97b018a6
child 1191 37e065158be7 
--- a/MozillaFirefox/MozillaFirefox.changes	Mon Jun 05 21:17:55 2023 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Sat Jul 29 14:34:45 2023 +0200
@@ -1,4 +1,239 @@
 -------------------------------------------------------------------
+Fri Jul 28 20:56:00 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 115.0.3
+  * fixes for other platforms
+- remove bashisms from firefox startup script (boo#1213657)
+
+-------------------------------------------------------------------
+Thu Jul 13 13:30:20 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 115.0.2
+  * Fixed a bug with displaying a caret in the text editor on some websites
+    (bmo#1840804)
+  * Fixed a bug with broken audio rendering on some websites (bmo#1841982)
+  * Fixed a bug with patternTransform translate using the wrong units
+    (bmo#1840746)
+  MFSA 2023-26 (bsc#1213230)
+  * CVE-2023-3600 (bmo#1839703)
+    Use-after-free in workers
+
+-------------------------------------------------------------------
+Fri Jul  7 19:39:30 UTC 2023 - Andreas Stieger <Andreas.Stieger@gmx.de>
+
+- Mozilla Firefox 115.0.1
+  * fixes for other platforms
+
+-------------------------------------------------------------------
+Sun Jul  2 16:00:53 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 115.0
+  * Support for importing payment methods saved in Chrome-based browser
+  * Hardware video decoding is now enabled for Intel GPUs on Linux
+  * The Tab Manager dropdown now features close buttons, so tabs
+    can be closed more quickly
+  * Streamlined the user interface for importing data in from other browsers
+  * Users without platform support for H264 video decoding can now
+    fallback to Cisco's OpenH264 plugin for playback.
+  * Undo and redo are now available in Password fields
+  * Changed: On Linux, middle clicks on the new tab button will
+    now open the xclipboard contents in the new tab. If the
+    xclipboard content is a URL then that URL is opened, any
+    other text is opened with your default search provider.
+  * Changed: For users with a Firefox Colorways built-in theme,
+    the theme will be automatically migrated to the same theme
+    hosted on addons.mozilla.org for Firefox profiles that have
+    disabled add-ons auto-updates. This will allow users to keep
+    their Colorways theme when they are later removed from
+    Firefox installer files.
+  * Changed: Certain Firefox users may come across a message in
+    the extensions panel indicating that their add-ons are not
+    allowed on the site currently open. We have introduced a new
+    back-end feature to only allow some extensions monitored by
+    Mozilla to run on specific websites for various reasons,
+    including security concerns.
+  * HTML5: The builtin editor now behaves similarly to other
+    browsers with `contenteditable` and `designMode` when
+    splitting a node, e.g. typing Enter to split a paragraph, and
+    also when joining two nodes, e.g. typing Backspace at the
+    start of a paragraph to join the paragraph and the previous
+    one.
+    When a node is split, the builtin editor creates a new node
+    after the original one instead of before, i.e. creates the
+    right node instead of the left node.
+    Similarly, when two nodes are joined, the builtin editor
+    deletes the latter node and moves its children to the end of
+    the preceding node instead of deleting the former node and
+    moving its child to the start of the following node.
+  * HTML5: WebRTC application developers can now specify a target
+    in milliseconds of media for the jitter buffer to hold.
+    Altering the target value allows applications to control the
+    tradeoff between playout delay and the risk of running out of
+    audio or video frames due to network jitter.
+  * HTML5: Change array by copy provides additional methods on
+    `Array.prototype` and `TypedArray.prototype` to enable
+    changes on the array by returning a new copy of it with the
+    change.
+  * HTML5: The animation-composition property is now supported,
+    allowing a declarative way to define the composite operation
+    used when multiple animations affect the same property
+    simultaneously.
+  * HTML5: Added the URL.canParse() function to allow easy and
+    fast checking if URLs are valid and parseable.
+  * HTML5: IndexedDB is now also supported in private browsing
+    without memory limits thanks to encrypted storage on disk.
+    The temporary keys to decrypt the information are hold in RAM
+    only and all stored information is purged at the normal end
+    of a private browsing session from disk.
+  * HTML5: Supports conditions are now supported in CSS import
+    rules @import supports(...)
+  * Developer: In web development, we rely on third-party
+    libraries which you may not be interested in while debugging.
+    These can be ignored. Ignoring them means that breakpoints
+    will not get hit and they are skipped during stepping.
+    You can now choose to **Hide ignore-listed sources** in the
+    Developer Tools source tree
+  * Developer: We have introduced a new option,
+    `devtools.f12_enabled`, that can be utilized to prevent the
+    accidental use of the F12 key, which opens the DevTools
+    toolbox (bug).
+  * Enterprise: You can find information about policy updates and
+    enterprise specific bug fixes in the Firefox for Enterprise
+    115 Release Notes.
+  MFSA 2023-22 (bsc#1212438)
+  * CVE-2023-3482 (bmo#1839464)
+    Block all cookies bypass for localstorage
+  * CVE-2023-37201 (bmo#1826002)
+    Use-after-free in WebRTC certificate generation
+  * CVE-2023-37202 (bmo#1834711)
+    Potential use-after-free from compartment mismatch in SpiderMonkey
+  * CVE-2023-37203 (bmo#291640)
+    Drag and Drop API may provide access to local system files
+  * CVE-2023-37204 (bmo#1832195)
+    Fullscreen notification obscured via option element
+  * CVE-2023-37205 (bmo#1704420)
+    URL spoofing in address bar using RTL characters
+  * CVE-2023-37206 (bmo#1813299)
+    Insufficient validation of symlinks in the FileSystem API
+  * CVE-2023-37207 (bmo#1816287)
+    Fullscreen notification obscured
+  * CVE-2023-37208 (bmo#1837675)
+    Lack of warning when opening Diagcab files
+  * CVE-2023-37209 (bmo#1837993)
+    Use-after-free in `NotifyOnHistoryReload`
+  * CVE-2023-37210 (bmo#1821886)
+    Full-screen mode exit prevention
+  * CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886,
+    bmo#1836550, bmo#1837450)
+    Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13,
+    and Thunderbird 102.13
+  * CVE-2023-37212 (bmo#1750870, bmo#1825552, bmo#1826206, bmo#1827076,
+    bmo#1828690, bmo#1833503, bmo#1835710, bmo#1838587)
+    Memory safety bugs fixed in Firefox 115
+- Requires NSS 3.90
+- Add patches:
+  mozilla-rust-disable-future-incompat.patch
+  mozilla-bmo1775202.patch
+  mozilla-partial-revert-1768632.patch
+- removed obsolete mozilla-buildfixes.patch
+
+-------------------------------------------------------------------
+Tue Jun 20 19:49:51 UTC 2023 - Andreas Stieger <Andreas.Stieger@gmx.de>
+
+- Mozilla Firefox 114.0.2:
+  * Several crash fixes
+  * Web Extensions: Fixes for 114 regressions in Native Messaging
+    support
+
+-------------------------------------------------------------------
+Tue Jun 20 06:30:02 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- do not enable LTO as it caused crashes now (boo#1212101)
+
+-------------------------------------------------------------------
+Sat Jun 10 14:48:07 UTC 2023 - Andreas Stieger <Andreas.Stieger@gmx.de>
+
+- Mozilla Firefox 114.0.1
+  * Fix a startup crash (bmo#1837201, boo#1212101)
+
+-------------------------------------------------------------------
+Fri Jun  9 11:05:47 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Only install vaapitest for wayland-enabled builds, where it gets built
+- Rebase mozilla-silence-no-return-type.patch
+- Rebase s390x-patches, and remove obsolete patches:
+  mozilla-bmo1005535.patch mozilla-s390x-skia-gradient.patch
+
+-------------------------------------------------------------------
+Mon Jun  5 21:22:19 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 114.0
+  MFSA 2023-20 (bsc#1211922)
+  * CVE-2023-34414 (bmo#1695986)
+    Click-jacking certificate exceptions through rendering lag
+  * CVE-2023-34415 (bmo#1811999)
+    Site-isolation bypass on sites that allow open redirects to
+    data: urls
+  * CVE-2023-34416 (bmo#1752703, bmo#1818394, bmo#1826875,
+    bmo#1827340, bmo#1827655, bmo#1828065, bmo#1830190,
+    bmo#1830206, bmo#1830795, bmo#1833339)
+    Memory safety bugs fixed in Firefox 114 and Firefox ESR
+    102.12
+  * CVE-2023-34417 (bmo#1746447, bmo#1820903, bmo#1832832)
+    Memory safety bugs fixed in Firefox 114
+  * New: Added UI to manage the DNS over HTTPS exception list.
+    (bmo#1596847)
+  * New: Bookmarks can now be searched from the Bookmarks menu.
+    The Bookmarks menu is accessible by adding the *Bookmarks
+    menu* button to the toolbar. (bmo#1736937)
+  * New: Restrict searches to your local browsing history by
+    selecting *Search history* from the History, Library or
+    Application menu buttons. (bmo#1736939)
+  * New: Mac users can now capture video from their cameras in
+    all supported native resolutions. This enables resolutions
+    higher than 1280x720. (bmo#1806604)
+  * New: It is now possible to reorder the extensions listed in
+    the extensions panel. (bmo#1805924)
+  * New: Users on macOS, Linux, and Windows 7 can now use FIDO2 /
+    WebAuthn authenticators over USB. Some advanced features,
+    such as fully passwordless logins, require a PIN to be set on
+    the authenticator. (bmo#1814487)
+  * New: Pocket Recommended content can now be seen in France,
+    Italy, and Spain. (bmo#None)
+  * Changed: DNS over HTTPS settings are now part of  the
+    *Privacy & Security* section of the *Settings* page and allow
+    the user to choose from all the supported modes.
+    (bmo#1610741)
+  * HTML5: DOM: Added support for ES Modules on DedicatedWorker
+    and SharedWorker
+  * HTML5: WebTransport is now enabled by default and will be
+    going to release with 114. As the original Explainer  notes,
+    it enables multiple use-cases that are hard or impossible to
+    handle without it, especially for Gaming and live streaming.
+    It covers cases that are problematic for alternative
+    mechanisms, such as WebSockets.
+    Built on top of HTTP3 (HTTP2 support will be coming later).
+    The current implementation in Firefox is passing 505 out of
+    565 Web-Platform Tests.
+  * HTML5: CSS: The `infinity` and `NaN` constants are now
+    supported inside the `calc()` function. (bmo#1830759)
+  * Developer: The *Copy as cURL* feature, available in the
+    Network panel, has been enhanced. It now supports the
+    -`-compressed` argument. (bmo#1776120)
+  * Developer: The Accessibility Inspector has been improved to
+    accurately recognize all the ARIA roles like `banner`,
+    `main`, `navigation`, and `contentinfo`, etc. This
+    enhancement is particularly beneficial for web developers
+    working with ARIA roles to improve web accessibility.
+    (bmo#1572512)
+  * Developer: Firefox now provides support for the CSS Cascading
+    Level 4 `supports()` syntax for `@import` rules. This allows
+    for the importation of other stylesheets based on support-
+    dependency. In addition, the Inspector panel now accurately
+    displays the conditions at the top of the imported rule.
+- requires NSS 3.89.1
+
+-------------------------------------------------------------------
 Wed May 24 19:26:35 UTC 2023 - Andreas Stieger <Andreas.Stieger@gmx.de>
 
 - Mozilla Firefox 113.0.2 (boo#1211696)
mozilla