Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox66
changeset 1092 5d7b22f6b177
parent 1089 eca1c1f2fe50
child 1093 3942c205588b 
--- a/MozillaFirefox/MozillaFirefox.changes	Tue Mar 19 09:48:05 2019 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes	Tue May 14 12:12:16 2019 +0200
@@ -1,4 +1,56 @@
 -------------------------------------------------------------------
+Fri May 10 10:30:05 UTC 2019 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Mozilla Firefox 66.0.5
+  * Fixed: Further improvements to re-enable web extensions which
+    had been disabled for users with a master password set (bmo#1549249)
+
+-------------------------------------------------------------------
+Sun May  5 20:21:02 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 66.0.4 (boo#1134126)
+  * fix extension certificate chain
+    https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/
+
+-------------------------------------------------------------------
+Thu Apr 11 09:16:17 UTC 2019 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Mozilla Firefox 66.0.3
+  * Fixed: Address bar on tablets running Windows 10 now behaves
+    correctly (bmo#1498973)
+  * Fixed: Performance issues with some HTML5 games (bmo#1537609)
+  * Fixed a bug with keypress events in IBM cloud applications
+    (bmo#1538970)
+  * Fix for keypress events in some Microsoft cloud applications
+    (bmo#1539618)
+  * Changed: Updated Baidu search plugin
+
+-------------------------------------------------------------------
+Thu Mar 28 19:01:41 UTC 2019 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Mozilla Firefox 66.0.2
+  * Fixed Web compatibility issues with Office 365, iCloud and
+    IBM WebMail caused by recent changes to the handling of
+    keyboard events (bmo#1538966)
+  * Crash fixes (bmo#1521370, bmo#1539118)
+
+-------------------------------------------------------------------
+Thu Mar 28 09:58:36 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Add patch to fix aarch64 build:
+  * mozilla-fix-aarch64-libopus.patch (bmo#1539737)
+
+-------------------------------------------------------------------
+Fri Mar 22 22:22:08 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 66.0.1
+  MFSA 2019-09 (bsc#1130262)
+  * CVE-2019-9810 (bmo#1537924)
+    IonMonkey MArraySlice has incorrect alias information
+  * CVE-2019-9813 (bmo#1538006)
+    Ionmonkey type confusion with __proto__ mutations
+
+-------------------------------------------------------------------
 Sun Mar 17 10:08:51 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
 
 - Mozilla Firefox 66.0
@@ -23,10 +75,58 @@
     can add individual sites to an exceptions list or turn the blocking
     off.
   * System title bar is hidden by default to match Gnome guideline
+  MFSA 2019-07 (bsc#1129821)
+  * CVE-2019-9790 (bmo#1525145)
+    Use-after-free when removing in-use DOM elements
+  * CVE-2019-9791 (bmo#1530958)
+    Type inference is incorrect for constructors entered through on-stack
+    replacement with IonMonkey
+  * CVE-2019-9792 (bmo#1532599)
+    IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
+  * CVE-2019-9793 (bmo#1528829)
+    Improper bounds checks when Spectre mitigations are disabled
+  * CVE-2019-9794 (bmo#1530103) (Windows only)
+    Command line arguments not discarded during execution
+  * CVE-2019-9795 (bmo#1514682)
+    Type-confusion in IonMonkey JIT compiler
+  * CVE-2019-9796 (bmo#1531277)
+    Use-after-free with SMIL animation controller
+  * CVE-2019-9797 (bmo#1528909)
+    Cross-origin theft of images with createImageBitmap
+  * CVE-2019-9798 (bmo#1527534) (Android only)
+    Library is loaded from world writable APITRACE_LIB location
+  * CVE-2019-9799 (bmo#1505678)
+    Information disclosure via IPC channel messages
+  * CVE-2019-9801 (bmo#1527717) (Windows only)
+    Windows programs that are not 'URL Handlers' are exposed to web content
+  * CVE-2019-9802 (bmo#1415508)
+    Chrome process information leak
+  * CVE-2019-9803 (bmo#1515863, bmo#1437009)
+    Upgrade-Insecure-Requests incorrectly enforced for same-origin navigation
+  * CVE-2019-9804 (bmo#1518026) (MacOS only)
+    Code execution through 'Copy as cURL' in Firefox Developer Tools on macOS
+  * CVE-2019-9805 (bmo#1521360)
+    Potential use of uninitialized memory in Prio
+  * CVE-2019-9806 (bmo#1525267)
+    Denial of service through successive FTP authorization prompts
+  * CVE-2019-9807 (bmo#1362050)
+    Text sent through FTP connection can be incorporated into alert messages
+  * CVE-2019-9809 (bmo#1282430, bmo#1523249)
+    Denial of service through FTP modal alert error messages
+  * CVE-2019-9808 (bmo#1434634)
+    WebRTC permissions can display incorrect origin with data: and blob: URLs
+  * CVE-2019-9789 bmo#1520483, bmo#1522987, bmo#1528199, bmo#1519337,
+    bmo#1525549, bmo#1516179, bmo#1518524, bmo#1518331, bmo#1526579,
+    bmo#1512567, bmo#1524335, bmo#1448505, bmo#1518821
+    Memory safety bugs fixed in Firefox 66
+  * CVE-2019-9788 bmo#1518001, bmo#1521304, bmo#1521214, bmo#1506665,
+    bmo#1516834, bmo#1518774, bmo#1524755, bmo#1523362, bmo#1524214, bmo#1529203
+    Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6
 - updated build/runtime requirements
   * mozilla-nss >= 3.42.1
   * cargo/rust >= 1.31
   * rust-cbindgen >= 0.6.8
+  * nasm >= 2.13 (new)
 - removed obsolete patch
   * mozilla-bmo256180.patch
mozilla