--- a/MozillaFirefox/MozillaFirefox.changes Sat Dec 04 11:19:16 2021 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Sat Jan 08 10:41:19 2022 +0100
@@ -1,4 +1,79 @@
-------------------------------------------------------------------
+Tue Dec 28 17:45:28 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Add upstream patches:
+ * mozilla-bmo1745560.patch: Fix build against wayland 1.20.
+ * mozilla-bmo1744896.patch: Create WaylandVsyncSource on window
+ creation
+
+-------------------------------------------------------------------
+Mon Dec 20 21:57:30 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 95.0.2
+ * Addresses frequent crashes experienced by users with C/E/Z-Series
+ "Bobcat" CPUs running on Windows 7, 8, and 8.1.
+- updated constraints for ppc and x86-64
+
+-------------------------------------------------------------------
+Fri Dec 17 13:49:16 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 95.0.1 (bsc#1193845)
+ * Fixed frequent
+ MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING error
+ messages when trying to connect to various microsoft.com
+ domains (bmo#1745600)
+ * Fix for a WebRender crash on some Linux/X11 systems (bmo#1741956)
+ * Fix for a frequent Windows shutdown crash (bmo#1738984)
+ * Fix websites contrast issues for some Linux users with
+ Dark mode set at OS level (bmo#1740518)
+
+-------------------------------------------------------------------
+Sat Dec 4 12:07:21 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 95.0
+ * You can now move the Picture-in-Picture toggle button to the
+ opposite side of the video. Simply look for the new context menu
+ option Move Picture-in-Picture Toggle to Left (Right) Side.
+ * To better protect Firefox users against side-channel attacks such
+ as Spectre, Site Isolation is now enabled for all Firefox 95 users.
+ * https://www.mozilla.org/en-US/firefox/95.0/releasenotes
+ MFSA 2021-52 (bsc#1193485)
+ * CVE-2021-43536 (bmo#1730120)
+ URL leakage when navigating while executing asynchronous
+ function
+ * CVE-2021-43537 (bmo#1738237)
+ Heap buffer overflow when using structured clone
+ * CVE-2021-43538 (bmo#1739091)
+ Missing fullscreen and pointer lock notification when
+ requesting both
+ * CVE-2021-43539 (bmo#1739683)
+ GC rooting failure when calling wasm instance methods
+ * MOZ-2021-0010 (bmo#1735852)
+ Use-after-free in fullscreen objects on MacOS
+ * CVE-2021-43540 (bmo#1636629)
+ WebExtensions could have installed persistent ServiceWorkers
+ * CVE-2021-43541 (bmo#1696685)
+ External protocol handler parameters were unescaped
+ * CVE-2021-43542 (bmo#1723281)
+ XMLHttpRequest error codes could have leaked the existence of
+ an external protocol handler
+ * CVE-2021-43543 (bmo#1738418)
+ Bypass of CSP sandbox directive when embedding
+ * CVE-2021-43544 (bmo#1739934)
+ Receiving a malicious URL as text through a SEND intent could
+ have led to XSS
+ * CVE-2021-43545 (bmo#1720926)
+ Denial of Service when using the Location API in a loop
+ * CVE-2021-43546 (bmo#1737751)
+ Cursor spoofing could overlay user interface when native
+ cursor is zoomed
+ * MOZ-2021-0009 (bmo#1393362, bmo#1736046, bmo#1736751,
+ bmo#1737009, bmo#1739372, bmo#1739421)
+ Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
+- requires
+ NSS >= 3.72
+
+-------------------------------------------------------------------
Thu Dec 2 20:32:42 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
- remove x-scheme-handler/ftp from firefox.desktop boo#1193321