--- a/MozillaFirefox/firefox-esr.changes Mon Sep 06 12:03:54 2021 +0200
+++ b/MozillaFirefox/firefox-esr.changes Tue Nov 02 13:21:17 2021 +0100
@@ -1,7 +1,36 @@
-------------------------------------------------------------------
+Tue Oct 5 13:16:17 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 91.2.0 ESR
+ MFSA 2021-45 (bsc#1191332)
+ * CVE-2021-38496 (bmo#1725335)
+ Use-after-free in MessageTask
+ * CVE-2021-38497 (bmo#1726621)
+ Validation message could have been overlaid on another origin
+ * CVE-2021-38498 (bmo#1729642)
+ Use-after-free of nsLanguageAtomService object
+ * CVE-2021-32810 (bmo#1729813,
+ bmo#https://github.com/crossbeam-
+ rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw)
+ Data race in crossbeam-deque
+ * CVE-2021-38500 (bmo#1725854, bmo#1728321)
+ Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15,
+ and Firefox ESR 91.2
+ * CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176)
+ Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
+- allow to override wayland detection by defining MOZ_ENABLE_WAYLAND
+ explicitely as 0 or 1
+
+-------------------------------------------------------------------
Fri Sep 3 11:12:18 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
- Mozilla Firefox 91.1.0 ESR
+ MFSA 2021-40 (bsc#1190269)
+ * CVE-2021-38492 (bmo#1721107)
+ Navigating to `mk:` URL scheme could load Internet Explorer
+ * CVE-2021-38495 (bmo#1723391, bmo#1723920, bmo#1724101, bmo#1724107)
+ Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and
+ Firefox ESR 91.1
- switched to ESR branch and renamed package accordingly
- updated appdata
- don't apply mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch