--- a/MozillaFirefox/firefox-esr.changes	Mon Sep 06 12:03:54 2021 +0200
+++ b/MozillaFirefox/firefox-esr.changes	Tue Nov 02 13:21:17 2021 +0100
@@ -1,7 +1,36 @@
 -------------------------------------------------------------------
+Tue Oct  5 13:16:17 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 91.2.0 ESR
+  MFSA 2021-45 (bsc#1191332)
+  * CVE-2021-38496 (bmo#1725335)
+    Use-after-free in MessageTask
+  * CVE-2021-38497 (bmo#1726621)
+    Validation message could have been overlaid on another origin
+  * CVE-2021-38498 (bmo#1729642)
+    Use-after-free of nsLanguageAtomService object
+  * CVE-2021-32810 (bmo#1729813,
+    bmo#https://github.com/crossbeam-
+    rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw)
+    Data race in crossbeam-deque
+  * CVE-2021-38500 (bmo#1725854, bmo#1728321)
+    Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15,
+    and Firefox ESR 91.2
+  * CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176)
+    Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
+- allow to override wayland detection by defining MOZ_ENABLE_WAYLAND
+  explicitely as 0 or 1
+
+-------------------------------------------------------------------
 Fri Sep  3 11:12:18 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
 
 - Mozilla Firefox 91.1.0 ESR
+  MFSA 2021-40 (bsc#1190269)
+  * CVE-2021-38492 (bmo#1721107)
+    Navigating to `mk:` URL scheme could load Internet Explorer
+  * CVE-2021-38495 (bmo#1723391, bmo#1723920, bmo#1724101, bmo#1724107)
+    Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and
+    Firefox ESR 91.1
 - switched to ESR branch and renamed package accordingly
 - updated appdata
 - don't apply mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch