--- a/MozillaFirefox/MozillaFirefox.changes Sun May 01 18:18:56 2022 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Sun Jun 12 16:05:04 2022 +0200
@@ -1,4 +1,114 @@
-------------------------------------------------------------------
+Fri Jun 10 20:45:37 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 101.0.1:
+ * Fixed context menus not appearing when right-clicking
+ Picture-in-Picture windows on some Linux systems (bmo#1771914)
+ * Various stability fixes
+
+-------------------------------------------------------------------
+Sun May 29 08:02:45 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 101.0
+ * Reading is now easier with the prefers-contrast media query,
+ which allows sites to detect if the user has requested that web
+ content is presented with a higher (or lower) contrast
+ * All non-configured MIME types can now be assigned a custom
+ action upon download completion
+ * allows users to use as many microphones as you want, at the
+ same time, during video conferencing. The most exciting benefit
+ is that you can easily switch your microphones at any time
+ (if your conferencing service provider enables this flexibility)
+ MFSA 2022-20 (bsc#1200027)
+ * CVE-2022-31736 (bmo#1735923)
+ Cross-Origin resource's length leaked
+ * CVE-2022-31737 (bmo#1743767)
+ Heap buffer overflow in WebGL
+ * CVE-2022-31738 (bmo#1756388)
+ Browser window spoof using fullscreen mode
+ * CVE-2022-31739 (bmo#1765049)
+ Attacker-influenced path traversal when saving downloaded files
+ * CVE-2022-31740 (bmo#1766806)
+ Register allocation problem in WASM on arm64
+ * CVE-2022-31741 (bmo#1767590)
+ Uninitialized variable leads to invalid memory read
+ * CVE-2022-31742 (bmo#1730434)
+ Querying a WebAuthn token with a large number of allowCredential
+ entries may have leaked cross-origin information
+ * CVE-2022-31743 (bmo#1747388)
+ HTML Parsing incorrectly ended HTML comments prematurely
+ * CVE-2022-31744 (bmo#1757604)
+ CSP bypass enabling stylesheet injection
+ * CVE-2022-31745 (bmo#1760944)
+ Incorrect Assertion caused by unoptimized array shift operations
+ * CVE-2022-1919 (bmo#1761275)
+ Memory Corruption when manipulating webp images
+ * CVE-2022-31747 (bmo#1760765, bmo#1765610, bmo#1766283,
+ bmo#1767365, bmo#1768559, bmo#1768734)
+ Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
+ * CVE-2022-31748 (bmo#1713773, bmo#1762201, bmo#1762469,
+ bmo#1762770, bmo#1764878, bmo#1765226, bmo#1765782, bmo#1765973,
+ bmo#1767177, bmo#1767181, bmo#1768232, bmo#1768251, bmo#1769869)
+ Memory safety bugs fixed in Firefox 101
+- requires
+ * NSS 3.78.1
+ * rust-cbindgen 0.23.0
+ * rust 1.59
+
+-------------------------------------------------------------------
+Fri May 20 15:03:50 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 100.0.2
+ MFSA 2022-19 (bsc#1199768)
+ * CVE-2022-1802 (bmo#1770137)
+ Prototype pollution in Top-Level Await implementation
+ * CVE-2022-1529 (bmo#1770048)
+ Untrusted input used in JavaScript object indexing, leading
+ to prototype pollution
+
+-------------------------------------------------------------------
+Wed May 18 20:27:49 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 100.0.1:
+ * Fixed: Fixed an issue with subtitles in Picture-in-Picture
+ mode while using Netflix (bmo#1768818)
+ * Fixed: Fixed an issue where some commands were unavailable in
+ the Picture-in-Picture window (bmo#1768201)
+
+-------------------------------------------------------------------
+Sun May 1 21:31:01 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 100.0
+ * subtitle support in PiP
+ * spell checking supports multiple languages in parallel
+ * more details here
+ https://www.mozilla.org/en-US/firefox/100.0/releasenotes
+ MFSA 2022-16 (boo#1198970)
+ * CVE-2022-29914 (bmo#1746448)
+ Fullscreen notification bypass using popups
+ * CVE-2022-29909 (bmo#1755081)
+ Bypassing permission prompt in nested browsing contexts
+ * CVE-2022-29916 (bmo#1760674)
+ Leaking browser history with CSS variables
+ * CVE-2022-29911 (bmo#1761981)
+ iframe Sandbox bypass
+ * CVE-2022-29912 (bmo#1692655)
+ Reader mode bypassed SameSite cookies
+ * CVE-2022-29910 (bmo#1757138)
+ Firefox for Android forgot HTTP Strict Transport Security
+ settings
+ * CVE-2022-29915 (bmo#1751678)
+ Leaking cross-origin redirect through the Performance API
+ * CVE-2022-29917 (bmo#1684739, bmo#1706441, bmo#1753298,
+ bmo#1762614, bmo#1762620, bmo#1764778)
+ Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
+ * CVE-2022-29918 (bmo#1744043, bmo#1747178, bmo#1753535,
+ bmo#1754017, bmo#1755847, bmo#1756172, bmo#1757477,
+ bmo#1758223, bmo#1760160, bmo#1761481, bmo#1761771)
+ Memory safety bugs fixed in Firefox 100
+- requires NSS 3.77
+
+-------------------------------------------------------------------
Tue Apr 12 19:30:30 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
- Mozilla Firefox 99.0.1