diff -r 4c520ebe1ad7 -r 2a0735b1eb92 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Tue Jan 23 17:32:46 2024 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Thu Feb 22 20:31:18 2024 +0100 @@ -1,4 +1,77 @@ ------------------------------------------------------------------- +Tue Feb 13 21:21:15 UTC 2024 - Andreas Stieger + +- Mozilla Firefox 122.0.1 + https://www.mozilla.org/en-US/firefox/122.0.1/releasenotes/ + * Fixed the Library and Sidebar context menus only displaying + Multi-Account Containers icons in the "Open in New Container + Tab" menu. (bmo#1876518) + * Fixed an issue when clicking the Dismiss button in + notification pop-ups on Windows causing a webpage in a new tab. + (bmo#1848801) + * Fixed the yaru-remix system theme not applying correctly on + Linux. (bmo#1877002) + * Fixed adding an extra new line to a rule in the Developer + Tools' Inspector when copying it to the clipboard. + (bmo#1876220) + * Rolled back a keyboard behavior change made to the Developer + Tools' Rules view when validating a property name or input with + the Enter key. + This moves the focus to the next input, as was the behavior + in Firefox 121. (bmo#1877457) + +------------------------------------------------------------------- +Tue Jan 30 13:51:25 UTC 2024 - Martin Sirringhaus + +- Recommend libfido2-udev on codestreams that exist, in order to try + to get security keys (e.g. Yubikeys) work out of the box. (bsc#1184272) + +------------------------------------------------------------------- +Sat Jan 27 23:12:05 UTC 2024 - Andreas Schwab + +- Fix file list + +------------------------------------------------------------------- +Sun Jan 21 09:16:30 UTC 2024 - Wolfgang Rosenauer + +- Mozilla Firefox 122.0 + https://www.mozilla.org/en-US/firefox/122.0/releasenotes/ + MFSA 2024-01 (bsc#1218955) + * CVE-2024-0741 (bmo#1864587) + Out of bounds write in ANGLE + * CVE-2024-0742 (bmo#1867152) + Failure to update user input timestamp + * CVE-2024-0743 (bmo#1867408) + Crash in NSS TLS method + * CVE-2024-0744 (bmo#1871089) + Wild pointer dereference in JavaScript + * CVE-2024-0745 (bmo#1871838) + Stack buffer overflow in WebAudio + * CVE-2024-0746 (bmo#1660223) + Crash when listing printers on Linux + * CVE-2024-0747 (bmo#1764343) + Bypass of Content Security Policy when directive unsafe-inline was set + * CVE-2024-0748 (bmo#1783504) + Compromised content process could modify document URI + * CVE-2024-0749 (bmo#1813463) + Phishing site popup could show local origin in address bar + * CVE-2024-0750 (bmo#1863083) + Potential permissions request bypass via clickjacking + * CVE-2024-0751 (bmo#1865689) + Privilege escalation through devtools + * CVE-2024-0752 (bmo#1866840) + Use-after-free could occur when applying update on macOS + * CVE-2024-0753 (bmo#1870262) + HSTS policy on subdomain could bypass policy of upper domain + * CVE-2024-0754 (bmo#1871605) + Crash when using some WASM files in devtools + * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701) + Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, + and Thunderbird 115.7 +- requires NSS 3.96.1 +- rebased patches + +------------------------------------------------------------------- Tue Jan 9 20:36:26 UTC 2024 - Andreas Stieger - Mozilla Firefox 121.0.1