diff -r e27c6e9c5c63 -r c19c9e7820ef MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Sat Sep 17 23:09:48 2022 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Mon Oct 17 21:08:02 2022 +0200 @@ -1,4 +1,61 @@ ------------------------------------------------------------------- +Sat Oct 8 13:41:12 UTC 2022 - Andreas Stieger + +- Mozilla Firefox 105.0.3: + * Fixes for other platforms + +------------------------------------------------------------------- +Wed Oct 5 18:27:01 UTC 2022 - Andreas Stieger + +- Mozilla Firefox 105.0.2: + * Fixed poor contrast on various menu items with certain + themes on Linux systems (bmo#1792063) + * Fixed the scrollbar appearing on the wrong side of + `select` elements in right-to-left locales (bmo#1791219) + * Fixed a possible deadlock when loading some sites in + Troubleshoot Mode (bmo#1786259) + * Fixed a bug causing some dynamic appearance changes to + not appear when expected (bmo#1786521) + * Fixed a bug causing theme styling to not be properly applied + to sidebars for some add-ons in Private Browsing Mode + (bmo#1787543) + +------------------------------------------------------------------- +Thu Sep 22 22:12:39 UTC 2022 - Wolfgang Rosenauer + +- Mozilla Firefox 105.0.1 + * Reverted focus behavior for new windows back to the content + area instead of the address bar (bmo#1784692) +- added mozilla-i686-build.patch to avoid using avx2 + +------------------------------------------------------------------- +Sat Sep 17 21:01:10 UTC 2022 - Wolfgang Rosenauer + +- Mozilla Firefox 105.0 + https://www.mozilla.org/en-US/firefox/105.0/releasenotes + MFSA 2022-40 (bsc#1203477) + * CVE-2022-40959 (bmo#1782211) + Bypassing FeaturePolicy restrictions on transient pages + * CVE-2022-40960 (bmo#1787633) + Data-race when parsing non-UTF-8 URLs in threads + * CVE-2022-40958 (bmo#1779993) + Bypassing Secure Context restriction for cookies with __Host + and __Secure prefix + * CVE-2022-40961 (bmo#1784588) + Stack-buffer overflow when initializing Graphics + * CVE-2022-40956 (bmo#1770094) + Content-Security-Policy base-uri bypass + * CVE-2022-40957 (bmo#1777604) + Incoherent instruction cache when building WASM on ARM64 + * CVE-2022-40962 (bmo#1767360, bmo#1776655, bmo#1777574, + bmo#1784835, bmo#1785109, bmo#1786502, bmo#1789440) + Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3 +- requires + NSS 3.82 + Rust 1.63 (1.61) +- removed obsolete mozilla-glibc236.patch + +------------------------------------------------------------------- Fri Sep 9 05:59:03 UTC 2022 - Guillaume GARDET - Adjust memory requirements to fix build on aarch64