# HG changeset patch
# User Wolfgang Rosenauer <wr@rosenauer.org>
# Date 1558595773 -7200
# Node ID a25638dad81de796c7c270c8cd50a8792dc52005
# Parent  3942c205588b2221ecb80b2b856e184943a214ce
final 67.0 release

diff -r 3942c205588b -r a25638dad81d MozillaFirefox/MozillaFirefox.changes
--- a/MozillaFirefox/MozillaFirefox.changes	Wed May 15 19:43:42 2019 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Thu May 23 09:16:13 2019 +0200
@@ -1,5 +1,5 @@
 -------------------------------------------------------------------
-Tue May 14 10:34:08 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
+Sun May 19 20:40:30 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
 
 - Mozilla Firefox 67.0
   * Firefox 67 will be able to run different Firefox installs side by side
@@ -19,6 +19,56 @@
     own avatar
   * Enable FIDO U2F API, and permit registrations for Google Accounts
   * Enabled AV1 support on Linux
+  MFSA 2019-13
+  * CVE-2019-9815 (bmo#1546544)
+    Disable hyperthreading on content JavaScript threads on macOS
+  * CVE-2019-9816 (bmo#1536768)
+    Type confusion with object groups and UnboxedObjects
+  * CVE-2019-9817 (bmo#1540221)
+    Stealing of cross-domain images using canvas
+  * CVE-2019-9818 (bmo#1542581) (Windows only)
+    Use-after-free in crash generation server
+  * CVE-2019-9819 (bmo#1532553)
+    Compartment mismatch with fetch API
+  * CVE-2019-9820 (bmo#1536405)
+    Use-after-free of ChromeEventHandler by DocShell
+  * CVE-2019-9821 (bmo#1539125)
+    Use-after-free in AssertWorkerThread
+  * CVE-2019-11691 (bmo#1542465)
+    Use-after-free in XMLHttpRequest
+  * CVE-2019-11692 (bmo#1544670)
+    Use-after-free removing listeners in the event listener manager
+  * CVE-2019-11693 (bmo#1532525)
+    Buffer overflow in WebGL bufferdata on Linux
+  * CVE-2019-7317 (bmo#1542829)
+    Use-after-free in png_image_free of libpng library
+  * CVE-2019-11694 (bmo#1534196) (Windows only)
+    Uninitialized memory memory leakage in Windows sandbox
+  * CVE-2019-11695 (bmo#1445844)
+    Custom cursor can render over user interface outside of web content
+  * CVE-2019-11696 (bmo#1392955)
+    Java web start .JNLP files are not recognized as executable files
+    for download prompts
+  * CVE-2019-11697 (bmo#1440079)
+    Pressing key combinations can bypass installation prompt delays and
+    install extensions
+  * CVE-2019-11698 (bmo#1543191)
+    Theft of user history data through drag and drop of hyperlinks
+    to and from bookmarks
+  * CVE-2019-11700 (bmo#1549833) (Windows only)
+    res: protocol can be used to open known local files
+  * CVE-2019-11699 (bmo#1528939)
+    Incorrect domain name highlighting during page navigation
+  * CVE-2019-11701 (bmo#1518627)
+    webcal: protocol default handler loads vulnerable web page
+  * CVE-2019-9814 (bmo#1527592, bmo#1534536, bmo#1520132, bmo#1543159,
+    bmo#1539393, bmo#1459932, bmo#1459182, bmo#1516425)
+    Memory safety bugs fixed in Firefox 67
+  * CVE-2019-9800 (bmo#1540166, bmo#1534593, bmo#1546327, bmo#1540136,
+    bmo#1538736, bmo#1538042, bmo#1535612, bmo#1499719, bmo#1499108,
+    bmo#1538619, bmo#1535194, bmo#1516325, bmo#1542324, bmo#1542097,
+    bmo#1532465, bmo#1533554, bmo#1541580)
+    Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
 - requires
   * rust/cargo >= 1.32
   * mozilla-nspr >= 4.21
@@ -28,6 +78,12 @@
 - KDE integration for default browser detection is broken in this revision
 
 -------------------------------------------------------------------
+Fri May 17 12:04:49 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Fix armv7 build with:
+  * mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
+
+-------------------------------------------------------------------
 Fri May 10 10:30:05 UTC 2019 - Manfred Hollstein <manfred.h@gmx.net>
 
 - Mozilla Firefox 66.0.5
diff -r 3942c205588b -r a25638dad81d MozillaFirefox/MozillaFirefox.spec
--- a/MozillaFirefox/MozillaFirefox.spec	Wed May 15 19:43:42 2019 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec	Thu May 23 09:16:13 2019 +0200
@@ -24,7 +24,7 @@
 %define orig_suffix    %{nil}
 %define update_channel release
 %define branding       1
-%define releasedate    20190513195729
+%define releasedate    20190516215225
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that
@@ -164,6 +164,7 @@
 Patch9:         mozilla-bmo1463035.patch
 Patch10:        mozilla-cubeb-noreturn.patch
 Patch11:        mozilla-fix-aarch64-libopus.patch
+Patch12:        mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
 # Firefox/browser
 Patch101:       firefox-kde.patch
 Patch102:       firefox-branded-icons.patch
@@ -271,6 +272,7 @@
 %patch9 -p1
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1
diff -r 3942c205588b -r a25638dad81d MozillaFirefox/create-tar.sh
--- a/MozillaFirefox/create-tar.sh	Wed May 15 19:43:42 2019 +0200
+++ b/MozillaFirefox/create-tar.sh	Thu May 23 09:16:13 2019 +0200
@@ -7,7 +7,7 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="3126a5c2560c34a8acb33d62e54b2be0f704a190"
+RELEASE_TAG="2a7896ba9aa5d982abe01f859d771d411fda8101"
 VERSION="67.0"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
diff -r 3942c205588b -r a25638dad81d MozillaFirefox/mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/MozillaFirefox/mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch	Thu May 23 09:16:13 2019 +0200
@@ -0,0 +1,1 @@
+../mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
\ No newline at end of file
diff -r 3942c205588b -r a25638dad81d MozillaFirefox/source-stamp.txt
--- a/MozillaFirefox/source-stamp.txt	Wed May 15 19:43:42 2019 +0200
+++ b/MozillaFirefox/source-stamp.txt	Thu May 23 09:16:13 2019 +0200
@@ -1,2 +1,2 @@
-REV=3126a5c2560c34a8acb33d62e54b2be0f704a190
+REV=2a7896ba9aa5d982abe01f859d771d411fda8101
 REPO=http://hg.mozilla.org/releases/mozilla-release
diff -r 3942c205588b -r a25638dad81d mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch	Thu May 23 09:16:13 2019 +0200
@@ -0,0 +1,11 @@
+--- a/js/src/wasm/WasmSignalHandlers.cpp	2019-05-16 11:25:13.260881532 +0200
++++ b/js/src/wasm/WasmSignalHandlers.cpp	2019-05-16 11:24:35.164589301 +0200
+@@ -243,7 +243,7 @@ using mozilla::DebugOnly;
+ // emulation here.
+ 
+ #if defined(__linux__) && defined(__arm__)
+-#  define WASM_EMULATE_ARM_UNALIGNED_FP_ACCESS
++// #  define WASM_EMULATE_ARM_UNALIGNED_FP_ACCESS
+ #endif
+ 
+ #ifdef WASM_EMULATE_ARM_UNALIGNED_FP_ACCESS
diff -r 3942c205588b -r a25638dad81d series
--- a/series	Wed May 15 19:43:42 2019 +0200
+++ b/series	Thu May 23 09:16:13 2019 +0200
@@ -7,6 +7,7 @@
 mozilla-bmo1463035.patch
 mozilla-cubeb-noreturn.patch
 mozilla-fix-aarch64-libopus.patch
+mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
 
 # Firefox patches
 firefox-kde.patch