--- a/MozillaFirefox/MozillaFirefox.changes Sat Jun 23 17:04:50 2018 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Thu Aug 23 16:35:52 2018 +0200
@@ -1,4 +1,31 @@
-------------------------------------------------------------------
+Thu Aug 9 14:22:00 UTC 2018 - wr@rosenauer.org
+
+- update to Firefox 61.0.2
+ * Improved website rendering with the Retained Display List feature
+ enabled (bmo#1474402)
+ * Fixed broken DevTools panels with certain extensions installed
+ (bmo#1474379)
+ * Fixed a crash for users with some accessibility tools enabled
+ (bmo#1474007)
+
+-------------------------------------------------------------------
+Mon Jul 9 07:22:09 UTC 2018 - astieger@suse.com
+
+- Mozilla Firefox 61.0.1:
+ * Fix missing content on the New Tab Page and the Home section of
+ the Preferences page (bmo#1471375)
+ * Fixed loss of bookmarks under rare circumstances when upgrading
+ from Firefox 60 (bmo#1472127)
+ * Improved playback of Twitch 1080p video streams (bmo#1469257)
+ * Web pages no longer lose focus when a browser popup window is
+ opened (bmo#1471415)
+ * Re-allowed downloading files from FTP sites via the "Save Link
+ As" option when linked from HTTP pages (bmo#1470295)
+ * Fixed extensions being unable to override the default homepage
+ in certain situations (bmo#1466846)
+
+-------------------------------------------------------------------
Sat Jun 23 07:25:51 UTC 2018 - wr@rosenauer.org
- update to Firefox 61.0
@@ -8,15 +35,57 @@
* OpenSearch plugins offered by web pages can now be added from the
page action menu for easier installation
* Improved support for allowing WebExtensions to manage and hide tabs
+ MFSA 2018-15 (bsc#1098998)
+ * CVE-2018-12359 (bmo#1459162)
+ Buffer overflow using computed size of canvas element
+ * CVE-2018-12360 (bmo#1459693)
+ Use-after-free when using focus()
+ * CVE-2018-12361 (bmo#1463244)
+ Integer overflow in SwizzleData
+ * CVE-2018-12358 (bmo#1467852)
+ Same-origin bypass using service worker and redirection
+ * CVE-2018-12362 (bmo#1452375)
+ Integer overflow in SSSE3 scaler
+ * CVE-2018-5156 (bmo#1453127)
+ Media recorder segmentation fault when track type is changed during capture
+ * CVE-2018-12363 (bmo#1464784)
+ Use-after-free when appending DOM nodes
+ * CVE-2018-12364 (bmo#1436241)
+ CSRF attacks through 307 redirects and NPAPI plugins
+ * CVE-2018-12365 (bmo#1459206)
+ Compromised IPC child process can list local filenames
+ * CVE-2018-12371 (bmo#1465686)
+ Integer overflow in Skia library during edge builder allocation
+ * CVE-2018-12366 (bmo#1464039)
+ Invalid data handling during QCMS transformations
+ * CVE-2018-12367 (bmo#1462891)
+ Timing attack mitigation of PerformanceNavigationTiming
+ * CVE-2018-12369 (bmo#1454909)
+ WebExtension security permission checks bypassed by embedded experiments
+ * CVE-2018-12370 (bmo#1456652)
+ SameSite cookie protections bypassed when exiting Reader View
+ * CVE-2018-5186 (bmo#1464872,bmo#1463329,bmo#1419373,bmo#1412882,
+ bmo#1413033,bmo#1444673,bmo#1454448,bmo#1453505,bmo#1438671)
+ Memory safety bugs fixed in Firefox 61
+ * CVE-2018-5187 (bmo#1461324,bmo#1414829,bmo#1395246,bmo#1467938,
+ bmo#1461619,bmo#1425930,bmo#1438556,bmo#1454285,bmo#1459568,
+ bmo#1463884)
+ Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
+ * CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
+ bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
+ bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
+ bmo#1464079,bmo#1463494,bmo#1458048)
+ Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
- requires NSS 3.37.3
+- requires python >= 3.5 to build
- removed obsolete patches
mozilla-i586-DecoderDoctorLogger.patch
mozilla-i586-domPrefs.patch
mozilla-fix-skia-aarch64.patch
mozilla-bmo1375074.patch
+ mozilla-enable-csd.patch
- patch for new no-return warnings (mozilla-no-return.patch)
- do not disable system installed locales (mozilla-bmo1464766.patch)
-- disabled outdated mozilla-enable-csd.patch temporarily
-------------------------------------------------------------------
Fri Jun 8 10:52:13 UTC 2018 - bjorn.lie@gmail.com
--- a/MozillaFirefox/MozillaFirefox.spec Sat Jun 23 17:04:50 2018 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Thu Aug 23 16:35:52 2018 +0200
@@ -19,12 +19,12 @@
# changed with every update
%define major 61
-%define mainver %major.0
-%define orig_version 61.0
+%define mainver %major.0.2
+%define orig_version 61.0.2
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
-%define releasedate 20180621125625
+%define releasedate 20180807170231
%define source_prefix firefox-%{orig_version}
# PIE, full relro (x86_64 for now)
@@ -63,7 +63,6 @@
BuildRequires: memory-constraints
%if 0%{?suse_version} <= 1320
BuildRequires: gcc7-c++
-BuildRequires: python3
%else
BuildRequires: gcc-c++
%endif
@@ -79,6 +78,7 @@
BuildRequires: mozilla-nss-devel >= 3.37.3
BuildRequires: python-devel
BuildRequires: python2-xml
+BuildRequires: python3 >= 3.5
BuildRequires: rust >= 1.24
BuildRequires: rust-std
BuildRequires: startup-notification-devel
@@ -159,9 +159,8 @@
Patch6: mozilla-reduce-files-per-UnifiedBindings.patch
Patch7: mozilla-aarch64-startup-crash.patch
Patch8: mozilla-bmo256180.patch
-Patch9: mozilla-enable-csd.patch
-Patch10: mozilla-no-return.patch
-Patch11: mozilla-bmo1464766.patch
+Patch9: mozilla-no-return.patch
+Patch10: mozilla-bmo1464766.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -271,9 +270,8 @@
%endif
%patch7 -p1
%patch8 -p1
-#%patch9 -p1
+%patch9 -p1
%patch10 -p1
-#%patch11 -p1
# Firefox
%patch101 -p1
%patch102 -p1
--- a/MozillaFirefox/create-tar.sh Sat Jun 23 17:04:50 2018 +0200
+++ b/MozillaFirefox/create-tar.sh Thu Aug 23 16:35:52 2018 +0200
@@ -7,8 +7,8 @@
CHANNEL="release"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="785d242a5b01d5f1094882aa2144d8e5e2791e06"
-VERSION="61.0"
+RELEASE_TAG="FIREFOX_61_0_2_RELEASE"
+VERSION="61.0.2"
VERSION_SUFFIX=""
LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
--- a/MozillaFirefox/source-stamp.txt Sat Jun 23 17:04:50 2018 +0200
+++ b/MozillaFirefox/source-stamp.txt Thu Aug 23 16:35:52 2018 +0200
@@ -1,2 +1,2 @@
-REV=785d242a5b01
+REV=975058795980
REPO=http://hg.mozilla.org/releases/mozilla-release