firefox 62.0.2 firefox62 tip
authorWolfgang Rosenauer <wr@rosenauer.org>
Wed, 26 Sep 2018 08:34:14 +0200
branchfirefox62
changeset 1071 8dc7d19e8298
parent 1070 18f97bd2c2bf
firefox 62.0.2
MozillaFirefox/MozillaFirefox.changes
MozillaFirefox/MozillaFirefox.spec
MozillaFirefox/create-tar.sh
MozillaFirefox/source-stamp.txt
--- a/MozillaFirefox/MozillaFirefox.changes	Sat Aug 25 18:07:14 2018 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Wed Sep 26 08:34:14 2018 +0200
@@ -1,9 +1,65 @@
 -------------------------------------------------------------------
-Sat Aug 25 15:56:51 UTC 2018 - wr@rosenauer.org
-
-- update to Firefox 62.0b20
+Sat Sep 22 09:03:53 UTC 2018 - astieger@suse.com
+
+- Mozilla Firefox 62.0.2:
+  MFSA 2018-22
+  * CVE-2018-12385 (boo#1109363, bmo#1490585)
+    Crash in TransportSecurityInfo due to cached data
+  * Unvisited bookmarks can once again be autofilled in the address
+    bar
+  * Fix WebGL rendering issues
+  * Fix fallback on startup when a language pack is missing
+  * Avoid crash when sharing a profile with newer (as yet
+    unreleased) versions of Firefox
+  * Do not undo removal of search engines when using a language
+    pack
+  * Fixed rendering of some web sites
+  * Restored compatibility with some sites using deprecated TLS
+    settings
+- disable rust debug symbols to fix build on %ix86
+
+-------------------------------------------------------------------
+Mon Sep  3 10:47:43 UTC 2018 - wr@rosenauer.org
+
+- update to Firefox 62.0
+  * Firefox Home (the default New Tab) now allows users to display
+    up to 4 rows of top sites, Pocket stories, and highlights
+  * "Reopen in Container" tab menu option appears for users with
+    Containers that lets them choose to reopen a tab in a different
+    container
+  * In advance of removing all trust for Symantec-issued certificates
+    in Firefox 63, a preference was added that allows users to distrust
+    certificates issued by Symantec. To use this preference, go to
+    about:config in the address bar and set the preference
+    "security.pki.distrust_ca_policy" to 2.
+  * Support for CSS Shapes, allowing for richer web page layouts.
+    This goes hand in hand with a brand new Shape Path Editor in the
+    CSS inspector.
+  * CSS Variable Fonts (OpenType Font Variations) support, which makes
+    it possible to create beautiful typography with a single font file
+  * Added Canadian English (en-CA) locale
+  MFSA 2018-20 (bsc#1107343)
+  * CVE-2018-12377 (bmo#1470260)
+    Use-after-free in refresh driver timers
+  * CVE-2018-12378 (bmo#1459383)
+    Use-after-free in IndexedDB
+  * CVE-2018-12379 (bmo#1473113) (updater is disabled for us)
+    Out-of-bounds write with malicious MAR file
+  * CVE-2017-16541 (bmo#1412081)
+    Proxy bypass using automount and autofs
+  * CVE-2018-12381 (bmo#1435319)
+    Dragging and dropping Outlook email message results in page navigation
+  * CVE-2018-12382 (bmo#1479311) (Android only)
+    Addressbar spoofing with javascript URI on Firefox for Android
+  * CVE-2018-12383 (bmo#1475775)
+    Setting a master password post-Firefox 58 does not delete
+    unencrypted previously stored passwords
+  * CVE-2018-12375
+    Memory safety bugs fixed in Firefox 62
+  * CVE-2018-12376
+    Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
 - requires NSS >= 3.38
-- removed obsolete patches
+- removed obsolete patch
   mozilla-bmo1464766.patch
 
 -------------------------------------------------------------------
--- a/MozillaFirefox/MozillaFirefox.spec	Sat Aug 25 18:07:14 2018 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec	Wed Sep 26 08:34:14 2018 +0200
@@ -13,18 +13,18 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
 # changed with every update
-%define major          61
-%define mainver        %major.99
-%define orig_version   62.0
-%define orig_suffix    b20
-%define update_channel beta
+%define major          62
+%define mainver        %major.0.2
+%define orig_version   62.0.2
+%define orig_suffix    %{nil}
+%define update_channel release
 %define branding       1
-%define releasedate    20180823143155
+%define releasedate    20180921000000
 %define source_prefix  firefox-%{orig_version}
 
 # PIE, full relro (x86_64 for now)
@@ -345,11 +345,15 @@
 %if 0%{?suse_version} > 1320
 ac_add_options --enable-optimize="-g -O2"
 %endif
-%ifarch %ix86 %arm
+%ifarch %arm
 %if 0%{?suse_version} > 1230
 ac_add_options --disable-optimize
 %endif
 %endif
+# bmo#1441155 - Disable the generation of Rust debug symbols on Linux32
+%ifarch %ix86
+ac_add_options --disable-debug-symbols
+%endif
 %ifarch %arm
 ac_add_options --disable-elf-hack
 %endif
--- a/MozillaFirefox/create-tar.sh	Sat Aug 25 18:07:14 2018 +0200
+++ b/MozillaFirefox/create-tar.sh	Wed Sep 26 08:34:14 2018 +0200
@@ -5,11 +5,11 @@
 # "moz_source_stamp": "c1de04f39fa956cfce83f6065b0e709369215ed5"
 # http://ftp.mozilla.org/pub/firefox/candidates/48.0-candidates/build2/l10n_changesets.txt
 
-CHANNEL="beta"
+CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_62_0b20_RELEASE"
-VERSION="62.0"
-VERSION_SUFFIX="b20"
+RELEASE_TAG="150c70d39363b57ea4e92fbbd900b338f09177d6"
+VERSION="62.0.2"
+VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 
 # check required tools
--- a/MozillaFirefox/source-stamp.txt	Sat Aug 25 18:07:14 2018 +0200
+++ b/MozillaFirefox/source-stamp.txt	Wed Sep 26 08:34:14 2018 +0200
@@ -1,2 +1,2 @@
-REV=7fda8e538067
-REPO=http://hg.mozilla.org/releases/mozilla-beta
+REV=150c70d39363
+REPO=http://hg.mozilla.org/releases/mozilla-release