Mercurial Mercurial > hg > mozilla / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
63.0.1 firefox63
authorWolfgang Rosenauer <wr@rosenauer.org>
Thu, 08 Nov 2018 17:56:27 +0100
branchfirefox63
changeset 1077 d8601c72c87b
parent 1076 2823eb50c9a9
child 1078 9f49c406dc11
63.0.1
MozillaFirefox/MozillaFirefox.changes file | annotate | diff | comparison | revisions
MozillaFirefox/MozillaFirefox.spec file | annotate | diff | comparison | revisions
MozillaFirefox/create-tar.sh file | annotate | diff | comparison | revisions
MozillaFirefox/source-stamp.txt file | annotate | diff | comparison | revisions 
--- a/MozillaFirefox/MozillaFirefox.changes	Mon Oct 29 15:14:41 2018 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes	Thu Nov 08 17:56:27 2018 +0100
@@ -1,4 +1,15 @@
 -------------------------------------------------------------------
+Thu Nov  8 14:59:13 UTC 2018 - wr@rosenauer.org
+
+- update to Firefox 63.0.1
+  * Snippets are not loaded due to missing element (bmo#1503047)
+  * Print preview always shows 30& scale when it is actually
+    Shrink To Fit (bmo#1501952)
+  * Dialog displayed when closing multiple windows shows unreplaced
+    %1$S placeholder in Japanese and potentially other locales
+    (bmo#1500823)
+
+-------------------------------------------------------------------
 Mon Oct 29 14:07:51 UTC 2018 - wr@rosenauer.org
 
 - update to Firefox 63.0
@@ -8,7 +19,41 @@
     default behavior is activated only in new profiles and can be
     changed in preferences.
   * Added support for Web Components custom elements and shadow DOM
+  MFSA 2018-26 (bsc#1112852)
+  * CVE-2018-12391 (bmo#1478843) (Android-only)
+    HTTP Live Stream audio data is accessible cross-origin
+  * CVE-2018-12392 (bmo#1492823)
+    Crash with nested event loops
+  * CVE-2018-12393 (bmo#1495011) (only affects non-64-bit archs)
+    Integer overflow during Unicode conversion while loading JavaScript
+  * CVE-2018-12395 (bmo#1467523)
+    WebExtension bypass of domain restrictions through header rewriting
+  * CVE-2018-12396 (bmo#1483602)
+    WebExtension content scripts can execute in disallowed contexts
+  * CVE-2018-12397 (bmo#1487478)
+    Missing warning prompt when WebExtension requests local file access
+  * CVE-2018-12398 (bmo#1460538, bmo#1488061)
+    CSP bypass through stylesheet injection in resource URIs
+  * CVE-2018-12399 (bmo#1490276)
+    Spoofing of protocol registration notification bar
+  * CVE-2018-12400 (bmo#1448305) (Android only)
+    Favicons are cached in private browsing mode on Firefox for Android
+  * CVE-2018-12401 (bmo#1422456)
+    DOS attack through special resource URI parsing
+  * CVE-2018-12402 (bmo#1469916)
+    SameSite cookies leak when pages are explicitly saved
+  * CVE-2018-12403 (bmo#1484753)
+    Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP
+  * CVE-2018-12388 (bmo#1472639, bmo#1485698, bmo#1301547, bmo#1471427,
+    bmo#1379411, bmo#1482122, bmo#1486314, bmo#1487167)
+    Memory safety bugs fixed in Firefox 63
+  * CVE-2018-12390 (bmo#1487098, bmo#1487660, bmo#1490234, bmo#1496159,
+    bmo#1443748, bmo#1496340, bmo#1483905, bmo#1493347, bmo#1488803,
+    bmo#1498701, bmo#1498482, bmo#1442010, bmo#1495245, bmo#1483699,
+    bmo#1469486, bmo#1484905, bmo#1490561, bmo#1492524, bmo#1481844)
+    Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
 - requires NSPR 4.20, NSS 3.39 and Rust 1.28
+- latest rust does not provide rust-std so stop requiring it
 
 -------------------------------------------------------------------
 Thu Oct 25 14:39:04 UTC 2018 - guillaume.gardet@opensuse.org
--- a/MozillaFirefox/MozillaFirefox.spec	Mon Oct 29 15:14:41 2018 +0100
+++ b/MozillaFirefox/MozillaFirefox.spec	Thu Nov 08 17:56:27 2018 +0100
@@ -13,18 +13,18 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
 # changed with every update
 %define major          63
-%define mainver        %major.0
-%define orig_version   63.0
+%define mainver        %major.0.1
+%define orig_version   63.0.1
 %define orig_suffix    %{nil}
 %define update_channel release
 %define branding       1
-%define releasedate    20181018182531
+%define releasedate    20181030165643
 %define source_prefix  firefox-%{orig_version}
 
 # PIE, full relro (x86_64 for now)
@@ -80,7 +80,6 @@
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5
 BuildRequires:  rust >= 1.28
-BuildRequires:  rust-std
 BuildRequires:  startup-notification-devel
 BuildRequires:  unzip
 BuildRequires:  update-desktop-files
--- a/MozillaFirefox/create-tar.sh	Mon Oct 29 15:14:41 2018 +0100
+++ b/MozillaFirefox/create-tar.sh	Thu Nov 08 17:56:27 2018 +0100
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_63_0_RELEASE"
-VERSION="63.0"
+RELEASE_TAG="FIREFOX_63_0_1_RELEASE"
+VERSION="63.0.1"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 
--- a/MozillaFirefox/source-stamp.txt	Mon Oct 29 15:14:41 2018 +0100
+++ b/MozillaFirefox/source-stamp.txt	Thu Nov 08 17:56:27 2018 +0100
@@ -1,2 +1,2 @@
-REV=84219fbf133c
+REV=6d5e52718c00
 REPO=http://hg.mozilla.org/releases/mozilla-release
mozilla