mozilla: MozillaFirefox/MozillaFirefox.changes@0410f6db95d5 (annotated)

893 86f72f1e98a4 prepare Gtk3 based builds on a feature branch Wolfgang Rosenauer <wr@rosenauer.org> parents: 892 diff changeset	1	-------------------------------------------------------------------
1069 0410f6db95d5 readd unsignedScopes preference Wolfgang Rosenauer <wr@rosenauer.org> parents: 1067 diff changeset	2	Sat Aug 25 12:53:16 UTC 2018 - wr@rosenauer.org
1066 3f18b0f2a868 merge from firefox61 and specify next beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1065 diff changeset	3
3f18b0f2a868 merge from firefox61 and specify next beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1065 diff changeset	4	- update to Firefox 62.0b19
3f18b0f2a868 merge from firefox61 and specify next beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1065 diff changeset	5	- requires NSS >= 3.38
1067 735b140fb042 rebased patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1066 diff changeset	6	- removed obsolete patches
735b140fb042 rebased patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1066 diff changeset	7	mozilla-bmo1464766.patch
1069 0410f6db95d5 readd unsignedScopes preference Wolfgang Rosenauer <wr@rosenauer.org> parents: 1067 diff changeset	8	- moved unsignedScope pref into new patch
0410f6db95d5 readd unsignedScopes preference Wolfgang Rosenauer <wr@rosenauer.org> parents: 1067 diff changeset	9	mozilla-unsignedScopes.patch
1066 3f18b0f2a868 merge from firefox61 and specify next beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1065 diff changeset	10
3f18b0f2a868 merge from firefox61 and specify next beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1065 diff changeset	11	-------------------------------------------------------------------
1065 33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	12	Thu Aug 9 14:22:00 UTC 2018 - wr@rosenauer.org
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	13
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	14	- update to Firefox 61.0.2
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	15	* Improved website rendering with the Retained Display List feature
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	16	enabled (bmo#1474402)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	17	* Fixed broken DevTools panels with certain extensions installed
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	18	(bmo#1474379)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	19	* Fixed a crash for users with some accessibility tools enabled
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	20	(bmo#1474007)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	21
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	22	-------------------------------------------------------------------
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	23	Mon Jul 9 07:22:09 UTC 2018 - astieger@suse.com
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	24
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	25	- Mozilla Firefox 61.0.1:
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	26	* Fix missing content on the New Tab Page and the Home section of
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	27	the Preferences page (bmo#1471375)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	28	* Fixed loss of bookmarks under rare circumstances when upgrading
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	29	from Firefox 60 (bmo#1472127)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	30	* Improved playback of Twitch 1080p video streams (bmo#1469257)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	31	* Web pages no longer lose focus when a browser popup window is
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	32	opened (bmo#1471415)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	33	* Re-allowed downloading files from FTP sites via the "Save Link
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	34	As" option when linked from HTTP pages (bmo#1470295)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	35	* Fixed extensions being unable to override the default homepage
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	36	in certain situations (bmo#1466846)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	37
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	38	-------------------------------------------------------------------
1061 42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	39	Sat Jun 23 07:25:51 UTC 2018 - wr@rosenauer.org
42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	40
42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	41	- update to Firefox 61.0
42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	42	* Performance enhancements
42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	43	* Various improvements for dark theme support will provide a more
42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	44	consistent experience across the entire Firefox UI
42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	45	* OpenSearch plugins offered by web pages can now be added from the
42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	46	page action menu for easier installation
42510f8eee28 61.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1060 diff changeset	47	* Improved support for allowing WebExtensions to manage and hide tabs
1065 33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	48	MFSA 2018-15 (bsc#1098998)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	49	* CVE-2018-12359 (bmo#1459162)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	50	Buffer overflow using computed size of canvas element
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	51	* CVE-2018-12360 (bmo#1459693)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	52	Use-after-free when using focus()
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	53	* CVE-2018-12361 (bmo#1463244)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	54	Integer overflow in SwizzleData
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	55	* CVE-2018-12358 (bmo#1467852)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	56	Same-origin bypass using service worker and redirection
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	57	* CVE-2018-12362 (bmo#1452375)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	58	Integer overflow in SSSE3 scaler
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	59	* CVE-2018-5156 (bmo#1453127)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	60	Media recorder segmentation fault when track type is changed during capture
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	61	* CVE-2018-12363 (bmo#1464784)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	62	Use-after-free when appending DOM nodes
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	63	* CVE-2018-12364 (bmo#1436241)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	64	CSRF attacks through 307 redirects and NPAPI plugins
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	65	* CVE-2018-12365 (bmo#1459206)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	66	Compromised IPC child process can list local filenames
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	67	* CVE-2018-12371 (bmo#1465686)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	68	Integer overflow in Skia library during edge builder allocation
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	69	* CVE-2018-12366 (bmo#1464039)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	70	Invalid data handling during QCMS transformations
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	71	* CVE-2018-12367 (bmo#1462891)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	72	Timing attack mitigation of PerformanceNavigationTiming
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	73	* CVE-2018-12369 (bmo#1454909)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	74	WebExtension security permission checks bypassed by embedded experiments
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	75	* CVE-2018-12370 (bmo#1456652)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	76	SameSite cookie protections bypassed when exiting Reader View
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	77	* CVE-2018-5186 (bmo#1464872,bmo#1463329,bmo#1419373,bmo#1412882,
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	78	bmo#1413033,bmo#1444673,bmo#1454448,bmo#1453505,bmo#1438671)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	79	Memory safety bugs fixed in Firefox 61
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	80	* CVE-2018-5187 (bmo#1461324,bmo#1414829,bmo#1395246,bmo#1467938,
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	81	bmo#1461619,bmo#1425930,bmo#1438556,bmo#1454285,bmo#1459568,
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	82	bmo#1463884)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	83	Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	84	* CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	85	bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	86	bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	87	bmo#1464079,bmo#1463494,bmo#1458048)
33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	88	Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
1054 fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	89	- requires NSS 3.37.3
1065 33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	90	- requires python >= 3.5 to build
1055 526f445635f3 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1054 diff changeset	91	- removed obsolete patches
526f445635f3 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1054 diff changeset	92	mozilla-i586-DecoderDoctorLogger.patch
526f445635f3 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1054 diff changeset	93	mozilla-i586-domPrefs.patch
526f445635f3 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1054 diff changeset	94	mozilla-fix-skia-aarch64.patch
526f445635f3 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1054 diff changeset	95	mozilla-bmo1375074.patch
1065 33c6119b5cc5 61.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1061 diff changeset	96	mozilla-enable-csd.patch
1057 b70ce330958c successfull RPM build Wolfgang Rosenauer <wr@rosenauer.org> parents: 1056 diff changeset	97	- patch for new no-return warnings (mozilla-no-return.patch)
1059 936bf8851c57 try to make langpacks work again Wolfgang Rosenauer <wr@rosenauer.org> parents: 1057 diff changeset	98	- do not disable system installed locales (mozilla-bmo1464766.patch)
1054 fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	99
fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	100	-------------------------------------------------------------------
1056 90e1f32cf034 several changes to make upstream tarballs a good neighbour for locale fetching and HG checkouts Wolfgang Rosenauer <wr@rosenauer.org> parents: 1055 diff changeset	101	Fri Jun 8 10:52:13 UTC 2018 - bjorn.lie@gmail.com
1054 fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	102
fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	103	- Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass
fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	104	conditional --disable-gconf to configure: no longer pull in
fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	105	obsolete gconf2 for Tumbleweed.
fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	106
fbfe323c62cd Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass <bjorn.lie@gmail.com> parents: 1052 diff changeset	107	-------------------------------------------------------------------
1052 7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	108	Thu Jun 7 12:11:06 UTC 2018 - wr@rosenauer.org
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	109
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	110	- update to Firefox 60.0.2
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	111	* requires NSS 3.36.4
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	112	MFSA 2018-14 (bsc#1096449)
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	113	* CVE-2018-6126 (bmo#1462682)
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	114	Heap buffer overflow rasterizing paths in SVG with Skia
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	115
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	116	-------------------------------------------------------------------
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	117	Wed Jun 6 18:57:52 UTC 2018 - guillaume.gardet@opensuse.org
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	118
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	119	- Add upstream patch to fix boo#1093059 instead of '-ffixed-x28'
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	120	workaround:
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	121	* mozilla-bmo1375074.patch
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	122
7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	123	-------------------------------------------------------------------
1051 87c1625d07e2 fix aarch64 startup crash Wolfgang Rosenauer <wr@rosenauer.org> parents: 1049 diff changeset	124	Sat May 26 15:53:25 UTC 2018 - wr@rosenauer.org
87c1625d07e2 fix aarch64 startup crash Wolfgang Rosenauer <wr@rosenauer.org> parents: 1049 diff changeset	125
87c1625d07e2 fix aarch64 startup crash Wolfgang Rosenauer <wr@rosenauer.org> parents: 1049 diff changeset	126	- fixed "open with" option under KDE (boo#1094747)
87c1625d07e2 fix aarch64 startup crash Wolfgang Rosenauer <wr@rosenauer.org> parents: 1049 diff changeset	127	- workaround crash on startup on aarch64 (boo#1093059)
1052 7a49806c8dae 60.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1051 diff changeset	128	(contributed by guillaume.gardet@arm.com)
1051 87c1625d07e2 fix aarch64 startup crash Wolfgang Rosenauer <wr@rosenauer.org> parents: 1049 diff changeset	129
87c1625d07e2 fix aarch64 startup crash Wolfgang Rosenauer <wr@rosenauer.org> parents: 1049 diff changeset	130	-------------------------------------------------------------------
1049 08307c08d990 architecture fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1048 diff changeset	131	Wed May 23 08:49:09 UTC 2018 - guillaume.gardet@opensuse.org
08307c08d990 architecture fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1048 diff changeset	132
08307c08d990 architecture fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1048 diff changeset	133	- Disable webrtc for aarch64 due to bmo#1434589
08307c08d990 architecture fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1048 diff changeset	134	- Add patch to fix skia build on AArch64:
08307c08d990 architecture fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1048 diff changeset	135	* mozilla-fix-skia-aarch64.patch
08307c08d990 architecture fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1048 diff changeset	136
08307c08d990 architecture fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1048 diff changeset	137	-------------------------------------------------------------------
1048 a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	138	Thu May 17 14:01:18 UTC 2018 - wr@rosenauer.org
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	139
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	140	- update to Firefox 60.0.1
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	141	* Avoid overly long cycle collector pauses with some add-ons installed
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	142	(bmo#1449033)
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	143	* After unckecking the "Sponsored Stories" option, the New Tab page
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	144	now immediately stops displaying "Sponsored content" cards (bmo#1458906)
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	145	* On touchscreen devices, fixed momentum scrolling on non-zoomable pages
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	146	(bmo#1457743)
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	147	* Use the right default background when opening tabs or windows in
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	148	high contrast mode (bmo#1458956)
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	149	* Restored translations of the Preferences panels when using a
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	150	language pack (bmo#1461590)
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	151
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	152	-------------------------------------------------------------------
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	153	Mon May 14 13:37:38 UTC 2018 - pcerny@suse.com
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	154
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	155	- parellelise locales building
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	156
a6a2360bc1bd 60.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1047 diff changeset	157	-------------------------------------------------------------------
1047 847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	158	Mon May 7 08:32:28 UTC 2018 - wr@rosenauer.org
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	159
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	160	- update to Firefox 60.0
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	161	* Added a policy engine that allows customized Firefox deployments
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	162	in enterprise environments, using Windows Group Policy or a
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	163	cross-platform JSON file
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	164	* Applied Quantum CSS to render browser UI
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	165	* Added support for Web Authentication, allowing the use of USB
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	166	tokens for authentication to web sites
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	167	* Locale added: Occitan (oc)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	168	MFSA 2018-11 (bsc#1092548)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	169	* CVE-2018-5154 (bmo#1443092)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	170	Use-after-free with SVG animations and clip paths
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	171	* CVE-2018-5155 (bmo#1448774)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	172	Use-after-free with SVG animations and text paths
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	173	* CVE-2018-5157 (bmo#1449898)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	174	Same-origin bypass of PDF Viewer to view protected PDF files
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	175	* CVE-2018-5158 (bmo#1452075)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	176	Malicious PDF can inject JavaScript into PDF Viewer
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	177	* CVE-2018-5159 (bmo#1441941)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	178	Integer overflow and out-of-bounds write in Skia
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	179	* CVE-2018-5160 (bmo#1436117)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	180	Uninitialized memory use by WebRTC encoder
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	181	* CVE-2018-5152 (bmo#1415644, bmo#1427289)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	182	WebExtensions information leak through webRequest API
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	183	* CVE-2018-5153 (bmo#1436809)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	184	Out-of-bounds read in mixed content websocket messages
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	185	* CVE-2018-5163 (bmo#1426353)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	186	Replacing cached data in JavaScript Start-up Bytecode Cache
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	187	* CVE-2018-5164 (bmo#1416045)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	188	CSP not applied to all multipart content sent with
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	189	multipart/x-mixed-replace
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	190	* CVE-2018-5166 (bmo#1437325)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	191	WebExtension host permission bypass through filterReponseData
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	192	* CVE-2018-5167 (bmo#1447969)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	193	Improper linkification of chrome: and javascript: content in
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	194	web console and JavaScript debugger
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	195	* CVE-2018-5168 (bmo#1449548)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	196	Lightweight themes can be installed without user interaction
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	197	* CVE-2018-5169 (bmo#1319157)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	198	Dragging and dropping link text onto home button can set home page
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	199	to include chrome pages
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	200	* CVE-2018-5172 (bmo#1436482)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	201	Pasted script from clipboard can run in the Live Bookmarks page
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	202	or PDF viewer
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	203	* CVE-2018-5173 (bmo#1438025)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	204	File name spoofing of Downloads panel with Unicode characters
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	205	* CVE-2018-5174 (bmo#1447080) (Windows-only)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	206	Windows Defender SmartScreen UI runs with less secure behavior
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	207	for downloaded files in Windows 10 April 2018 Update
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	208	* CVE-2018-5175 (bmo#1432358)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	209	Universal CSP bypass on sites using strict-dynamic in their policies
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	210	* CVE-2018-5176 (bmo#1442840)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	211	JSON Viewer script injection
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	212	* CVE-2018-5177 (bmo#1451908)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	213	Buffer overflow in XSLT during number formatting
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	214	* CVE-2018-5165 (bmo#1451452)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	215	Checkbox for enabling Flash protected mode is inverted in 32-bit
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	216	Firefox
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	217	* CVE-2018-5180 (bmo#1444086)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	218	heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	219	* CVE-2018-5181 (bmo#1424107)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	220	Local file can be displayed in noopener tab through drag and
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	221	drop of hyperlink
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	222	* CVE-2018-5182 (bmo#1435908)
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	223	Local file can be displayed from hyperlink dragged and dropped
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	224	on addressbar
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	225	* CVE-2018-5151
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	226	Memory safety bugs fixed in Firefox 60
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	227	* CVE-2018-5150
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	228	Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
1046 75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	229	- removed obsolete patches
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	230	0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
1047 847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	231	mozilla-bmo1005535.patch
1046 75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	232	- requires NSPR 4.19 and NSS 3.36.1
1047 847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	233	- requires rust 1.24 or higher
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	234	- use upstream source archive and detached signature for
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	235	source verification
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	236
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	237	-------------------------------------------------------------------
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	238	Thu May 3 14:33:37 UTC 2018 - guillaume.gardet@opensuse.org
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	239
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	240	- Fix armv7 build by:
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	241	* adding RUSTFLAGS="-Cdebuginfo=0"
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	242	* updating _constraints for %arm
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	243
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	244	-------------------------------------------------------------------
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	245	Wed May 2 20:46:37 UTC 2018 - wr@rosenauer.org
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	246
847ae61baab6 Firefox 60.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 1046 diff changeset	247	- do not try CSD on kwin (boo#1091592)
1046 75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	248	- fix build in openSUSE:Leap:42.3:Update, use gcc7
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	249
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	250	-------------------------------------------------------------------
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	251	Tue May 1 14:26:24 UTC 2018 - astieger@suse.com
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	252
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	253	- Mozilla Firefox 59.0.3:
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	254	* fixes for platforms other than GNU/Linux
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	255
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	256	-------------------------------------------------------------------
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	257	Fri Apr 20 12:31:52 UTC 2018 - mliska@suse.cz
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	258
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	259	- Add 0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	260	in order to fix boo#1090362.
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	261
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	262	-------------------------------------------------------------------
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	263	Mon Apr 2 00:55:45 UTC 2018 - badshah400@gmail.com
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	264
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	265	- Add back mozilla-enable-csd.patch: New rebased version from
75893a3d8fbe 60.0b16 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1044 diff changeset	266	Fedora for version 59.0.x.
1044 142a0c92607c merge latest from 59.x Wolfgang Rosenauer <wr@rosenauer.org> parents: 1043 diff changeset	267
142a0c92607c merge latest from 59.x Wolfgang Rosenauer <wr@rosenauer.org> parents: 1043 diff changeset	268	-------------------------------------------------------------------
1043 5ba4fbb8bed7 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1041 diff changeset	269	Tue Mar 27 14:07:11 UTC 2018 - schwab@suse.de
5ba4fbb8bed7 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1041 diff changeset	270
5ba4fbb8bed7 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1041 diff changeset	271	- Reduce constraints on aarch64
5ba4fbb8bed7 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1041 diff changeset	272
5ba4fbb8bed7 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1041 diff changeset	273	-------------------------------------------------------------------
1041 516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	274	Tue Mar 27 06:40:25 UTC 2018 - wr@rosenauer.org
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	275
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	276	- update to Firefox 59.0.2
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	277	* Invalid page rendering with hardware acceleration enabled (bmo#1435472)
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	278	* Browser keyboard shortcuts (eg copy Ctrl+C) don't work on sites
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	279	that use those keys with resistFingerprinting enabled (bmo#1433592)
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	280	* High CPU / memory churn caused by third-party software on some
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	281	computers (bmo#1446280)
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	282	* Users who have configured an "automatic proxy configuration URL"
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	283	and want to reload their proxy settings from the URL will find
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	284	the Reload button disabled in the Connection Settings dialog when
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	285	they select Preferences/Options>Network Proxy>Settings... (bmo#1445991)
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	286	* URL Fragment Identifiers Break Service Worker Responses (bmo#1443850)
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	287	* User's trying to cancel a print around the time it completes will
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	288	continue to get intermittent crashes (bmo#1441598)
1043 5ba4fbb8bed7 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1041 diff changeset	289	MFSA 2018-10 (bsc#1087059)
1041 516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	290	* CVE-2018-5148 (bmo#1440717)
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	291	Use-after-free in compositor
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	292	- removed obsolete patch mozilla-bmo1446062.patch
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	293
516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	294	-------------------------------------------------------------------
1040 246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	295	Wed Mar 21 17:14:24 UTC 2018 - cgrobertson@suse.com
246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	296
246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	297	- Added patches:
246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	298	* mozilla-i586-DecoderDoctorLogger.patch - bmo#1447070
246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	299	fixes non-unified build error
1041 516dd1ea89e8 Firefox 59.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1040 diff changeset	300	* mozilla-i586-domPrefs.patch - DOMPrefs.h
1040 246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	301	fixes 32bit build error
246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	302
246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	303	-------------------------------------------------------------------
1039 b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	304	Fri Mar 16 06:40:11 UTC 2018 - wr@rosenauer.org
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	305
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	306	- update to Firefox 59.0.1 (bsc#1085671)
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	307	MFSA 2018-08
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	308	* CVE-2018-5146 (bmo#1446062)
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	309	Vorbis audio processing out of bounds write
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	310	* CVE-2018-5147 (bmo#1446365)
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	311	Out of bounds memory write in libtremor
1040 246b98b59979 added i586 patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1039 diff changeset	312	(mozilla-bmo1446062.patch)
1039 b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	313
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	314	-------------------------------------------------------------------
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	315	Wed Mar 14 19:27:07 UTC 2018 - cgrobertson@suse.com
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	316
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	317	- Added patch:
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	318	* mozilla-bmo1005535.patch:
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	319	Enable skia_gpu on big endian platforms.
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	320
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	321	-------------------------------------------------------------------
1037 d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	322	Sun Mar 11 22:12:12 UTC 2018 - wr@rosenauer.org
1036 4babd1755310 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 1035 diff changeset	323
4babd1755310 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 1035 diff changeset	324	- update to Firefox 59.0
1037 d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	325	* Performance enhancements
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	326	* Drag-and-drop to rearrange Top Sites on the Firefox Home page
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	327	* added features for Firefox Screenshots
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	328	* Enhanced WebExtensions API
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	329	* Improved RTC capabilities
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	330	MFSA 2018-06 (bsc#1085130)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	331	* CVE-2018-5127 (bmo#1430557)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	332	Buffer overflow manipulating SVG animatedPathSegList
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	333	* CVE-2018-5128 (bmo#1431336)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	334	Use-after-free manipulating editor selection ranges
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	335	* CVE-2018-5129 (bmo#1428947)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	336	Out-of-bounds write with malformed IPC messages
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	337	* CVE-2018-5130 (bmo#1433005)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	338	Mismatched RTP payload type can trigger memory corruption
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	339	* CVE-2018-5131 (bmo#1440775)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	340	Fetch API improperly returns cached copies of no-store/no-cache resources
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	341	* CVE-2018-5132 (bmo#1408194)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	342	WebExtension Find API can search privileged pages
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	343	* CVE-2018-5133 (bmo#1430511, bmo#1430974)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	344	Value of the app.support.baseURL preference is not properly sanitized
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	345	* CVE-2018-5134 (bmo#1429379)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	346	WebExtensions may use view-source: URLs to bypass content restrictions
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	347	* CVE-2018-5135 (bmo#1431371)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	348	WebExtension browserAction can inject scripts into unintended contexts
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	349	* CVE-2018-5136 (bmo#1419166)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	350	Same-origin policy violation with data: URL shared workers
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	351	* CVE-2018-5137 (bmo#1432870)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	352	Script content can access legacy extension non-contentaccessible resources
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	353	* CVE-2018-5138 (bmo#1432624) (Android only)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	354	Android Custom Tab address spoofing through long domain names
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	355	* CVE-2018-5140 (bmo#1424261)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	356	Moz-icon images accessible to web content through moz-icon: protocol
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	357	* CVE-2018-5141 (bmo#1429093)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	358	DOS attack through notifications Push API
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	359	* CVE-2018-5142 (bmo#1366357)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	360	Media Capture and Streams API permissions display incorrect origin
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	361	with data: and blob: URLs
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	362	* CVE-2018-5143 (bmo#1422643)
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	363	Self-XSS pasting javascript: URL with embedded tab into addressbar
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	364	* CVE-2018-5126
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	365	Memory safety bugs fixed in Firefox 59
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	366	* CVE-2018-5125
d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	367	Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
1031 4b419fce88dc merge from firefox58 and prepare for 59.0b8 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1030 diff changeset	368	- requires NSPR 4.18 and NSS 3.35
4b419fce88dc merge from firefox58 and prepare for 59.0b8 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1030 diff changeset	369	- requires rust >= 1.22.1
1032 8220ea23b47d remove obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1031 diff changeset	370	- removed obsolete patches:
8220ea23b47d remove obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1031 diff changeset	371	mozilla-alsa-sandbox.patch
8220ea23b47d remove obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1031 diff changeset	372	mozilla-enable-csd.patch
8220ea23b47d remove obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1031 diff changeset	373	firefox-no-default-ualocale.patch
8220ea23b47d remove obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1031 diff changeset	374	- removed l10n_changesets.txt since same information is now in
8220ea23b47d remove obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1031 diff changeset	375	Firefox source tree (updated create-tar.sh now requires jq)
1031 4b419fce88dc merge from firefox58 and prepare for 59.0b8 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1030 diff changeset	376
4b419fce88dc merge from firefox58 and prepare for 59.0b8 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1030 diff changeset	377	-------------------------------------------------------------------
1039 b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	378	Fri Feb 9 13:37:46 UTC 2018 - astieger@suse.com
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	379
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	380	- Mozilla Firefox 58.0.2:
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	381	* Blocklisted graphics drivers related to off main thread painting
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	382	crashes
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	383	* Fix tab crash during printing
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	384	* Fix clicking links and scrolling emails on Microsoft Hotmail
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	385	and Outlook (OWA) webmail
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	386
b8f1c62354df 59.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1037 diff changeset	387	-------------------------------------------------------------------
1030 cd02d400c081 correct requires and provides handling (boo#1076907) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1029 diff changeset	388	Fri Feb 9 12:06:31 UTC 2018 - wr@rosenauer.org
cd02d400c081 correct requires and provides handling (boo#1076907) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1029 diff changeset	389
cd02d400c081 correct requires and provides handling (boo#1076907) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1029 diff changeset	390	- correct requires and provides handling (boo#1076907)
cd02d400c081 correct requires and provides handling (boo#1076907) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1029 diff changeset	391
cd02d400c081 correct requires and provides handling (boo#1076907) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1029 diff changeset	392	-------------------------------------------------------------------
1029 725d6acf23b5 fix alsa Wolfgang Rosenauer <wr@rosenauer.org> parents: 1028 diff changeset	393	Tue Feb 6 07:03:42 UTC 2018 - fstrba@suse.com
725d6acf23b5 fix alsa Wolfgang Rosenauer <wr@rosenauer.org> parents: 1028 diff changeset	394
725d6acf23b5 fix alsa Wolfgang Rosenauer <wr@rosenauer.org> parents: 1028 diff changeset	395	- Added patch:
725d6acf23b5 fix alsa Wolfgang Rosenauer <wr@rosenauer.org> parents: 1028 diff changeset	396	* mozilla-alsa-sandbox.patch: Fix bmo#1430274, ALSA sound (still
725d6acf23b5 fix alsa Wolfgang Rosenauer <wr@rosenauer.org> parents: 1028 diff changeset	397	or again?) not working in Firefox 58 due to sandboxing.
725d6acf23b5 fix alsa Wolfgang Rosenauer <wr@rosenauer.org> parents: 1028 diff changeset	398
725d6acf23b5 fix alsa Wolfgang Rosenauer <wr@rosenauer.org> parents: 1028 diff changeset	399	-------------------------------------------------------------------
1028 4ce2b699562f fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1027 diff changeset	400	Mon Jan 29 22:32:21 UTC 2018 - wr@rosenauer.org
4ce2b699562f fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1027 diff changeset	401
4ce2b699562f fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1027 diff changeset	402	- update to Firefox 58.0.1
4ce2b699562f fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1027 diff changeset	403	MFSA 2018-05
1037 d61b64679bb4 59.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1036 diff changeset	404	* Arbitrary code execution through unsanitized browser UI (bmo#1432966)
1029 725d6acf23b5 fix alsa Wolfgang Rosenauer <wr@rosenauer.org> parents: 1028 diff changeset	405	- use correct language packs
1027 7071f6ebfda6 CSD functionality Wolfgang Rosenauer <wr@rosenauer.org> parents: 1026 diff changeset	406	- readd mozilla-enable-csd.patch as it only lands for FF59 upstream
7071f6ebfda6 CSD functionality Wolfgang Rosenauer <wr@rosenauer.org> parents: 1026 diff changeset	407	- allow larger number of nested elements (mozilla-bmo256180.patch)
7071f6ebfda6 CSD functionality Wolfgang Rosenauer <wr@rosenauer.org> parents: 1026 diff changeset	408
7071f6ebfda6 CSD functionality Wolfgang Rosenauer <wr@rosenauer.org> parents: 1026 diff changeset	409	-------------------------------------------------------------------
1026 963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	410	Tue Jan 23 20:40:57 UTC 2018 - wr@rosenauer.org
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	411
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	412	- update to Firefox 58.0 (bsc#1077291)
1023 fce335a42db7 new features (incl. new locale) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1020 diff changeset	413	* Added Nepali (ne-NP) locale
fce335a42db7 new features (incl. new locale) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1020 diff changeset	414	* Added support for form autofill for credit card
fce335a42db7 new features (incl. new locale) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1020 diff changeset	415	* Optimize page load by caching JavaScript internal representation
1026 963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	416	MFSA 2018-02
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	417	* CVE-2018-5091 (bmo#1423086)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	418	Use-after-free with DTMF timers
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	419	* CVE-2018-5092 (bmo#1418074)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	420	Use-after-free in Web Workers
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	421	* CVE-2018-5093 (bmo#1415291)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	422	Buffer overflow in WebAssembly during Memory/Table resizing
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	423	* CVE-2018-5094 (bmo#1415883)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	424	Buffer overflow in WebAssembly with garbage collection on
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	425	uninitialized memory
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	426	* CVE-2018-5095 (bmo#1418447)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	427	Integer overflow in Skia library during edge builder allocation
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	428	* CVE-2018-5097 (bmo#1387427)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	429	Use-after-free when source document is manipulated during XSLT
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	430	* CVE-2018-5098 (bmo#1399400)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	431	Use-after-free while manipulating form input elements
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	432	* CVE-2018-5099 (bmo#1416878)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	433	Use-after-free with widget listener
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	434	* CVE-2018-5100 (bmo#1417405)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	435	Use-after-free when IsPotentiallyScrollable arguments are freed
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	436	from memory
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	437	* CVE-2018-5101 (bmo#1417661)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	438	Use-after-free with floating first-letter style elements
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	439	* CVE-2018-5102 (bmo#1419363)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	440	Use-after-free in HTML media elements
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	441	* CVE-2018-5103 (bmo#1423159)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	442	Use-after-free during mouse event handling
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	443	* CVE-2018-5104 (bmo#1425000)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	444	Use-after-free during font face manipulation
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	445	* CVE-2018-5105 (bmo#1390882)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	446	WebExtensions can save and execute files on local file system
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	447	without user prompts
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	448	* CVE-2018-5106 (bmo#1408708)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	449	Developer Tools can expose style editor information cross-origin
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	450	through service worker
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	451	* CVE-2018-5107 (bmo#1379276)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	452	Printing process will follow symlinks for local file access
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	453	* CVE-2018-5108 (bmo#1421099)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	454	Manually entered blob URL can be accessed by subsequent private browsing tabs
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	455	* CVE-2018-5109 (bmo#1405599)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	456	Audio capture prompts and starts with incorrect origin attribution
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	457	* CVE-2018-5110 (bmo#1423275) (affects only OS X)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	458	Cursor can be made invisible on OS X
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	459	* CVE-2018-5111 (bmo#1321619)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	460	URL spoofing in addressbar through drag and drop
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	461	* CVE-2018-5112 (bmo#1425224)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	462	Extension development tools panel can open a non-relative URL in the panel
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	463	* CVE-2018-5113 (bmo#1425267)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	464	WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	465	* CVE-2018-5114 (bmo#1421324)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	466	The old value of a cookie changed to HttpOnly remains accessible to scripts
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	467	* CVE-2018-5115 (bmo#1409449)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	468	Background network requests can open HTTP authentication in unrelated foreground tabs
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	469	* CVE-2018-5116 (bmo#1396399)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	470	WebExtension ActiveTab permission allows cross-origin frame content access
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	471	* CVE-2018-5117 (bmo#1395508)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	472	URL spoofing with right-to-left text aligned left-to-right
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	473	* CVE-2018-5118 (bmo#1420049)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	474	Activity Stream images can attempt to load local content through file:
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	475	* CVE-2018-5119 (bmo#1420507)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	476	Reader view will load cross-origin content in violation of CORS headers
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	477	* CVE-2018-5121 (bmo#1402368) (affects only OS X)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	478	OS X Tibetan characters render incompletely in the addressbar
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	479	* CVE-2018-5122 (bmo#1413841)
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	480	Potential integer overflow in DoCrypt
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	481	* CVE-2018-5090
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	482	Memory safety bugs fixed in Firefox 58
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	483	* CVE-2018-5089
963c89cda54b update to 58.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 1023 diff changeset	484	Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
1019 b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	485	- requires NSS 3.34.1
b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	486	- requires rust 1.21
b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	487	- removed obsolete patches:
b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	488	mozilla-bindgen-systemlibs.patch
b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	489	mozilla-bmo1360278.patch
b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	490	mozilla-bmo1399611-csd.patch
b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	491	mozilla-rust-1.23.patch
1020 d2c159cb9bf2 rebased patches; updated spec file Wolfgang Rosenauer <wr@rosenauer.org> parents: 1019 diff changeset	492	- rebased patches
1023 fce335a42db7 new features (incl. new locale) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1020 diff changeset	493	- updated man-page
1019 b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	494
b0c883afdffa initial preparation for 58 cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 1017 diff changeset	495	-------------------------------------------------------------------
1017 8ccb9c3cbe47 build with latest rust Wolfgang Rosenauer <wr@rosenauer.org> parents: 1016 diff changeset	496	Tue Jan 9 18:48:02 UTC 2018 - wr@rosenauer.org
8ccb9c3cbe47 build with latest rust Wolfgang Rosenauer <wr@rosenauer.org> parents: 1016 diff changeset	497
8ccb9c3cbe47 build with latest rust Wolfgang Rosenauer <wr@rosenauer.org> parents: 1016 diff changeset	498	- fixed build with latest rust (mozilla-rust-1.23.patch)
8ccb9c3cbe47 build with latest rust Wolfgang Rosenauer <wr@rosenauer.org> parents: 1016 diff changeset	499
8ccb9c3cbe47 build with latest rust Wolfgang Rosenauer <wr@rosenauer.org> parents: 1016 diff changeset	500	-------------------------------------------------------------------
1016 c78880e58206 57.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1015 diff changeset	501	Thu Jan 4 12:23:41 UTC 2018 - wr@rosenauer.org
c78880e58206 57.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1015 diff changeset	502
c78880e58206 57.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1015 diff changeset	503	- update to Firefox 57.0.4
c78880e58206 57.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1015 diff changeset	504	MFSA 2018-1: Speculative execution side-channel attack ("Spectre")
c78880e58206 57.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1015 diff changeset	505	(boo#1074723)
c78880e58206 57.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1015 diff changeset	506
c78880e58206 57.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1015 diff changeset	507	-------------------------------------------------------------------
1015 ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	508	Wed Jan 3 08:29:38 UTC 2018 - wr@rosenauer.org
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	509
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	510	- fixed regression introduced Oct 10th which made Firefox crash
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	511	when cancelling the KDE file dialog (boo#1069962)
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	512
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	513	-------------------------------------------------------------------
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	514	Fri Dec 29 19:52:34 UTC 2017 - astieger@suse.com
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	515
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	516	- Mozilla Firefox 57.0.3:
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	517	* Fix a crash reporting issue that inadvertently sends background
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	518	tab crash reports to Mozilla without user opt-in (bmo#1427111,
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	519	bsc#1074235)
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	520	- Includes changes from 57.0.2:
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	521	* fixes for platforms other than GNU/Linux
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	522
ff0b674a2504 57.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1012 diff changeset	523	-------------------------------------------------------------------
1012 0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	524	Fri Dec 8 15:52:17 UTC 2017 - dimstar@opensuse.org
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	525
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	526	- Explicitly buildrequires python2-xml: The build system relies on
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	527	it. We wrongly relied on other packages pulling it in for us.
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	528
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	529	-------------------------------------------------------------------
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	530	Thu Dec 7 11:12:31 UTC 2017 - dimstar@opensuse.org
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	531
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	532	- Escape the usage of %{VERSION} when calling out to rpm.
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	533	RPM 4.14 has %{VERSION} defined as 'the main packages version'.
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	534
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	535	-------------------------------------------------------------------
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	536	Wed Nov 29 23:45:03 UTC 2017 - wr@rosenauer.org
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	537
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	538	- update to Firefox 57.0.1
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	539	* CVE-2017-7843: Web worker in Private Browsing mode can write
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	540	IndexedDB data (bsc#1072034, bmo#1410106)
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	541	* CVE-2017-7844: Visited history information leak through SVG
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	542	image (bsc#1072036, bmo#1420001)
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	543	* Fix a video color distortion issue on YouTube and other video
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	544	sites with some AMD devices (bmo#1417442)
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	545	* Fix an issue with prefs.js when the profile path has non-ascii
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	546	characters (bmo#1420427)
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	547
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	548	-------------------------------------------------------------------
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	549	Tue Nov 21 09:00:48 UTC 2017 - christophe@krop.fr
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	550
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	551	- Add mozilla-bmo1360278.patch
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	552	Starting with Firefox 57, the context menu appears on key press.
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	553	This patch creates a config entry to restore the
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	554	old behaviour. Without the patch, the mouse gesture extensions
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	555	require 2 clicks to work (bmo#1360278).
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	556	The new config entry is named ui.context_menus.after_mouseup
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	557	(default : false).
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	558
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	559	-------------------------------------------------------------------
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	560	Sat Nov 18 08:35:21 UTC 2017 - wr@rosenauer.org
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	561
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	562	- Allow experimental CSD for Gtk3 (bmo#1399611) if available and enabled
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	563	widget.allow-client-side-decoration=true
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	564	(mozilla-bmo1399611-csd.patch)
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	565
0c59a30173da several changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 1011 diff changeset	566	-------------------------------------------------------------------
1011 85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	567	Wed Nov 15 06:46:06 UTC 2017 - wr@rosenauer.org
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	568
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	569	- update to Firefox 57.0 (boo#1068101)
1008 77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	570	* Firefox Quantum
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	571	* Photon UI
1011 85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	572	* Unified address and search bar
1008 77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	573	* AMD VP9 hardware video decoder support
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	574	* Added support for Date/Time input
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	575	* stricter security sandbox blocking filesystem reading and
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	576	writing on Linux systems
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	577	* middle mouse paste in the content area no longer navigates to
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	578	URLs by default on Unix systems
1011 85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	579	MFSA 2017-24
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	580	* CVE-2017-7828 (bmo#1406750. bmo#1412252)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	581	Use-after-free of PressShell while restyling layout
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	582	* CVE-2017-7830 (bmo#1408990)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	583	Cross-origin URL information leak through Resource Timing API
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	584	* CVE-2017-7831 (bmo#1392026)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	585	Information disclosure of exposed properties on JavaScript proxy
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	586	objects
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	587	* CVE-2017-7832 (bmo#1408782)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	588	Domain spoofing through use of dotless 'i' character followed
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	589	by accent markers
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	590	* CVE-2017-7833 (bmo#1370497)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	591	Domain spoofing with Arabic and Indic vowel marker characters
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	592	* CVE-2017-7834 (bmo#1358009)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	593	data: URLs opened in new tabs bypass CSP protections
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	594	* CVE-2017-7835 (bmo#1402363)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	595	Mixed content blocking incorrectly applies with redirects
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	596	* CVE-2017-7836 (bmo#1401339)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	597	Pingsender dynamically loads libcurl on Linux and OS X
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	598	* CVE-2017-7837 (bmo#1325923)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	599	SVG loaded as <img> can use meta tags to set cookies
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	600	* CVE-2017-7838 (bmo#1399540)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	601	Failure of individual decoding of labels in international domain
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	602	names triggers punycode display of entire IDN
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	603	* CVE-2017-7839 (bmo#1402896)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	604	Control characters before javascript: URLs defeats self-XSS
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	605	prevention mechanism
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	606	* CVE-2017-7840 (bmo#1366420)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	607	Exported bookmarks do not strip script elements from user-supplied
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	608	tags
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	609	* CVE-2017-7842 (bmo#1397064)
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	610	Referrer Policy is not always respected for <link> elements
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	611	* CVE-2017-7827
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	612	Memory safety bugs fixed in Firefox 57
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	613	* CVE-2017-7826
85bd01789b6f Firefo 57.0 final release (incl. changelogs) Wolfgang Rosenauer <wr@rosenauer.org> parents: 1008 diff changeset	614	Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
1004 f98f2fd265af update version requirements Wolfgang Rosenauer <wr@rosenauer.org> parents: 1001 diff changeset	615	- requires NSPR 4.17, NSS 3.33 and rustc 1.19
1005 6d716caa6abe 57.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1004 diff changeset	616	- rebased patches
1008 77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	617	- added mozilla-bindgen-systemlibs.patch to allow stylo build
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	618	with system libs (bmo#1341234)
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	619	- removed mozilla-language.patch since the whole locale code
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	620	changed in Firefox and is relying on ICU now
77c890186192 removed obsolete patches Wolfgang Rosenauer <wr@rosenauer.org> parents: 1005 diff changeset	621	- removed obsolete mozilla-ucontext.patch
1004 f98f2fd265af update version requirements Wolfgang Rosenauer <wr@rosenauer.org> parents: 1001 diff changeset	622
f98f2fd265af update version requirements Wolfgang Rosenauer <wr@rosenauer.org> parents: 1001 diff changeset	623	-------------------------------------------------------------------
1001 7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	624	Sat Oct 28 06:30:37 UTC 2017 - wr@rosenauer.org
7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	625
7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	626	- update to Firefox 56.0.2
7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	627	* Disable Form Autofill completely on user request (bmo#1404531)
7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	628	* Fix for video-related crashes on Windows 7 (bmo#1409141)
7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	629	* Correct detection for 64-bit GSSAPI authentication (bmo#1409275)
7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	630	* Fix for shutdown crash (bmo#1404105)
7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	631
7339b115a221 Firefox 56.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 1000 diff changeset	632	-------------------------------------------------------------------
1000 bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	633	Tue Oct 10 11:47:49 UTC 2017 - wr@rosenauer.org
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	634
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	635	- update to Firefox 56.0.1
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	636	* Block D3D11 when using Intel drivers on Windows 7 systems with
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	637	partial AVX support (bmo#1403353)
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	638	-> just to sync the version number
998 6c6109948e35 enable stylo (Quantum CSS) for TW Wolfgang Rosenauer <wr@rosenauer.org> parents: 997 diff changeset	639	- enable stylo for TW (requires LLVM >= 3.9)
1000 bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	640	- queue KDE filepicker requests to avoid non-opening file dialogs
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	641	happening in certain situations (contributed by Ignaz Forster)
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	642	- the placeholder dot in KDE file dialog in case of empty filenames
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	643	was removed, apparently not required (anymore)
bfa8722a06ad update to 56.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 998 diff changeset	644	(contributed by Ignaz Forster)
998 6c6109948e35 enable stylo (Quantum CSS) for TW Wolfgang Rosenauer <wr@rosenauer.org> parents: 997 diff changeset	645
6c6109948e35 enable stylo (Quantum CSS) for TW Wolfgang Rosenauer <wr@rosenauer.org> parents: 997 diff changeset	646	-------------------------------------------------------------------
997 ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Brüns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	647	Sun Oct 1 18:25:16 UTC 2017 - stefan.bruens@rwth-aachen.de
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Brüns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	648
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Brüns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	649	- Correct plugin directory for aarch64 (boo#1061207). The wrapper
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Brüns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	650	script was not detecting aarch64 as a 64 bit architecture, thus
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Brüns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	651	used /usr/lib/browser-plugins/.
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Brüns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	652
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Brüns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	653	-------------------------------------------------------------------
996 84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	654	Sat Sep 30 20:10:50 UTC 2017 - zaitor@opensuse.org
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	655
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	656	- Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0),
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	657	pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0),
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	658	pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	659	pkgconfig(gdk-x11-2.0) BuildRequires, align with what configure
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	660	looks for.
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	661
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	662	-------------------------------------------------------------------
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	663	Thu Sep 28 08:28:29 UTC 2017 - wr@rosenauer.org
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	664
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	665	- update to Firefox 56.0 (boo#1060445)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	666	* Firefox Screenshots
994 9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	667	* Find Options/Preferences more quickly with new search function
9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	668	* Media is no longer auto-played when opened in a background tab
9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	669	* Enable CSS Grid Layout View
996 84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	670	MFSA 2017-21
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	671	* CVE-2017-7793 (bmo#1371889)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	672	Use-after-free with Fetch API
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	673	* CVE-2017-7817 (bmo#1356596) (Android-only)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	674	Firefox for Android address bar spoofing through fullscreen mode
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	675	* CVE-2017-7818 (bmo#1363723)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	676	Use-after-free during ARIA array manipulation
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	677	* CVE-2017-7819 (bmo#1380292)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	678	Use-after-free while resizing images in design mode
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	679	* CVE-2017-7824 (bmo#1398381)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	680	Buffer overflow when drawing and validating elements with ANGLE
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	681	* CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	682	Use-after-free in TLS 1.2 generating handshake hashes
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	683	* CVE-2017-7812 (bmo#1379842)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	684	Drag and drop of malicious page content to the tab bar can open locally stored files
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	685	* CVE-2017-7814 (bmo#1376036)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	686	Blob and data URLs bypass phishing and malware protection warnings
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	687	* CVE-2017-7813 (bmo#1383951)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	688	Integer truncation in the JavaScript parser
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	689	* CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	690	OS X fonts render some Tibetan and Arabic unicode characters as spaces
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	691	* CVE-2017-7815 (bmo#1368981)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	692	Spoofing attack with modal dialogs on non-e10s installations
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	693	* CVE-2017-7816 (bmo#1380597)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	694	WebExtensions can load about: URLs in extension UI
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	695	* CVE-2017-7821 (bmo#1346515)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	696	WebExtensions can download and open non-executable files without user interaction
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	697	* CVE-2017-7823 (bmo#1396320)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	698	CSP sandbox directive did not create a unique origin
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	699	* CVE-2017-7822 (bmo#1368859)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	700	WebCrypto allows AES-GCM with 0-length IV
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	701	* CVE-2017-7820 (bmo#1378207)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	702	Xray wrapper bypass with new tab and web console
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	703	* CVE-2017-7811
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	704	Memory safety bugs fixed in Firefox 56
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	705	* CVE-2017-7810
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	706	Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
994 9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	707	- requires NSPR 4.16 and NSS 3.32.1
996 84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	708	- rebased patches
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	709
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	710	-------------------------------------------------------------------
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	711	Thu Sep 28 07:53:13 UTC 2017 - dimstar@opensuse.org
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	712
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	713	- Add alsa-devel BuildRequires: we care for ALSA support to be
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	714	built and thus need to ensure we get the dependencies in place.
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	715	In the past, alsa-devel was pulled in by accident: we
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	716	buildrequire libgnome-devel. This required esound-devel and that
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	717	in turn pulled in alsa-devel for us. libgnome is being fixed to
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	718	no longer require esound-devel.
994 9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	719
9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	720	-------------------------------------------------------------------
992 b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	721	Mon Sep 4 18:27:44 UTC 2017 - wr@rosenauer.org
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	722
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	723	- update to Firefox 55.0.3
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	724	* Fix an issue with addons when using a path containing non-ascii
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	725	characters (bmo#1389160)
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	726	* Fix file uploads to some websites, including YouTube (bmo#1383518)
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	727	- fix Google API key build integration
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	728	- add mozilla-ucontext.patch to fix Tumbleweed build
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	729	- do not enable XINPUT2 for now (boo#1053959)
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	730
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	731	-------------------------------------------------------------------
991 fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	732	Fri Aug 11 08:32:30 UTC 2017 - wr@rosenauer.org
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	733
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	734	- update to Firefox 55.0.1
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	735	* Fix a regression the tab restoration process (bmo#1388160)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	736	* Fix a problem causing What's new pages not to be displayed (bmo#1386224)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	737	* Fix a rendering issue with some PKCS#11 libraries (bmo#1388370)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	738	* Disable the predictor prefetch (bmo#1388160)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	739
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	740	-------------------------------------------------------------------
985 038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	741	Sat Aug 5 13:22:16 UTC 2017 - wr@rosenauer.org
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	742
991 fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	743	- update to Firefox 55.0 (boo#1052829)
985 038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	744	* Browsing sessions with a high number of tabs are now restored
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	745	in an instant
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	746	* Sidebar (bookmarks, history, synced tabs) can now be moved to
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	747	the right edge of the window
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	748	* Fine-tune your browser performance from the Preferences/Options page.
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	749	* Make screenshots of webpages, and save them locally or upload
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	750	them to the cloud. This feature will undergo A/B testing and
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	751	will not be visible for some users.
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	752	* Added Belarusian (be) locale
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	753	* Simplify print jobs from within print preview
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	754	* Use virtual reality devices with the web with the introduction
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	755	of WebVR
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	756	* Search suggestions are now enabled by default for users who
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	757	haven't explicitly opted-out
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	758	* Search with any installed search engine directly from the
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	759	location bar
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	760	* IMPORTANT: Breaking profile changes - do not downgrade Firefox
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	761	and use a profile that has been opened with Firefox 55+.
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	762	* The Adobe Flash plugin is now click-to-activate by default and
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	763	only allowed on http:// and https:// URL schemes. This change
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	764	will be rolled out progressively and so will not be visible to
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	765	all users immediately. For more information see the Firefox
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	766	plugin roadmap
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	767	* Modernized application update UI to be less intrusive and more
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	768	aligned with the rest of the browser. Only users who have not
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	769	restarted their browser 8 days after downloading an update or
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	770	users who opted out of automatic updates will see this change.
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	771	* Insecure sites can no longer access the Geolocation APIs to get
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	772	access to your physical location
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	773	* requires NSPR 4.15 and NSS 3.31
991 fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	774	MFSA 2017-18
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	775	* CVE-2017-7798 (bmo#1371586, bmo#1372112)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	776	XUL injection in the style editor in devtools
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	777	* CVE-2017-7800 (bmo#1374047)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	778	Use-after-free in WebSockets during disconnection
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	779	* CVE-2017-7801 (bmo#1371259)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	780	Use-after-free with marquee during window resizing
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	781	* CVE-2017-7809 (bmo#1380284)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	782	Use-after-free while deleting attached editor DOM node
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	783	* CVE-2017-7784 (bmo#1376087)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	784	Use-after-free with image observers
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	785	* CVE-2017-7802 (bmo#1378147)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	786	Use-after-free resizing image elements
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	787	* CVE-2017-7785 (bmo#1356985)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	788	Buffer overflow manipulating ARIA attributes in DOM
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	789	* CVE-2017-7786 (bmo#1365189)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	790	Buffer overflow while painting non-displayable SVG
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	791	* CVE-2017-7806 (bmo#1378113)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	792	Use-after-free in layer manager with SVG
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	793	* CVE-2017-7753 (bmo#1353312)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	794	Out-of-bounds read with cached style data and pseudo-elements#
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	795	* CVE-2017-7787 (bmo#1322896)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	796	Same-origin policy bypass with iframes through page reloads
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	797	* CVE-2017-7807 (bmo#1376459)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	798	Domain hijacking through AppCache fallback
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	799	* CVE-2017-7792 (bmo#1368652)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	800	Buffer overflow viewing certificates with an extremely long OID
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	801	* CVE-2017-7804 (bmo#1372849)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	802	Memory protection bypass through WindowsDllDetourPatcher
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	803	* CVE-2017-7791 (bmo#1365875)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	804	Spoofing following page navigation with data: protocol and modal alerts
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	805	* CVE-2017-7808 (bmo#1367531)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	806	CSP information leak with frame-ancestors containing paths
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	807	* CVE-2017-7782 (bmo#1344034)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	808	WindowsDllDetourPatcher allocates memory without DEP protections
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	809	* CVE-2017-7781 (bmo#1352039)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	810	Elliptic curve point addition error when using mixed Jacobian-affine coordinates
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	811	* CVE-2017-7794 (bmo#1374281)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	812	Linux file truncation via sandbox broker
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	813	* CVE-2017-7803 (bmo#1377426)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	814	CSP containing 'sandbox' improperly applied
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	815	* CVE-2017-7799 (bmo#1372509)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	816	Self-XSS XUL injection in about:webrtc
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	817	* CVE-2017-7783 (bmo#1360842)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	818	DOS attack through long username in URL
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	819	* CVE-2017-7788 (bmo#1073952)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	820	Sandboxed about:srcdoc iframes do not inherit CSP directives
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	821	* CVE-2017-7789 (bmo#1074642)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	822	Failure to enable HSTS when two STS headers are sent for a connection
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	823	* CVE-2017-7790 (bmo#1350460) (Windows-only)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	824	Windows crash reporter reads extra memory for some non-null-terminated registry values
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	825	* CVE-2017-7796 (bmo#1234401) (Windows-only)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	826	Windows updater can delete any file named update.log
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	827	* CVE-2017-7797 (bmo#1334776)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	828	Response header name interning leaks across origins
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	829	* CVE-2017-7780
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	830	Memory safety bugs fixed in Firefox 55
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	831	* CVE-2017-7779
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	832	Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
985 038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	833	- updated mozilla-kde.patch:
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	834	* removed "downloadfinished" alert as Firefox reimplemented the
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	835	whole thing (TODO: check if there is another function we should
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	836	hook in)
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	837
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	838	-------------------------------------------------------------------
983 87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	839	Tue Jul 4 20:08:47 UTC 2017 - wr@rosenauer.org
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	840
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	841	- update to Firefox 54.0.1
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	842	* Fix a display issue of tab title (bmo#1357656)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	843	* Fix a display issue of opening new tab (bmo#1371995)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	844	* Fix a display issue when opening multiple tabs (bmo#1371962)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	845	* Fix a tab display issue when downloading files (bmo#1373109)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	846	* Fix a PDF printing issue (bmo#1366744)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	847	* Fix a Netflix issue on Linux (bmo#1375708)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	848
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	849	-------------------------------------------------------------------
982 53443ffb496a Firefox 54.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 981 diff changeset	850	Thu Jun 15 13:56:05 UTC 2017 - wr@rosenauer.org
53443ffb496a Firefox 54.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 981 diff changeset	851
53443ffb496a Firefox 54.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 981 diff changeset	852	- update to Firefox 54.0
981 593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	853	* Clearer and more detailed information for download items in the
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	854	download panel
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	855	* Added Burmese (my) locale
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	856	* Bookmarks created on mobile devices are now shown in
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	857	"Mobile Bookmarks” folder in the drop down list from the toolbar
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	858	and Bookmarks option in the menu bar in Desktop Firefox
982 53443ffb496a Firefox 54.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 981 diff changeset	859	* added support for multiple content processes (e10s-multi)
979 f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	860	- requires NSPR 4.14 and NSS 3.30.2
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	861	- requires rust 1.15.1
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	862	- removed mozilla-shared-nss-db.patch as it seems to be a rather
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	863	unused feature
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	864
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	865	-------------------------------------------------------------------
977 224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	866	Thu Jun 1 04:25:05 UTC 2017 - kah0922@gmail.com
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	867
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	868	- remove -fno-inline-small-functions and explicitely optimize with
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	869	-O2 for openSUSE > 13.2/Leap 42 to work with gcc7 (boo#1040105)
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	870
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	871	-------------------------------------------------------------------
967 188c3f40f0da recent changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 964 diff changeset	872	Wed Apr 26 12:37:38 UTC 2017 - wr@rosenauer.org
964 218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	873
218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	874	- switch to Mozilla's geolocation service (boo#1026989)
218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	875	- removed mozilla-preferences.patch obsoleted by overriding via
218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	876	firefox.js
967 188c3f40f0da recent changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 964 diff changeset	877	- fixed KDE integration to avoid crash caused by filepicker
188c3f40f0da recent changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 964 diff changeset	878	(boo#1015998)
964 218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	879
218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	880	-------------------------------------------------------------------
960 42e50afb9638 Firefox 53.0 (build6) Wolfgang Rosenauer <wr@rosenauer.org> parents: 959 diff changeset	881	Mon Apr 17 12:52:10 UTC 2017 - wr@rosenauer.org
42e50afb9638 Firefox 53.0 (build6) Wolfgang Rosenauer <wr@rosenauer.org> parents: 959 diff changeset	882
42e50afb9638 Firefox 53.0 (build6) Wolfgang Rosenauer <wr@rosenauer.org> parents: 959 diff changeset	883	- update to Firefox 53.0
956 5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	884	* requires NSS 3.29.5
951 f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	885	* Lightweight themes are now applied in private browsing windows
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	886	* Reader Mode now displays estimated reading time for the page
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	887	* Two new 'compact' themes available in Firefox, dark and light,
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	888	based on the Firefox Developer Edition theme
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	889	* Ended Firefox Linux support for processors older than Pentium 4
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	890	and AMD Opteron
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	891	* Refresh of the media controls user interface
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	892	* Shortened titles on tabs are faded out instead of using ellipsis
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	893	for improved readability
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	894	* Media playback on new tabs is blocked until the tab is visible
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	895	* Permission notifications have a cleaner design and cannot be
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	896	easily missed
962 fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	897	MFSA 2017-10
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	898	* CVE-2017-5456 (bmo#1344415)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	899	Sandbox escape allowing local file system access
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	900	* CVE-2017-5442 (bmo#1347979)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	901	Use-after-free during style changes
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	902	* CVE-2017-5443 (bmo#1342661)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	903	Out-of-bounds write during BinHex decoding
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	904	* CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894,
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	905	bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	906	Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	907	Firefox ESR 52.1
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	908	* CVE-2017-5464 (bmo#1347075)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	909	Memory corruption with accessibility and DOM manipulation
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	910	* CVE-2017-5465 (bmo#1347617)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	911	Out-of-bounds read in ConvolvePixel
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	912	* CVE-2017-5466 (bmo#1353975)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	913	Origin confusion when reloading isolated data:text/html URL
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	914	* CVE-2017-5467 (bmo#1347262)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	915	Memory corruption when drawing Skia content
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	916	* CVE-2017-5460 (bmo#1343642)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	917	Use-after-free in frame selection
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	918	* CVE-2017-5461 (bmo#1344380)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	919	Out-of-bounds write in Base64 encoding in NSS
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	920	* CVE-2017-5448 (bmo#1346648)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	921	Out-of-bounds write in ClearKeyDecryptor
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	922	* CVE-2017-5449 (bmo#1340127)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	923	Crash during bidirectional unicode manipulation with animation
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	924	* CVE-2017-5446 (bmo#1343505)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	925	Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	926	* CVE-2017-5447 (bmo#1343552)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	927	Out-of-bounds read during glyph processing
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	928	* CVE-2017-5444 (bmo#1344461)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	929	Buffer overflow while parsing application/http-index-format content
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	930	* CVE-2017-5445 (bmo#1344467)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	931	Uninitialized values used while parsing application/http-index-format
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	932	content
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	933	* CVE-2017-5468 (bmo#1329521)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	934	Incorrect ownership model for Private Browsing information
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	935	* CVE-2017-5469 (bmo#1292534)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	936	Potential Buffer overflow in flex-generated code
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	937	* CVE-2017-5440 (bmo#1336832)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	938	Use-after-free in txExecutionState destructor during XSLT processing
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	939	* CVE-2017-5441 (bmo#1343795)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	940	Use-after-free with selection during scroll events
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	941	* CVE-2017-5439 (bmo#1336830)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	942	Use-after-free in nsTArray Length() during XSLT processing
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	943	* CVE-2017-5438 (bmo#1336828)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	944	Use-after-free in nsAutoPtr during XSLT processing
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	945	* CVE-2017-5437 (bmo#1343453)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	946	Vulnerabilities in Libevent library
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	947	* CVE-2017-5436 (bmo#1345461)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	948	Out-of-bounds write with malicious font in Graphite 2
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	949	* CVE-2017-5435 (bmo#1350683)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	950	Use-after-free during transaction processing in the editor
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	951	* CVE-2017-5434 (bmo#1349946)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	952	Use-after-free during focus handling
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	953	* CVE-2017-5433 (bmo#1347168)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	954	Use-after-free in SMIL animation functions
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	955	* CVE-2017-5432 (bmo#1346654)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	956	Use-after-free in text input selection
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	957	* CVE-2017-5430 (bmo#1329796, bmo#1337418, bmo#1339722, bmo#1340482,
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	958	bmo#1342101, bmo#1344081, bmo#1344305, bmo#1344686,
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	959	bmo#1346140, bmo#1346419, bmo#1348143, bmo#1349621,
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	960	bmo#1349719, bmo#1353476)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	961	Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	962	* CVE-2017-5459 (bmo#1333858)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	963	Buffer overflow in WebGL
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	964	* CVE-2017-5458 (bmo#1229426)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	965	Drag and drop of javascript: URLs can allow for self-XSS
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	966	* CVE-2017-5455 (bmo#1341191)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	967	Sandbox escape through internal feed reader APIs
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	968	* CVE-2017-5454 (bmo#1349276)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	969	Sandbox escape allowing file system read access through file picker
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	970	* CVE-2017-5451 (bmo#1273537)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	971	Addressbar spoofing with onblur event
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	972	* CVE-2017-5453 (bmo#1321247)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	973	HTML injection into RSS Reader feed preview page through
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	974	TITLE element
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	975	* CVE-2017-5462 (bmo#1345089)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	976	DRBG flaw in NSS
951 f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	977	- removed browser(npapi) provides as these plugins are deprecated
953 6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	978	- switch used compiler to gcc5 (FF requires gcc >= 4.9 now) for
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	979	Leap 42
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	980	- Gtk2 is not longer an option; switched to Gtk3
956 5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	981	- apply MOZ_USE_XINPUT2=1 for better touchpad and touchscreen support
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	982	(boo#1032003)
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	983
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	984	-------------------------------------------------------------------
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	985	Mon Apr 3 06:16:26 UTC 2017 - wr@rosenauer.org
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	986
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	987	- update to Firefox 52.0.2
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	988	* Use Nirmala UI as fallback font for additional Indic languages (bmo#1342787)
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	989	* Fix loading tab icons on session restore (bmo#1338009)
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	990	* Fix a crash on startup on Linux (bmo#1345413)
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	991	* Fix new installs erroneously not prompting to change the default
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	992	browser setting (bmo#1343938)
953 6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	993
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	994	-------------------------------------------------------------------
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	995	Mon Mar 20 15:35:57 UTC 2017 - wr@rosenauer.org
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	996
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	997	- disable rust usage for everything but x86(-64)
956 5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	998	- explicitely add libffi build requirement
951 f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	999
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	1000	-------------------------------------------------------------------
946 34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	1001	Fri Mar 17 15:43:29 UTC 2017 - wr@rosenauer.org
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	1002
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	1003	- update to Firefox 52.0.1 (boo#1029822)
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	1004	MFSA 2017-08
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	1005	CVE-2017-5428: integer overflow in createImageBitmap() (bmo#1348168)
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	1006
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	1007	-------------------------------------------------------------------
945 7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1008	Thu Mar 9 12:30:14 UTC 2017 - wr@rosenauer.org
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1009
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1010	- reenable ALSA support which was removed by default upstream
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1011
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1012	-------------------------------------------------------------------
944 ce8a98f8d8d7 Firefox 52.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 943 diff changeset	1013	Sat Mar 4 16:57:45 UTC 2017 - wr@rosenauer.org
ce8a98f8d8d7 Firefox 52.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 943 diff changeset	1014
945 7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1015	- update to Firefox 52.0 (boo#1028391)
944 ce8a98f8d8d7 Firefox 52.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 943 diff changeset	1016	* requires NSS >= 3.28.3
942 66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1017	* Pages containing insecure password fields now display a warning
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1018	directly within username and password fields.
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1019	* Send and open a tab from one device to another with Sync
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1020	* Removed NPAPI support for plugins other than Flash. Silverlight,
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1021	Java, Acrobat and the like are no longer supported.
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1022	* Removed Battery Status API to reduce fingerprinting of users by
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1023	trackers
945 7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1024	* MFSA 2017-05
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1025	CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1026	(bmo#1334933)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1027	CVE-2017-5401: Memory Corruption when handling ErrorResult
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1028	(bmo#1328861)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1029	CVE-2017-5402: Use-after-free working with events in FontFace
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1030	objects (bmo#1334876)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1031	CVE-2017-5403: Use-after-free using addRange to add range to an
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1032	incorrect root object (bmo#1340186)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1033	CVE-2017-5404: Use-after-free working with ranges in selections
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1034	(bmo#1340138)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1035	CVE-2017-5406: Segmentation fault in Skia with canvas operations
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1036	(bmo#1306890)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1037	CVE-2017-5407: Pixel and history stealing via floating-point
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1038	timing side channel with SVG filters (bmo#1336622)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1039	CVE-2017-5410: Memory corruption during JavaScript garbage
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1040	collection incremental sweeping (bmo#1330687)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1041	CVE-2017-5408: Cross-origin reading of video captions in violation
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1042	of CORS (bmo#1313711)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1043	CVE-2017-5412: Buffer overflow read in SVG filters (bmo#1328323)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1044	CVE-2017-5413: Segmentation fault during bidirectional operations
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1045	(bmo#1337504)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1046	CVE-2017-5414: File picker can choose incorrect default directory
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1047	(bmo#1319370)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1048	CVE-2017-5415: Addressbar spoofing through blob URL (bmo#1321719)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1049	CVE-2017-5416: Null dereference crash in HttpChannel (bmo#1328121)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1050	CVE-2017-5417: Addressbar spoofing by draging and dropping URLs
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1051	(bmo#791597)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1052	CVE-2017-5426: Gecko Media Plugin sandbox is not started if
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1053	seccomp-bpf filter is running (bmo#1257361)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1054	CVE-2017-5427: Non-existent chrome.manifest file loaded during
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1055	startup (bmo#1295542)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1056	CVE-2017-5418: Out of bounds read when parsing HTTP digest
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1057	authorization responses (bmo#1338876)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1058	CVE-2017-5419: Repeated authentication prompts lead to DOS
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1059	attack (bmo#1312243)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1060	CVE-2017-5420: Javascript: URLs can obfuscate addressbar
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1061	location (bmo#1284395)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1062	CVE-2017-5405: FTP response codes can cause use of
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1063	uninitialized values for ports (bmo#1336699)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1064	CVE-2017-5421: Print preview spoofing (bmo#1301876)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1065	CVE-2017-5422: DOS attack by using view-source: protocol
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1066	repeatedly in one hyperlink (bmo#1295002)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1067	CVE-2017-5399: Memory safety bugs fixed in Firefox 52
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1068	CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	1069	Firefox ESR 45.8
942 66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1070	- removed obsolete patches
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1071	* mozilla-binutils-visibility.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1072	* mozilla-check_return.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1073	* mozilla-disable-skia-be.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1074	* mozilla-skia-overflow.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1075	* mozilla-skia-ppc-endianess.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1076	- rebased patches
943 ace605efe50f latest beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 942 diff changeset	1077	- enable rust usage for Tumbleweed
942 66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1078
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	1079	-------------------------------------------------------------------
940 f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	1080	Fri Jan 27 20:25:59 UTC 2017 - astieger@suse.com
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	1081
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	1082	- Mozilla Firefox 51.0.1:
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	1083	- Multiprocess incompatibility did not correctly register with
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	1084	some add-ons (bmo#1333423)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	1085
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	1086	-------------------------------------------------------------------
935 9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	1087	Fri Jan 20 13:57:56 UTC 2017 - wr@rosenauer.org
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	1088
940 f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	1089	- update to Firefox 51.0
935 9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	1090	* requires NSPR >= 4.13.1, NSS >= 3.28.1
936 096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents:

author	Wolfgang Rosenauer <wr@rosenauer.org>
	Sat, 25 Aug 2018 14:54:29 +0200
changeset 1069	0410f6db95d5
parent 1067	735b140fb042
child 1070	18f97bd2c2bf
permissions	-rw-r--r--