mozilla: MozillaFirefox/MozillaFirefox.changes@ca8a6ac7fbf6 (annotated)

893 86f72f1e98a4 prepare Gtk3 based builds on a feature branch Wolfgang Rosenauer <wr@rosenauer.org> parents: 892 diff changeset	1	-------------------------------------------------------------------
997 ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Br?ns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	2	Sun Oct 1 18:25:16 UTC 2017 - stefan.bruens@rwth-aachen.de
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Br?ns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	3
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Br?ns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	4	- Correct plugin directory for aarch64 (boo#1061207). The wrapper
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Br?ns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	5	script was not detecting aarch64 as a 64 bit architecture, thus
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Br?ns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	6	used /usr/lib/browser-plugins/.
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Br?ns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	7
ca8a6ac7fbf6 - Correct plugin directory for aarch64 (boo#1061207). The wrapper Stefan Br?ns <stefan.bruens@rwth-aachen.de> parents: 996 diff changeset	8	-------------------------------------------------------------------
996 84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	9	Sat Sep 30 20:10:50 UTC 2017 - zaitor@opensuse.org
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	10
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	11	- Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0),
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	12	pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0),
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	13	pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	14	pkgconfig(gdk-x11-2.0) BuildRequires, align with what configure
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	15	looks for.
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	16
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	17	-------------------------------------------------------------------
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	18	Thu Sep 28 08:28:29 UTC 2017 - wr@rosenauer.org
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	19
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	20	- update to Firefox 56.0 (boo#1060445)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	21	* Firefox Screenshots
994 9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	22	* Find Options/Preferences more quickly with new search function
9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	23	* Media is no longer auto-played when opened in a background tab
9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	24	* Enable CSS Grid Layout View
996 84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	25	MFSA 2017-21
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	26	* CVE-2017-7793 (bmo#1371889)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	27	Use-after-free with Fetch API
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	28	* CVE-2017-7817 (bmo#1356596) (Android-only)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	29	Firefox for Android address bar spoofing through fullscreen mode
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	30	* CVE-2017-7818 (bmo#1363723)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	31	Use-after-free during ARIA array manipulation
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	32	* CVE-2017-7819 (bmo#1380292)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	33	Use-after-free while resizing images in design mode
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	34	* CVE-2017-7824 (bmo#1398381)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	35	Buffer overflow when drawing and validating elements with ANGLE
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	36	* CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	37	Use-after-free in TLS 1.2 generating handshake hashes
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	38	* CVE-2017-7812 (bmo#1379842)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	39	Drag and drop of malicious page content to the tab bar can open locally stored files
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	40	* CVE-2017-7814 (bmo#1376036)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	41	Blob and data URLs bypass phishing and malware protection warnings
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	42	* CVE-2017-7813 (bmo#1383951)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	43	Integer truncation in the JavaScript parser
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	44	* CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	45	OS X fonts render some Tibetan and Arabic unicode characters as spaces
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	46	* CVE-2017-7815 (bmo#1368981)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	47	Spoofing attack with modal dialogs on non-e10s installations
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	48	* CVE-2017-7816 (bmo#1380597)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	49	WebExtensions can load about: URLs in extension UI
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	50	* CVE-2017-7821 (bmo#1346515)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	51	WebExtensions can download and open non-executable files without user interaction
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	52	* CVE-2017-7823 (bmo#1396320)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	53	CSP sandbox directive did not create a unique origin
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	54	* CVE-2017-7822 (bmo#1368859)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	55	WebCrypto allows AES-GCM with 0-length IV
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	56	* CVE-2017-7820 (bmo#1378207)
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	57	Xray wrapper bypass with new tab and web console
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	58	* CVE-2017-7811
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	59	Memory safety bugs fixed in Firefox 56
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	60	* CVE-2017-7810
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	61	Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
994 9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	62	- requires NSPR 4.16 and NSS 3.32.1
996 84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	63	- rebased patches
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	64
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	65	-------------------------------------------------------------------
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	66	Thu Sep 28 07:53:13 UTC 2017 - dimstar@opensuse.org
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	67
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	68	- Add alsa-devel BuildRequires: we care for ALSA support to be
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	69	built and thus need to ensure we get the dependencies in place.
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	70	In the past, alsa-devel was pulled in by accident: we
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	71	buildrequire libgnome-devel. This required esound-devel and that
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	72	in turn pulled in alsa-devel for us. libgnome is being fixed to
84d25951c2db - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), zaitor@opensuse.org parents: 994 diff changeset	73	no longer require esound-devel.
994 9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	74
9fc447b00040 Firefox 56.0b12 Wolfgang Rosenauer <wr@rosenauer.org> parents: 992 diff changeset	75	-------------------------------------------------------------------
992 b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	76	Mon Sep 4 18:27:44 UTC 2017 - wr@rosenauer.org
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	77
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	78	- update to Firefox 55.0.3
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	79	* Fix an issue with addons when using a path containing non-ascii
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	80	characters (bmo#1389160)
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	81	* Fix file uploads to some websites, including YouTube (bmo#1383518)
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	82	- fix Google API key build integration
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	83	- add mozilla-ucontext.patch to fix Tumbleweed build
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	84	- do not enable XINPUT2 for now (boo#1053959)
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	85
b2ba34e0dc10 Firefox 55.0.3 and some other fixes Wolfgang Rosenauer <wr@rosenauer.org> parents: 991 diff changeset	86	-------------------------------------------------------------------
991 fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	87	Fri Aug 11 08:32:30 UTC 2017 - wr@rosenauer.org
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	88
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	89	- update to Firefox 55.0.1
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	90	* Fix a regression the tab restoration process (bmo#1388160)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	91	* Fix a problem causing What's new pages not to be displayed (bmo#1386224)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	92	* Fix a rendering issue with some PKCS#11 libraries (bmo#1388370)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	93	* Disable the predictor prefetch (bmo#1388160)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	94
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	95	-------------------------------------------------------------------
985 038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	96	Sat Aug 5 13:22:16 UTC 2017 - wr@rosenauer.org
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	97
991 fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	98	- update to Firefox 55.0 (boo#1052829)
985 038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	99	* Browsing sessions with a high number of tabs are now restored
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	100	in an instant
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	101	* Sidebar (bookmarks, history, synced tabs) can now be moved to
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	102	the right edge of the window
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	103	* Fine-tune your browser performance from the Preferences/Options page.
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	104	* Make screenshots of webpages, and save them locally or upload
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	105	them to the cloud. This feature will undergo A/B testing and
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	106	will not be visible for some users.
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	107	* Added Belarusian (be) locale
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	108	* Simplify print jobs from within print preview
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	109	* Use virtual reality devices with the web with the introduction
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	110	of WebVR
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	111	* Search suggestions are now enabled by default for users who
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	112	haven't explicitly opted-out
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	113	* Search with any installed search engine directly from the
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	114	location bar
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	115	* IMPORTANT: Breaking profile changes - do not downgrade Firefox
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	116	and use a profile that has been opened with Firefox 55+.
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	117	* The Adobe Flash plugin is now click-to-activate by default and
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	118	only allowed on http:// and https:// URL schemes. This change
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	119	will be rolled out progressively and so will not be visible to
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	120	all users immediately. For more information see the Firefox
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	121	plugin roadmap
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	122	* Modernized application update UI to be less intrusive and more
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	123	aligned with the rest of the browser. Only users who have not
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	124	restarted their browser 8 days after downloading an update or
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	125	users who opted out of automatic updates will see this change.
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	126	* Insecure sites can no longer access the Geolocation APIs to get
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	127	access to your physical location
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	128	* requires NSPR 4.15 and NSS 3.31
991 fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	129	MFSA 2017-18
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	130	* CVE-2017-7798 (bmo#1371586, bmo#1372112)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	131	XUL injection in the style editor in devtools
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	132	* CVE-2017-7800 (bmo#1374047)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	133	Use-after-free in WebSockets during disconnection
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	134	* CVE-2017-7801 (bmo#1371259)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	135	Use-after-free with marquee during window resizing
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	136	* CVE-2017-7809 (bmo#1380284)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	137	Use-after-free while deleting attached editor DOM node
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	138	* CVE-2017-7784 (bmo#1376087)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	139	Use-after-free with image observers
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	140	* CVE-2017-7802 (bmo#1378147)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	141	Use-after-free resizing image elements
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	142	* CVE-2017-7785 (bmo#1356985)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	143	Buffer overflow manipulating ARIA attributes in DOM
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	144	* CVE-2017-7786 (bmo#1365189)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	145	Buffer overflow while painting non-displayable SVG
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	146	* CVE-2017-7806 (bmo#1378113)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	147	Use-after-free in layer manager with SVG
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	148	* CVE-2017-7753 (bmo#1353312)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	149	Out-of-bounds read with cached style data and pseudo-elements#
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	150	* CVE-2017-7787 (bmo#1322896)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	151	Same-origin policy bypass with iframes through page reloads
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	152	* CVE-2017-7807 (bmo#1376459)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	153	Domain hijacking through AppCache fallback
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	154	* CVE-2017-7792 (bmo#1368652)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	155	Buffer overflow viewing certificates with an extremely long OID
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	156	* CVE-2017-7804 (bmo#1372849)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	157	Memory protection bypass through WindowsDllDetourPatcher
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	158	* CVE-2017-7791 (bmo#1365875)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	159	Spoofing following page navigation with data: protocol and modal alerts
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	160	* CVE-2017-7808 (bmo#1367531)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	161	CSP information leak with frame-ancestors containing paths
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	162	* CVE-2017-7782 (bmo#1344034)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	163	WindowsDllDetourPatcher allocates memory without DEP protections
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	164	* CVE-2017-7781 (bmo#1352039)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	165	Elliptic curve point addition error when using mixed Jacobian-affine coordinates
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	166	* CVE-2017-7794 (bmo#1374281)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	167	Linux file truncation via sandbox broker
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	168	* CVE-2017-7803 (bmo#1377426)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	169	CSP containing 'sandbox' improperly applied
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	170	* CVE-2017-7799 (bmo#1372509)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	171	Self-XSS XUL injection in about:webrtc
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	172	* CVE-2017-7783 (bmo#1360842)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	173	DOS attack through long username in URL
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	174	* CVE-2017-7788 (bmo#1073952)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	175	Sandboxed about:srcdoc iframes do not inherit CSP directives
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	176	* CVE-2017-7789 (bmo#1074642)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	177	Failure to enable HSTS when two STS headers are sent for a connection
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	178	* CVE-2017-7790 (bmo#1350460) (Windows-only)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	179	Windows crash reporter reads extra memory for some non-null-terminated registry values
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	180	* CVE-2017-7796 (bmo#1234401) (Windows-only)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	181	Windows updater can delete any file named update.log
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	182	* CVE-2017-7797 (bmo#1334776)
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	183	Response header name interning leaks across origins
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	184	* CVE-2017-7780
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	185	Memory safety bugs fixed in Firefox 55
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	186	* CVE-2017-7779
fde25c29562d 55.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 986 diff changeset	187	Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
985 038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	188	- updated mozilla-kde.patch:
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	189	* removed "downloadfinished" alert as Firefox reimplemented the
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	190	whole thing (TODO: check if there is another function we should
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	191	hook in)
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	192
038d048a3940 Firefox 55.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 983 diff changeset	193	-------------------------------------------------------------------
983 87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	194	Tue Jul 4 20:08:47 UTC 2017 - wr@rosenauer.org
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	195
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	196	- update to Firefox 54.0.1
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	197	* Fix a display issue of tab title (bmo#1357656)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	198	* Fix a display issue of opening new tab (bmo#1371995)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	199	* Fix a display issue when opening multiple tabs (bmo#1371962)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	200	* Fix a tab display issue when downloading files (bmo#1373109)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	201	* Fix a PDF printing issue (bmo#1366744)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	202	* Fix a Netflix issue on Linux (bmo#1375708)
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	203
87a20e4490e0 54.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 982 diff changeset	204	-------------------------------------------------------------------
982 53443ffb496a Firefox 54.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 981 diff changeset	205	Thu Jun 15 13:56:05 UTC 2017 - wr@rosenauer.org
53443ffb496a Firefox 54.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 981 diff changeset	206
53443ffb496a Firefox 54.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 981 diff changeset	207	- update to Firefox 54.0
981 593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	208	* Clearer and more detailed information for download items in the
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	209	download panel
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	210	* Added Burmese (my) locale
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	211	* Bookmarks created on mobile devices are now shown in
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	212	"Mobile Bookmarks” folder in the drop down list from the toolbar
593707d5c013 added changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 979 diff changeset	213	and Bookmarks option in the menu bar in Desktop Firefox
982 53443ffb496a Firefox 54.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 981 diff changeset	214	* added support for multiple content processes (e10s-multi)
979 f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	215	- requires NSPR 4.14 and NSS 3.30.2
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	216	- requires rust 1.15.1
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	217	- removed mozilla-shared-nss-db.patch as it seems to be a rather
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	218	unused feature
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	219
f82a374a310d Firefox 54.0b13 Wolfgang Rosenauer <wr@rosenauer.org> parents: 977 diff changeset	220	-------------------------------------------------------------------
977 224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	221	Thu Jun 1 04:25:05 UTC 2017 - kah0922@gmail.com
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	222
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	223	- remove -fno-inline-small-functions and explicitely optimize with
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	224	-O2 for openSUSE > 13.2/Leap 42 to work with gcc7 (boo#1040105)
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	225
224d8137f02c remove -fno-inline-small-functions and explicitely optimize with Wolfgang Rosenauer <wr@rosenauer.org> parents: 967 diff changeset	226	-------------------------------------------------------------------
967 188c3f40f0da recent changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 964 diff changeset	227	Wed Apr 26 12:37:38 UTC 2017 - wr@rosenauer.org
964 218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	228
218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	229	- switch to Mozilla's geolocation service (boo#1026989)
218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	230	- removed mozilla-preferences.patch obsoleted by overriding via
218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	231	firefox.js
967 188c3f40f0da recent changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 964 diff changeset	232	- fixed KDE integration to avoid crash caused by filepicker
188c3f40f0da recent changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 964 diff changeset	233	(boo#1015998)
964 218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	234
218a4e337cfe use mozilla geolocation api instead of broken google one Wolfgang Rosenauer <wr@rosenauer.org> parents: 962 diff changeset	235	-------------------------------------------------------------------
960 42e50afb9638 Firefox 53.0 (build6) Wolfgang Rosenauer <wr@rosenauer.org> parents: 959 diff changeset	236	Mon Apr 17 12:52:10 UTC 2017 - wr@rosenauer.org
42e50afb9638 Firefox 53.0 (build6) Wolfgang Rosenauer <wr@rosenauer.org> parents: 959 diff changeset	237
42e50afb9638 Firefox 53.0 (build6) Wolfgang Rosenauer <wr@rosenauer.org> parents: 959 diff changeset	238	- update to Firefox 53.0
956 5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	239	* requires NSS 3.29.5
951 f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	240	* Lightweight themes are now applied in private browsing windows
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	241	* Reader Mode now displays estimated reading time for the page
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	242	* Two new 'compact' themes available in Firefox, dark and light,
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	243	based on the Firefox Developer Edition theme
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	244	* Ended Firefox Linux support for processors older than Pentium 4
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	245	and AMD Opteron
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	246	* Refresh of the media controls user interface
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	247	* Shortened titles on tabs are faded out instead of using ellipsis
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	248	for improved readability
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	249	* Media playback on new tabs is blocked until the tab is visible
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	250	* Permission notifications have a cleaner design and cannot be
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	251	easily missed
962 fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	252	MFSA 2017-10
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	253	* CVE-2017-5456 (bmo#1344415)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	254	Sandbox escape allowing local file system access
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	255	* CVE-2017-5442 (bmo#1347979)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	256	Use-after-free during style changes
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	257	* CVE-2017-5443 (bmo#1342661)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	258	Out-of-bounds write during BinHex decoding
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	259	* CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894,
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	260	bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	261	Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	262	Firefox ESR 52.1
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	263	* CVE-2017-5464 (bmo#1347075)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	264	Memory corruption with accessibility and DOM manipulation
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	265	* CVE-2017-5465 (bmo#1347617)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	266	Out-of-bounds read in ConvolvePixel
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	267	* CVE-2017-5466 (bmo#1353975)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	268	Origin confusion when reloading isolated data:text/html URL
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	269	* CVE-2017-5467 (bmo#1347262)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	270	Memory corruption when drawing Skia content
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	271	* CVE-2017-5460 (bmo#1343642)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	272	Use-after-free in frame selection
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	273	* CVE-2017-5461 (bmo#1344380)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	274	Out-of-bounds write in Base64 encoding in NSS
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	275	* CVE-2017-5448 (bmo#1346648)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	276	Out-of-bounds write in ClearKeyDecryptor
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	277	* CVE-2017-5449 (bmo#1340127)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	278	Crash during bidirectional unicode manipulation with animation
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	279	* CVE-2017-5446 (bmo#1343505)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	280	Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	281	* CVE-2017-5447 (bmo#1343552)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	282	Out-of-bounds read during glyph processing
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	283	* CVE-2017-5444 (bmo#1344461)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	284	Buffer overflow while parsing application/http-index-format content
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	285	* CVE-2017-5445 (bmo#1344467)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	286	Uninitialized values used while parsing application/http-index-format
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	287	content
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	288	* CVE-2017-5468 (bmo#1329521)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	289	Incorrect ownership model for Private Browsing information
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	290	* CVE-2017-5469 (bmo#1292534)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	291	Potential Buffer overflow in flex-generated code
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	292	* CVE-2017-5440 (bmo#1336832)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	293	Use-after-free in txExecutionState destructor during XSLT processing
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	294	* CVE-2017-5441 (bmo#1343795)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	295	Use-after-free with selection during scroll events
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	296	* CVE-2017-5439 (bmo#1336830)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	297	Use-after-free in nsTArray Length() during XSLT processing
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	298	* CVE-2017-5438 (bmo#1336828)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	299	Use-after-free in nsAutoPtr during XSLT processing
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	300	* CVE-2017-5437 (bmo#1343453)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	301	Vulnerabilities in Libevent library
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	302	* CVE-2017-5436 (bmo#1345461)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	303	Out-of-bounds write with malicious font in Graphite 2
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	304	* CVE-2017-5435 (bmo#1350683)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	305	Use-after-free during transaction processing in the editor
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	306	* CVE-2017-5434 (bmo#1349946)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	307	Use-after-free during focus handling
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	308	* CVE-2017-5433 (bmo#1347168)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	309	Use-after-free in SMIL animation functions
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	310	* CVE-2017-5432 (bmo#1346654)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	311	Use-after-free in text input selection
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	312	* CVE-2017-5430 (bmo#1329796, bmo#1337418, bmo#1339722, bmo#1340482,
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	313	bmo#1342101, bmo#1344081, bmo#1344305, bmo#1344686,
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	314	bmo#1346140, bmo#1346419, bmo#1348143, bmo#1349621,
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	315	bmo#1349719, bmo#1353476)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	316	Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	317	* CVE-2017-5459 (bmo#1333858)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	318	Buffer overflow in WebGL
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	319	* CVE-2017-5458 (bmo#1229426)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	320	Drag and drop of javascript: URLs can allow for self-XSS
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	321	* CVE-2017-5455 (bmo#1341191)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	322	Sandbox escape through internal feed reader APIs
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	323	* CVE-2017-5454 (bmo#1349276)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	324	Sandbox escape allowing file system read access through file picker
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	325	* CVE-2017-5451 (bmo#1273537)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	326	Addressbar spoofing with onblur event
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	327	* CVE-2017-5453 (bmo#1321247)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	328	HTML injection into RSS Reader feed preview page through
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	329	TITLE element
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	330	* CVE-2017-5462 (bmo#1345089)
fbb2f292caaa add security information to changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 960 diff changeset	331	DRBG flaw in NSS
951 f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	332	- removed browser(npapi) provides as these plugins are deprecated
953 6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	333	- switch used compiler to gcc5 (FF requires gcc >= 4.9 now) for
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	334	Leap 42
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	335	- Gtk2 is not longer an option; switched to Gtk3
956 5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	336	- apply MOZ_USE_XINPUT2=1 for better touchpad and touchscreen support
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	337	(boo#1032003)
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	338
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	339	-------------------------------------------------------------------
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	340	Mon Apr 3 06:16:26 UTC 2017 - wr@rosenauer.org
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	341
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	342	- update to Firefox 52.0.2
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	343	* Use Nirmala UI as fallback font for additional Indic languages (bmo#1342787)
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	344	* Fix loading tab icons on session restore (bmo#1338009)
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	345	* Fix a crash on startup on Linux (bmo#1345413)
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	346	* Fix new installs erroneously not prompting to change the default
5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	347	browser setting (bmo#1343938)
953 6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	348
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	349	-------------------------------------------------------------------
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	350	Mon Mar 20 15:35:57 UTC 2017 - wr@rosenauer.org
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	351
6b282f295753 53.0b4 (complete) Wolfgang Rosenauer <wr@rosenauer.org> parents: 951 diff changeset	352	- disable rust usage for everything but x86(-64)
956 5353413a2411 53.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 954 diff changeset	353	- explicitely add libffi build requirement
951 f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	354
f7a8fa97a57e merge latest changes from firefox52 Wolfgang Rosenauer <wr@rosenauer.org> parents: 946 diff changeset	355	-------------------------------------------------------------------
946 34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	356	Fri Mar 17 15:43:29 UTC 2017 - wr@rosenauer.org
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	357
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	358	- update to Firefox 52.0.1 (boo#1029822)
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	359	MFSA 2017-08
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	360	CVE-2017-5428: integer overflow in createImageBitmap() (bmo#1348168)
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	361
34bd1eb1cbd7 52.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 945 diff changeset	362	-------------------------------------------------------------------
945 7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	363	Thu Mar 9 12:30:14 UTC 2017 - wr@rosenauer.org
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	364
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	365	- reenable ALSA support which was removed by default upstream
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	366
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	367	-------------------------------------------------------------------
944 ce8a98f8d8d7 Firefox 52.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 943 diff changeset	368	Sat Mar 4 16:57:45 UTC 2017 - wr@rosenauer.org
ce8a98f8d8d7 Firefox 52.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 943 diff changeset	369
945 7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	370	- update to Firefox 52.0 (boo#1028391)
944 ce8a98f8d8d7 Firefox 52.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 943 diff changeset	371	* requires NSS >= 3.28.3
942 66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	372	* Pages containing insecure password fields now display a warning
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	373	directly within username and password fields.
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	374	* Send and open a tab from one device to another with Sync
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	375	* Removed NPAPI support for plugins other than Flash. Silverlight,
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	376	Java, Acrobat and the like are no longer supported.
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	377	* Removed Battery Status API to reduce fingerprinting of users by
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	378	trackers
945 7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	379	* MFSA 2017-05
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	380	CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	381	(bmo#1334933)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	382	CVE-2017-5401: Memory Corruption when handling ErrorResult
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	383	(bmo#1328861)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	384	CVE-2017-5402: Use-after-free working with events in FontFace
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	385	objects (bmo#1334876)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	386	CVE-2017-5403: Use-after-free using addRange to add range to an
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	387	incorrect root object (bmo#1340186)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	388	CVE-2017-5404: Use-after-free working with ranges in selections
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	389	(bmo#1340138)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	390	CVE-2017-5406: Segmentation fault in Skia with canvas operations
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	391	(bmo#1306890)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	392	CVE-2017-5407: Pixel and history stealing via floating-point
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	393	timing side channel with SVG filters (bmo#1336622)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	394	CVE-2017-5410: Memory corruption during JavaScript garbage
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	395	collection incremental sweeping (bmo#1330687)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	396	CVE-2017-5408: Cross-origin reading of video captions in violation
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	397	of CORS (bmo#1313711)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	398	CVE-2017-5412: Buffer overflow read in SVG filters (bmo#1328323)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	399	CVE-2017-5413: Segmentation fault during bidirectional operations
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	400	(bmo#1337504)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	401	CVE-2017-5414: File picker can choose incorrect default directory
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	402	(bmo#1319370)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	403	CVE-2017-5415: Addressbar spoofing through blob URL (bmo#1321719)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	404	CVE-2017-5416: Null dereference crash in HttpChannel (bmo#1328121)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	405	CVE-2017-5417: Addressbar spoofing by draging and dropping URLs
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	406	(bmo#791597)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	407	CVE-2017-5426: Gecko Media Plugin sandbox is not started if
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	408	seccomp-bpf filter is running (bmo#1257361)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	409	CVE-2017-5427: Non-existent chrome.manifest file loaded during
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	410	startup (bmo#1295542)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	411	CVE-2017-5418: Out of bounds read when parsing HTTP digest
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	412	authorization responses (bmo#1338876)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	413	CVE-2017-5419: Repeated authentication prompts lead to DOS
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	414	attack (bmo#1312243)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	415	CVE-2017-5420: Javascript: URLs can obfuscate addressbar
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	416	location (bmo#1284395)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	417	CVE-2017-5405: FTP response codes can cause use of
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	418	uninitialized values for ports (bmo#1336699)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	419	CVE-2017-5421: Print preview spoofing (bmo#1301876)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	420	CVE-2017-5422: DOS attack by using view-source: protocol
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	421	repeatedly in one hyperlink (bmo#1295002)
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	422	CVE-2017-5399: Memory safety bugs fixed in Firefox 52
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	423	CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and
7b1e775ff77a FF52 as released Wolfgang Rosenauer <wr@rosenauer.org> parents: 944 diff changeset	424	Firefox ESR 45.8
942 66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	425	- removed obsolete patches
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	426	* mozilla-binutils-visibility.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	427	* mozilla-check_return.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	428	* mozilla-disable-skia-be.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	429	* mozilla-skia-overflow.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	430	* mozilla-skia-ppc-endianess.patch
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	431	- rebased patches
943 ace605efe50f latest beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 942 diff changeset	432	- enable rust usage for Tumbleweed
942 66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	433
66115255ad6f prepare FF51 (currently 51.0b5) Wolfgang Rosenauer <wr@rosenauer.org> parents: 940 diff changeset	434	-------------------------------------------------------------------
940 f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	435	Fri Jan 27 20:25:59 UTC 2017 - astieger@suse.com
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	436
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	437	- Mozilla Firefox 51.0.1:
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	438	- Multiprocess incompatibility did not correctly register with
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	439	some add-ons (bmo#1333423)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	440
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	441	-------------------------------------------------------------------
935 9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	442	Fri Jan 20 13:57:56 UTC 2017 - wr@rosenauer.org
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	443
940 f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	444	- update to Firefox 51.0
935 9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	445	* requires NSPR >= 4.13.1, NSS >= 3.28.1
936 096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	446	* Added support for FLAC (Free Lossless Audio Codec) playback
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	447	* Added support for WebGL 2
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	448	* Added Georgian (ka) and Kabyle (kab) locales
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	449	* Support saving passwords for forms without 'submit' events
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	450	* Improved video performance for users without GPU acceleration
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	451	* Zoom indicator is shown in the URL bar if the zoom level is not
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	452	at default level
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	453	* View passwords from the prompt before saving them
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	454	* Remove Belarusian (be) locale
096e59808e91 more changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 935 diff changeset	455	* Use Skia for content rendering (Linux)
940 f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	456	* MFSA 2017-01
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	457	CVE-2017-5375: Excessive JIT code allocation allows bypass of
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	458	ASLR and DEP (bmo#1325200, boo#1021814)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	459	CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	460	CVE-2017-5377: Memory corruption with transforms to create
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	461	gradients in Skia (bmo#1306883, boo#1021826)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	462	CVE-2017-5378: Pointer and frame data leakage of Javascript objects
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	463	(bmo#1312001, bmo#1330769, boo#1021818)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	464	CVE-2017-5379: Use-after-free in Web Animations
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	465	(bmo#1309198,boo#1021827)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	466	CVE-2017-5380: Potential use-after-free during DOM manipulations
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	467	(bmo#1322107, boo#1021819)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	468	CVE-2017-5390: Insecure communication methods in Developer Tools
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	469	JSON viewer (bmo#1297361, boo#1021820)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	470	CVE-2017-5389: WebExtensions can install additional add-ons via
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	471	modified host requests (bmo#1308688, boo#1021828)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	472	CVE-2017-5396: Use-after-free with Media Decoder
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	473	(bmo#1329403, boo#1021821)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	474	CVE-2017-5381: Certificate Viewer exporting can be used to navigate
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	475	and save to arbitrary filesystem locations
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	476	(bmo#1017616, boo#1021830)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	477	CVE-2017-5382: Feed preview can expose privileged content errors
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	478	and exceptions (bmo#1295322, boo#1021831)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	479	CVE-2017-5383: Location bar spoofing with unicode characters
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	480	(bmo#1323338, bmo#1324716, boo#1021822)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	481	CVE-2017-5384: Information disclosure via Proxy Auto-Config (PAC)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	482	(bmo#1255474, boo#1021832)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	483	CVE-2017-5385: Data sent in multipart channels ignores referrer-policy
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	484	response headers (bmo#1295945, boo#1021833)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	485	CVE-2017-5386: WebExtensions can use data: protocol to affect other
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	486	extensions (bmo#1319070, boo#1021823)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	487	CVE-2017-5394: Android location bar spoofing using fullscreen and
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	488	JavaScript events (bmo#1222798)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	489	CVE-2017-5391: Content about: pages can load privileged about: pages
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	490	(bmo#1309310, boo#1021835)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	491	CVE-2017-5392: Weak references using multiple threads on weak proxy
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	492	objects lead to unsafe memory usage (bmo#1293709)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	493	(Android only)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	494	CVE-2017-5393: Remove addons.mozilla.org CDN from whitelist for
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	495	mozAddonManager (bmo#1309282, boo#1021837)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	496	CVE-2017-5395: Android location bar spoofing during scrolling
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	497	(bmo#1293463) (Android only)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	498	CVE-2017-5387: Disclosure of local file existence through TRACK
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	499	tag error messages (bmo#1295023, boo#1021839)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	500	CVE-2017-5388: WebRTC can be used to generate a large amount of
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	501	UDP traffic for DDOS attacks
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	502	(bmo#1281482, boo#1021840)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	503	CVE-2017-5374: Memory safety bugs fixed in Firefox 51 (boo#1021841)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	504	CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	505	Firefox ESR 45.7 (boo#1021824)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	506	- switch Firefox to Gtk3 for Tumbleweed
935 9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	507	- removed obsolete patches
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	508	* mozilla-flex_buffer_overrun.patch
939 3604ed712e16 51.0 as submitted to official openSUSE Wolfgang Rosenauer <wr@rosenauer.org> parents: 938 diff changeset	509	- updated RPM locale support tag
3604ed712e16 51.0 as submitted to official openSUSE Wolfgang Rosenauer <wr@rosenauer.org> parents: 938 diff changeset	510	- improve recognition of LANGUAGE env variable (boo#1017174)
940 f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	511	- add upstream patch to fix PPC64LE (bmo#1319389)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	512	(mozilla-skia-ppc-endianess.patch)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	513	- fix build without skia (big endian archs) (bmo#1319374)
f63a4ac0fe06 51.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 939 diff changeset	514	(mozilla-disable-skia-be.patch)
935 9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	515
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	516	-------------------------------------------------------------------
933 7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	517	Mon Dec 12 21:18:41 UTC 2016 - wr@rosenauer.org
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	518
935 9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	519	- update to Firefox 50.1.0 (boo#1015422)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	520	* MFSA 2016-94
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	521	CVE-2016-9894: Buffer overflow in SkiaGL (bmo#1306628)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	522	CVE-2016-9899: Use-after-free while manipulating DOM events and
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	523	audio elements (bmo#1317409)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	524	CVE-2016-9895: CSP bypass using marquee tag (bmo#1312272)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	525	CVE-2016-9896: Use-after-free with WebVR (bmo#1315543)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	526	CVE-2016-9897: Memory corruption in libGLES (bmo#1301381)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	527	CVE-2016-9898: Use-after-free in Editor while manipulating
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	528	DOM subtrees (bmo#1314442)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	529	CVE-2016-9900: Restricted external resources can be loaded by
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	530	SVG images through data URLs (bmo#1319122)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	531	CVE-2016-9904: Cross-origin information leak in shared atoms
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	532	(bmo#1317936)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	533	CVE-2016-9901: Data from Pocket server improperly sanitized
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	534	before execution (bmo#1320057)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	535	CVE-2016-9902: Pocket extension does not validate the origin
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	536	of events (bmo#1320039)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	537	CVE-2016-9903: XSS injection vulnerability in add-ons SDK
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	538	(bmo#1315435)
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	539	CVE-2016-9080: Memory safety bugs fixed in Firefox 50.1
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	540	CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and
9ae2b79d3bb1 prepare FF 51 -> 51.0b14 Wolfgang Rosenauer <wr@rosenauer.org> parents: 933 diff changeset	541	Firefox ESR 45.6
933 7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	542
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	543	-------------------------------------------------------------------
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	544	Fri Dec 9 17:57:22 UTC 2016 - cgrobertson@novell.com
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	545
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	546	- added patch mozilla-aarch64-startup-crash.patch (bsc#1011922)
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	547
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	548	-------------------------------------------------------------------
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	549	Thu Dec 1 02:49:45 UTC 2016 - wr@rosenauer.org
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	550
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	551	- update to Firefox 50.0.2
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	552	* Firefox crashes with 3rd party Chinese IME when using IME text
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	553	(50.0.1)
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	554	security fixes (in 50.0.1): (boo#1012807)
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	555	* MFSA 2016-91
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	556	CVE-2016-9078: data: URL can inherit wrong origin after an
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	557	HTTP redirect (bmo#1317641)
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	558	security fixes (in 50.0.2) (boo#1012964)
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	559	* MFSA 2016-92
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	560	CVE-2016-9079: Use-after-free in SVG Animation (bmo#1321066)
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	561
7f60766aae16 50.1.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 932 diff changeset	562	-------------------------------------------------------------------
932 a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	563	Mon Nov 14 21:07:03 UTC 2016 - wr@rosenauer.org
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	564
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	565	- update to Firefox 50.0 (boo#1009026)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	566	* requires NSS 3.26.2
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	567	new features
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	568	* Updates to keyboard shortcuts
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	569	Set a preference to have Ctrl+Tab cycle through tabs in recently
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	570	used order
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	571	View a page in Reader Mode by using Ctrl+Alt+R
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	572	* Added option to Find in page that allows users to limit search to
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	573	whole words only
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	574	* Added download protection for a large number of executable file
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	575	types on Windows, Mac and Linux
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	576	* Fixed rendering of dashed and dotted borders with rounded corners
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	577	(border-radius)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	578	* Added a built-in Emoji set for operating systems without native
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	579	Emoji fonts (Windows 8.0 and lower and Linux)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	580	* Blocked versions of libavcodec older than 54.35.1
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	581	* additional locale
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	582	security fixes:
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	583	* MFSA 2016-89
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	584	CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	585	(bmo#1292443)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	586	CVE-2016-5292: URL parsing causes crash (bmo#1288482)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	587	CVE-2016-5293: Write to arbitrary file with updater and moz
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	588	maintenance service using updater.log hardlink
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	589	(Windows only) (bmo#1246945)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	590	CVE-2016-5294: Arbitrary target directory for result files of
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	591	update process (Windows only) (bmo#1246972)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	592	CVE-2016-5297: Incorrect argument length checking in Javascript
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	593	(bmo#1303678)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	594	CVE-2016-9064: Addons update must verify IDs match between
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	595	current and new versions (bmo#1303418)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	596	CVE-2016-9065: Firefox for Android location bar spoofing usingfullscreen
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	597	(Android only) (bmo#1306696)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	598	CVE-2016-9066: Integer overflow leading to a buffer overflow in
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	599	nsScriptLoadHandler (bmo#1299686)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	600	CVE-2016-9067: heap-use-after-free in nsINode::ReplaceOrInsertBefore
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	601	(bmo#1301777, bmo#1308922 (CVE-2016-9069))
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	602	CVE-2016-9068: heap-use-after-free in nsRefreshDriver (bmo#1302973)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	603	CVE-2016-9072: 64-bit NPAPI sandbox isn't enabled on fresh profile
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	604	(bmo#1300083) (Windows only)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	605	CVE-2016-9075: WebExtensions can access the mozAddonManager API
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	606	and use it to gain elevated privileges (bmo#1295324)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	607	CVE-2016-9077: Canvas filters allow feDisplacementMaps to be applied
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	608	to cross-origin images, allowing timing attacks on them
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	609	(bmo#1298552)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	610	CVE-2016-5291: Same-origin policy violation using local HTML file
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	611	and saved shortcut file (bmo#1292159)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	612	CVE-2016-5295: Mozilla Maintenance Service: Ability to read
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	613	arbitrary files as SYSTEM (Windows only) (bmo#1247239)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	614	CVE-2016-5298: SSL indicator can mislead the user about the real
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	615	URL visited (bmo#1227538) (Android only)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	616	CVE-2016-5299: Firefox AuthToken in broadcast protected with
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	617	signature-level permission can be accessed by an
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	618	application installed beforehand that defines the
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	619	same permissions (bmo#1245791) (Android only)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	620	CVE-2016-9061: API Key (glocation) in broadcast protected with
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	621	signature-level permission can be accessed by an
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	622	application installed beforehand that defines the
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	623	same permissions (Android only) (bmo#1245795)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	624	CVE-2016-9062: Private browsing browser traces (android) in
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	625	browser.db and wal file (Android only) (bmo#1294438)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	626	CVE-2016-9070: Sidebar bookmark can have reference to chrome window
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	627	(bmo#1281071)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	628	CVE-2016-9073: windows.create schema doesn't specify "format": "relativeUrl"
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	629	(bmo#1289273)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	630	CVE-2016-9074: Insufficient timing side-channel resistance in
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	631	divSpoiler (bmo#1293334) (fixed via NSS 3.26.1)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	632	CVE-2016-9076: select dropdown menu can be used for URL bar
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	633	spoofing on e10s (bmo#1276976)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	634	CVE-2016-9063: Possible integer overflow to fix inside XML_Parse
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	635	in expat (bmo#1274777)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	636	CVE-2016-9071: Probe browser history via HSTS/301 redirect + CSP
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	637	(bmo#1285003)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	638	CVE-2016-5289: Memory safety bugs fixed in Firefox 50
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	639	CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	640	- make aarch64 build more similar to x86_64 build (remove conditionals
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	641	that don't seem to be necessary anymore)
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	642
a58cc7936ce7 Firefox 50.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 931 diff changeset	643	-------------------------------------------------------------------
931 c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	644	Mon Oct 24 09:41:17 UTC 2016 - astieger@suse.com
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	645
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	646	- Mozilla Firefox 49.0.2:
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	647	* CVE-2016-5287: Crash in nsTArray_base (bsc#1006475)
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	648	* CVE-2016-5288: Web content can read cache entries (bsc#1006476)
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	649	* Asynchronous rendering of the Flash plugins is now enabled by
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	650	default
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	651	* Change D3D9 default fallback preference to prevent graphical
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	652	artifacts
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	653	* Network issue prevents some users from seeing the Firefox UI on
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	654	startup
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	655	* Web compatibility issue with file uploads
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	656	* Web compatibility issue with Array.prototype.values
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	657	* Diagnostic information on timing for tab switching
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	658	* Fix a Canvas filters graphics issue affecting HTML5 apps
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	659
c5f980be6e8b 49.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 930 diff changeset	660	-------------------------------------------------------------------
930 fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	661	Wed Oct 12 20:42:28 UTC 2016 - badshah400@gmail.com
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	662
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	663	- Drop mozilla-gtk3_20.patch; obsoleted by Firefox version 49.0
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	664	and fixes have been incorporated by upstream.
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	665
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	666	-------------------------------------------------------------------
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	667	Fri Sep 23 20:36:39 UTC 2016 - astieger@suse.com
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	668
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	669	- Mozilla Firefox 49.0.1:
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	670	* Mitigate a startup crash issue caused by Websense - bmo#1304783
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	671
fdfd88b0c2d7 latest updates including 49.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 929 diff changeset	672	-------------------------------------------------------------------
929 9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	673	Tue Sep 20 07:09:52 UTC 2016 - wr@rosenauer.org
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	674
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	675	- update to Firefox 49.0 (boo#999701)
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	676	new features
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	677	* Updated Firefox Login Manager to allow HTTPS pages to use saved
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	678	HTTP logins.
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	679	* Added features to Reader Mode that make it easier on the eyes and
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	680	the ears
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	681	* Improved video performance for users on systems that support
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	682	SSE3 without hardware acceleration
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	683	* Added context menu controls to HTML5 audio and video that let users
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	684	loops files or play files at 1.25x speed
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	685	* Improvements in about:memory reports for tracking font memory usage
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	686	security related
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	687	* MFSA 2016-85
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	688	CVE-2016-2827 (bmo#1289085) - Out-of-bounds read in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	689	mozilla::net::IsValidReferrerPolicy
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	690	CVE-2016-5270 (bmo#1291016) - Heap-buffer-overflow in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	691	nsCaseTransformTextRunFactory::TransformString
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	692	CVE-2016-5271 (bmo#1288946) - Out-of-bounds read in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	693	PropertyProvider::GetSpacingInternal
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	694	CVE-2016-5272 (bmo#1297934) - Bad cast in nsImageGeometryMixin
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	695	CVE-2016-5273 (bmo#1280387) - crash in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	696	mozilla::a11y::HyperTextAccessible::GetChildOffset
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	697	CVE-2016-5276 (bmo#1287721) - Heap-use-after-free in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	698	mozilla::a11y::DocAccessible::ProcessInvalidationList
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	699	CVE-2016-5274 (bmo#1282076) - use-after-free in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	700	nsFrameManager::CaptureFrameState
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	701	CVE-2016-5277 (bmo#1291665) - Heap-use-after-free in nsRefreshDriver::Tick
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	702	CVE-2016-5275 (bmo#1287316) - global-buffer-overflow in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	703	mozilla::gfx::FilterSupport::ComputeSourceNeededRegions
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	704	CVE-2016-5278 (bmo#1294677) - Heap-buffer-overflow in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	705	nsBMPEncoder::AddImageFrame
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	706	CVE-2016-5279 (bmo#1249522) - Full local path of files is available
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	707	to web pages after drag and drop
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	708	CVE-2016-5280 (bmo#1289970) - Use-after-free in
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	709	mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	710	CVE-2016-5281 (bmo#1284690) - use-after-free in DOMSVGLength
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	711	CVE-2016-5282 (bmo#932335) - Don't allow content to request favicons
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	712	from non-whitelisted schemes
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	713	CVE-2016-5283 (bmo#928187) - <iframe src> fragment timing attack can
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	714	reveal cross-origin data
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	715	CVE-2016-5284 (bmo#1303127) - Add-on update site certificate pin expiration
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	716	CVE-2016-5256 - Memory safety bugs fixed in Firefox 49
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	717	CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	718	- removed obsolete patches:
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	719	* mozilla-aarch64-48bit-va.patch
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	720	* mozilla-exclude-nametablecpp.patch
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	721	* mozilla-old_configure-bmo1282843.patch
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	722	- added patch mozilla-skia-overflow.patch (bmo#1304114)
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	723	- requires NSS 3.25
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	724
9fc2ebe6d7f1 Firefox 49.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 928 diff changeset	725	-------------------------------------------------------------------
928 4663386a04de update to 48.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 927 diff changeset	726	Tue Aug 30 20:25:38 UTC 2016 - astieger@suse.com
4663386a04de update to 48.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 927 diff changeset	727
4663386a04de update to 48.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 927 diff changeset	728	- Mozilla Firefox 48.0.2:
4663386a04de update to 48.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 927 diff changeset	729	* Mitigate a startup crash issue caused on Windows (bmo#1291738)
4663386a04de update to 48.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 927 diff changeset	730
4663386a04de update to 48.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 927 diff changeset	731	-------------------------------------------------------------------
927 300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	732	Sat Aug 20 10:58:26 UTC 2016 - astieger@suse.com
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	733
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	734	- Mozilla Firefox 48.0.1:
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	735	* Fix an audio regression impacting some major websites
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	736	(bmo#1295296)
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	737	* Fix a top crash in the JavaScript engine (bmo#1290469)
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	738	* Fix a startup crash issue caused by Websense (bmo#1291738)
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	739	* Fix a different behavior with e10s / non-e10s on <select> and
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	740	mouse events (bmo#1291078)
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	741	* Fix a top crash caused by plugin issues (bmo#1264530)
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	742	* Fix a shutdown issue (bmo#1276920)
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	743	* Fix a crash in WebRTC
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	744
300ed867f7fd 48.0.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 926 diff changeset	745	-------------------------------------------------------------------
925 05d175c5957e added upstream patch so system plugins/extensions are correctly Wolfgang Rosenauer <wr@rosenauer.org> parents: 924 diff changeset	746	Mon Aug 15 11:24:00 UTC 2016 - wr@rosenauer.org
05d175c5957e added upstream patch so system plugins/extensions are correctly Wolfgang Rosenauer <wr@rosenauer.org> parents: 924 diff changeset	747
05d175c5957e added upstream patch so system plugins/extensions are correctly Wolfgang Rosenauer <wr@rosenauer.org> parents: 924 diff changeset	748	- added upstream patch so system plugins/extensions are correctly
05d175c5957e added upstream patch so system plugins/extensions are correctly Wolfgang Rosenauer <wr@rosenauer.org> parents: 924 diff changeset	749	loaded again on x86-64 (bmo#1282843)
05d175c5957e added upstream patch so system plugins/extensions are correctly Wolfgang Rosenauer <wr@rosenauer.org> parents: 924 diff changeset	750	(mozilla-old_configure-bmo1282843.patch)
05d175c5957e added upstream patch so system plugins/extensions are correctly Wolfgang Rosenauer <wr@rosenauer.org> parents: 924 diff changeset	751
05d175c5957e added upstream patch so system plugins/extensions are correctly Wolfgang Rosenauer <wr@rosenauer.org> parents: 924 diff changeset	752	-------------------------------------------------------------------
926 6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	753	Fri Aug 5 13:47:12 UTC 2016 - pcerny@suse.com
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	754
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	755	- Fix for possible buffer overrun (bsc#990856)
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	756	CVE-2016-6354 (bmo#1292534)
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	757	[mozilla-flex_buffer_overrun.patch]
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	758
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	759	-------------------------------------------------------------------
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	760	Wed Aug 3 03:38:47 UTC 2016 - badshah400@gmail.com
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	761
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	762	- Update mozilla-gtk3_20.patch to latest version from Fedora.
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	763
6ab8b16f232c merge latest changes from Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 925 diff changeset	764	-------------------------------------------------------------------
923 3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	765	Mon Aug 1 12:37:05 UTC 2016 - wr@rosenauer.org
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	766
924 199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	767	- update to Firefox 48.0 (boo#991809)
923 3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	768	* requires NSS 3.24
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	769	* Process separation (e10s) is enabled for some of you
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	770	* Add-ons that have not been verified and signed by Mozilla will not load
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	771	* WebRTC embetterments
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	772	* The media parser has been redeveloped using the Rust programming
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	773	language
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	774	* better Canvas performance with speedy Skia support
924 199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	775	security fixes:
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	776	* MFSA 2016-62/CVE-2016-2835/CVE-2016-2836
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	777	Miscellaneous memory safety hazards
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	778	* MFSA 2016-63/CVE-2016-2830 (bmo#1255270)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	779	Favicon network connection can persist when page is closed
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	780	* MFSA 2016-64/CVE-2016-2838 (bmo#1279814)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	781	Buffer overflow rendering SVG with bidirectional content
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	782	* MFSA 2016-65/CVE-2016-2839 (bmo#1275339)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	783	Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	784	* MFSA 2016-66/CVE-2016-5251 (bmo#1255570)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	785	Location bar spoofing via data URLs with malformed/invalid mediatypes
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	786	* MFSA 2016-67/CVE-2016-5252 (bmo#1268854)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	787	Stack underflow during 2D graphics rendering
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	788	* MFSA 2016-68/CVE-2016-0718 (bmo#1236923)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	789	Out-of-bounds read during XML parsing in Expat library
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	790	* MFSA 2016-69/CVE-2016-5253 (bmo#1246944)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	791	Arbitrary file manipulation by local user through Mozilla updater
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	792	and callback application path parameter (Windows-only)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	793	* MFSA 2016-70/CVE-2016-5254 (bmo#1266963)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	794	Use-after-free when using alt key and toplevel menus
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	795	* MFSA 2016-71/CVE-2016-5255 (bmo#1212356)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	796	Crash in incremental garbage collection in JavaScript
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	797	* MFSA 2016-72/CVE-2016-5258 (bmo#1279146)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	798	Use-after-free in DTLS during WebRTC session shutdown
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	799	* MFSA 2016-73/CVE-2016-5259 (bmo#1282992)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	800	Use-after-free in service workers with nested sync events
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	801	* MFSA 2016-74/CVE-2016-5260 (bmo#1280294)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	802	Form input type change from password to text can store plain
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	803	text password in session restore file
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	804	* MFSA 2016-75/CVE-2016-5261 (bmo#1287266)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	805	Integer overflow in WebSockets during data buffering
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	806	* MFSA 2016-76/CVE-2016-5262 (bmo#1277475)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	807	Scripts on marquee tag can execute in sandboxed iframes
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	808	* MFSA 2016-77/CVE-2016-2837 (bmo#1274637)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	809	Buffer overflow in ClearKey Content Decryption Module (CDM)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	810	during video playback
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	811	* MFSA 2016-78/CVE-2016-5263 (bmo#1276897)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	812	Type confusion in display transformation
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	813	* MFSA 2016-79/CVE-2016-5264 (bmo#1286183)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	814	Use-after-free when applying SVG effects
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	815	* MFSA 2016-80/CVE-2016-5265 (bmo#1278013)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	816	Same-origin policy violation using local HTML file and saved shortcut file
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	817	* MFSA 2016-81/CVE-2016-5266 (bmo#1226977)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	818	Information disclosure and local file manipulation through drag and drop
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	819	* MFSA 2016-82/CVE-2016-5267 (bmo#1284372)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	820	Addressbar spoofing with right-to-left characters on Firefox for Android
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	821	(Android only)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	822	* MFSA 2016-83/CVE-2016-5268 (bmo#1253673)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	823	Spoofing attack through text injection into internal error pages
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	824	* MFSA 2016-84/CVE-2016-5250 (bmo#1254688)
199d5cf40e86 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 923 diff changeset	825	Information disclosure through Resource Timing API during page navigation
923 3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	826	- removed obsolete mozilla-gcc6.patch
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	827
3cc9f17ca9bb prepare FF48 Wolfgang Rosenauer <wr@rosenauer.org> parents: 921 diff changeset	828	-------------------------------------------------------------------
921 4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	829	Fri Jul 29 01:26:13 UTC 2016 - badshah400@gmail.com
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	830
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	831	- Update description and screenshots in appdata.xml file.
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	832
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	833	-------------------------------------------------------------------
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	834	Sat Jul 23 20:13:08 UTC 2016 - antoine.belvire@laposte.net
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	835
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	836	- Fix Firefox crash on startup on i586 (boo#986541):
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	837	* Add -fno-delete-null-pointer-checks and
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	838	-fno-inline-small-functions to CFLAGS
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	839
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	840	-------------------------------------------------------------------
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	841	Tue Jul 19 20:12:11 UTC 2016 - mailaender@opensuse.org
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	842
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	843	- Update the appdata.xml file (replace Windows XP screenshot)
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	844
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	845	-------------------------------------------------------------------
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	846	Wed Jun 29 09:25:41 UTC 2016 - astieger@suse.com
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	847
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	848	- Mozilla Firefox 47.0.1:
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	849	* Selenium WebDriver may cause Firefox to crash at startup
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	850	(bmo#1280854)
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	851
4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	852	-------------------------------------------------------------------
920 4e5807284ef0 https://bugzilla.opensuse.org/show_bug.cgi?id=984637 Wolfgang Rosenauer <wr@rosenauer.org> parents: 919 diff changeset	853	Wed Jun 15 07:52:18 UTC 2016 - wr@rosenauer.org
4e5807284ef0 https://bugzilla.opensuse.org/show_bug.cgi?id=984637 Wolfgang Rosenauer <wr@rosenauer.org> parents: 919 diff changeset	854
4e5807284ef0 https://bugzilla.opensuse.org/show_bug.cgi?id=984637 Wolfgang Rosenauer <wr@rosenauer.org> parents: 919 diff changeset	855	- mozilla-binutils-visibility.patch to fix build issues with
921 4f801233e935 merge contributions from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 920 diff changeset	856	gcc/binutils combination used in Leap 42.2 (boo#984637)
920 4e5807284ef0 https://bugzilla.opensuse.org/show_bug.cgi?id=984637 Wolfgang Rosenauer <wr@rosenauer.org> parents: 919 diff changeset	857
4e5807284ef0 https://bugzilla.opensuse.org/show_bug.cgi?id=984637 Wolfgang Rosenauer <wr@rosenauer.org> parents: 919 diff changeset	858	-------------------------------------------------------------------
919 6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	859	Tue Jun 14 08:35:03 UTC 2016 - badshah400@gmail.com
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	860
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	861	- Update mozilla-gtk3_20.patch to latest version from Fedora.
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	862
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	863	-------------------------------------------------------------------
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	864	Mon Jun 13 20:28:01 UTC 2016 - agraf@suse.com
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	865
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	866	- Fix running on 48bit va aarch64 (bsc#984126)
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	867	* add patch mozilla-aarch64-48bit-va.patch
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	868
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	869	-------------------------------------------------------------------
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	870	Mon Jun 13 15:27:13 UTC 2016 - wr@rosenauer.org
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	871
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	872	- fix XUL dialog button order under KDE session (boo#984403)
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	873
6838f0c032f8 ------------------------------------------------------------------- Wolfgang Rosenauer <wr@rosenauer.org> parents: 916 diff changeset	874	-------------------------------------------------------------------
916 2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	875	Tue Jun 7 19:47:25 UTC 2016 - wr@rosenauer.org
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	876
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	877	- update to Firefox 47.0 (boo#983549)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	878	* Enable VP9 video codec for users with fast machines
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	879	* Embedded YouTube videos now play with HTML5 video if Flash is
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	880	not installed
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	881	* View and search open tabs from your smartphone or another
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	882	computer in a sidebar
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	883	* Allow no-cache on back/forward navigations for https resources
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	884	security fixes:
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	885	* MFSA 2016-49/CVE-2016-2815/CVE-2016-2818
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	886	(boo#983638)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	887	(bmo#1241896, bmo#1242798, bmo#1243466, bmo#1245743,
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	888	bmo#1264300, bmo#1271037, bmo#1234147, bmo#1256493,
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	889	bmo#1256739, bmo#1256968, bmo#1261230, bmo#1261752,
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	890	bmo#1263384, bmo#1264575, bmo#1265577, bmo#1267130,
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	891	bmo#1269729, bmo#1273202, bmo#1273701)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	892	Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	893	* MFSA 2016-50/CVE-2016-2819 (boo#983655) (bmo#1270381)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	894	Buffer overflow parsing HTML5 fragments
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	895	* MFSA 2016-51/CVE-2016-2821 (bsc#983653) (bmo#1271460)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	896	Use-after-free deleting tables from a contenteditable document
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	897	* MFSA 2016-52/CVE-2016-2822 (boo#983652) (bmo#1273129)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	898	Addressbar spoofing though the SELECT element
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	899	* MFSA 2016-53/CVE-2016-2824 (boo#983651) (bmo#1248580)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	900	Out-of-bounds write with WebGL shader
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	901	* MFSA 2016-54/CVE-2016-2825 (boo#983649) (bmo#1193093)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	902	Partial same-origin-policy through setting location.host
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	903	through data URI
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	904	* MFSA 2016-56/CVE-2016-2828 (boo#983646) (bmo#1223810)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	905	Use-after-free when textures are used in WebGL operations
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	906	after recycle pool destruction
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	907	* MFSA 2016-57/CVE-2016-2829 (boo#983644) (bmo#1248329)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	908	Incorrect icon displayed on permissions notifications
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	909	* MFSA 2016-58/CVE-2016-2831 (boo#983643) (bmo#1261933)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	910	Entering fullscreen and persistent pointerlock without user
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	911	permission
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	912	* MFSA 2016-59/CVE-2016-2832 (boo#983632) (bmo#1025267)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	913	Information disclosure of disabled plugins through CSS
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	914	pseudo-classes
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	915	* MFSA 2016-60/CVE-2016-2833 (boo#983640) (bmo#908933)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	916	Java applets bypass CSP protections
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	917	* MFSA 2016-62/CVE-2016-2834 (boo#983639) (bmo#1206283,
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	918	bmo#1221620, bmo#1241034, bmo#1241037)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	919	Network Security Services (NSS) vulnerabilities
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	920	fixed by requiring NSS 3.23
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	921	packaging changes:
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	922	* cleanup configure options (boo#981695):
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	923	- notably remove GStreamer support which is gone from FF
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	924	* remove obsolete patches
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	925	- mozilla-libproxy.patch
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	926	- mozilla-repo.patch
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	927
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	928	-------------------------------------------------------------------
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	929	Wed May 25 16:36:23 UTC 2016 - badshah400@gmail.com
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	930
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	931	- The conditional testing for gcc was failing for different
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	932	openSUSE versions, drop it and apply patches unconditionally.
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	933
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	934	-------------------------------------------------------------------
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	935	Mon May 23 15:30:27 UTC 2016 - badshah400@gmail.com
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	936
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	937	- Add patches to fix building with gcc6:
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	938	+ mozilla-gcc6.patch: fix building with gcc >= 6.1; patch
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	939	taken from upstream:
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	940	https://hg.mozilla.org/mozilla-central/rev/55212130f19d.
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	941	+ mozilla-exclude-nametablecpp.patch: Exclude NameTable.cpp
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	942	from unified compilation because #include <cmath> in other
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	943	source files causes gcc6 compilation failure; patch taken from
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	944	upstream:
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	945	https://hg.mozilla.org/mozilla-central/rev/9c57b7cacffc.
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	946
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	947	-------------------------------------------------------------------
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	948	Fri May 13 00:00:00 CEST 2016 - dsterba@suse.cz
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	949
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	950	- enable build with PIE and full relro on x86_64 (boo#980384)
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	951
2f9f2e040647 Firefox 47.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 914 diff changeset	952	-------------------------------------------------------------------
914 20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	953	Wed May 4 10:27:43 UTC 2016 - wr@rosenauer.org
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	954
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	955	- update to Firefox 46.0.1
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	956	Fixed:
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	957	* Search plugin issue for various locales
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	958	* Add-on signing certificate expiration
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	959	* Service worker update issue
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	960	* Build issue when jit is disabled
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	961	* Limit Sync registration updates
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	962	- removed now obsolete mozilla-jit_branch64.patch
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	963
20bd16d68ed2 46.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 913 diff changeset	964	-------------------------------------------------------------------
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	965	Tue May 3 15:47:18 UTC 2016 - normand@linux.vnet.ibm.com
9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	966
9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	967	- add mozilla-jit_branch64.patch to avoid PowerPC build failure
9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	968	(from bmo#1266366)
9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	969
9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	970	-------------------------------------------------------------------
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	971	Wed Apr 27 08:39:28 UTC 2016 - badshah400@gmail.com
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	972
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	973	- Update mozilla-gtk3_20.patch for Firefox 46.0 (sync to latest
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	974	version from Fedora).
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	975
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	976	-------------------------------------------------------------------
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	977	Wed Apr 27 06:09:30 UTC 2016 - wr@rosenauer.org
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	978
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	979	- update to Firefox 46.0 (boo#977333)
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	980	* Improved security of the JavaScript Just In Time (JIT) Compiler
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	981	* WebRTC fixes to improve performance and stability
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	982	* Added support for document.elementsFromPoint
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	983	* Added HKDF support for Web Crypto API
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	984	* requires NSPR 4.12 and NSS 3.22.3
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	985	* added patch to fix unchecked return value
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	986	mozilla-check_return.patch
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	987	* Gtk3 builds not supported at the moment
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	988	security fixes:
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	989	* MFSA 2016-39/CVE-2016-2804/CVE-2016-2806/CVE-2016-2807
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	990	(boo#977373, boo#977375, boo#977376)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	991	Miscellaneous memory safety hazards
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	992	* MFSA 2016-40/CVE-2016-2809 (bmo#1212939, boo#977377)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	993	Privilege escalation through file deletion by Maintenance Service updater
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	994	(Windows only)
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	995	* MFSA 2016-41/CVE-2016-2810 (bmo#1229681, boo#977378)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	996	Content provider permission bypass allows malicious application
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	997	to access data (Android only)
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	998	* MFSA 2016-42/CVE-2016-2811/CVE-2016-2812
9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	999	(bmo#1252330, bmo#1261776, boo#977379)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1000	Use-after-free and buffer overflow in Service Workers
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	1001	* MFSA 2016-43/CVE-2016-2813 (bmo#1197901, bmo#2714650, boo#977380)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1002	Disclosure of user actions through JavaScript with motion and
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1003	orientation sensors (only affects mobile variants)
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	1004	* MFSA 2016-44/CVE-2016-2814 (bmo#1254721, boo#977381)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1005	Buffer overflow in libstagefright with CENC offsets
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	1006	* MFSA 2016-45/CVE-2016-2816 (bmo#1223743, boo#977382)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1007	CSP not applied to pages sent with multipart/x-mixed-replace
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	1008	* MFSA 2016-46/CVE-2016-2817 (bmo#1227462, boo#977384)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1009	Elevation of privilege with chrome.tabs.update API in web extensions
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	1010	* MFSA 2016-47/CVE-2016-2808 (bmo#1246061, boo#977386)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1011	Write to invalid HashMap entry through JavaScript.watch()
913 9f3ecc7dc9e3 fix PPC64LE Wolfgang Rosenauer <wr@rosenauer.org> parents: 909 diff changeset	1012	* MFSA 2016-48/CVE-2016-2820 (bmo#870870, boo#977388)
909 c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1013	Firefox Health Reports could accept events from untrusted domains
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1014
c6717354928b Firefox 46.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 908 diff changeset	1015	-------------------------------------------------------------------
908 b29b47737173 sync from mozilla:Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 907 diff changeset	1016	Thu Apr 21 12:00:28 UTC 2016 - badshah400@gmail.com
b29b47737173 sync from mozilla:Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 907 diff changeset	1017
b29b47737173 sync from mozilla:Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 907 diff changeset	1018	- Update mozilla-gtk3_20.patch to fix scrollbar appearance under
b29b47737173 sync from mozilla:Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 907 diff changeset	1019	gtk >= 3.20 (patch synced to Fedora's version).
b29b47737173 sync from mozilla:Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 907 diff changeset	1020
b29b47737173 sync from mozilla:Factory Wolfgang Rosenauer <wr@rosenauer.org> parents: 907 diff changeset	1021	-------------------------------------------------------------------
907 3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1022	Tue Apr 12 19:11:30 UTC 2016 - badshah400@gmail.com
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1023
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1024	- Compile against gtk3 depending on whether the macro
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1025	%firefox_use_gtk3 is defined or not (e.g., at the prjconf
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1026	level); macro is undefined by default and so gtk2 is used as the
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1027	default toolkit.
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1028	- Add BuildRequires for additional packages needed when building
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1029	against gtk3: pkgconfig(glib-2.0), pkgconfig(gobject-2.0),
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1030	pkgconfig(gtk+-3.0) >= 3.4.0, pkgconfig(gtk+-unix-print-3.0).
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1031	- Add firefox-gtk3_20.patch to fix appearance with gtk3 >= 3.20;
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1032	patch taken from Fedora (bmo#1230955).
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1033
3ccb278a9ceb prepare gtk3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 906 diff changeset	1034	-------------------------------------------------------------------
906 7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1035	Mon Apr 11 22:49:24 UTC 2016 - astieger@suse.com
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1036
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1037	- Mozilla Firefox 45.0.2:
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1038	* Fix an issue impacting the cookie header when third-party
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1039	cookies are blocked (bmo#1257861)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1040	* Fix a web compatibility regression impacting the srcset
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1041	attribute of the image tag (bmo#1259482)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1042	* Fix a crash impacting the video playback with Media Source
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1043	Extension (bmo#1258562)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1044	* Fix a regression impacting some specific uploads (bmo#1255735)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1045	* Fix a regression with the copy and paste with some old versions
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1046	of some Gecko applications like Thunderbird (bmo#1254980)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1047
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1048	-------------------------------------------------------------------
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1049	Fri Mar 18 08:52:58 UTC 2016 - astieger@suse.com
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1050
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1051	- Mozilla Firefox 45.0.1:
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1052	* Fix a regression causing search engine settings to be lost in
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1053	some context (bmo#1254694)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1054	* Bring back non-standard jar: URIs to fix a regression in IBM
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1055	iNotes (bmo#1255139)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1056	* XSLTProcessor.importStylesheet was failing when <import> was
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1057	used (bmo#1249572)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1058	* Fix an issue which could cause the list of search provider to
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1059	be empty (bmo#1255605)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1060	* Fix a regression when using the location bar (bmo#1254503)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1061	* Fix some loading issues when Accept third-party cookies: was
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1062	set to Never (bmo#1254856)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1063	* Disabled Graphite font shaping library
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1064
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1065	-------------------------------------------------------------------
904 6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1066	Sun Mar 6 19:52:13 UTC 2016 - wr@rosenauer.org
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1067
906 7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1068	- update to Firefox 45.0 (boo#969894)
904 6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1069	* requires NSPR 4.12 / NSS 3.21.1
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1070	* Instant browser tab sharing through Hello
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1071	* Synced Tabs button in button bar
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1072	* Tabs synced via Firefox Accounts from other devices are now shown
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1073	in dropdown area of Awesome Bar when searching
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1074	* Introduce a new preference (network.dns.blockDotOnion) to allow
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1075	blocking .onion at the DNS level
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	1076	* Tab Groups (Panorama) feature removed
906 7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1077	* MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1078	Miscellaneous memory safety hazards
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1079	* MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1080	Local file overwriting and potential privilege escalation through
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1081	CSP reports
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1082	* MFSA 2016-18/CVE-2016-1955 (bmo#1208946)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1083	CSP reports fail to strip location information for embedded iframe pages
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1084	* MFSA 2016-19/CVE-2016-1956 (bmo#1199923)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1085	Linux video memory DOS with Intel drivers
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1086	* MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1087	Memory leak in libstagefright when deleting an array during MP4
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1088	processing
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1089	* MFSA 2016-21/CVE-2016-1958 (bmo#1228754)
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 904 diff changeset	1090	Displayed page address can be overridden
7e9a2b678bba 45.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents:

author	Stefan Br?ns <stefan.bruens@rwth-aachen.de>
	Sun, 01 Oct 2017 23:16:23 +0200
branch	firefox56
changeset 997	ca8a6ac7fbf6
parent 996	84d25951c2db
child 998	6c6109948e35
permissions	-rw-r--r--