1 -------------------------------------------------------------------

     2 Tue Feb 13 21:21:15 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>

     3 

     4 - Mozilla Firefox 122.0.1

     5   https://www.mozilla.org/en-US/firefox/122.0.1/releasenotes/

     6   * Fixed the Library and Sidebar context menus only displaying

     7     Multi-Account Containers icons in the "Open in New Container

     8     Tab" menu. (bmo#1876518)

     9   * Fixed an issue when clicking the Dismiss button in

    10     notification pop-ups on Windows causing a webpage in a new tab.

    11     (bmo#1848801)

    12   * Fixed the yaru-remix system theme not applying correctly on

    13     Linux. (bmo#1877002)

    14   * Fixed adding an extra new line to a rule in the Developer

    15     Tools' Inspector when copying it to the clipboard.

    16     (bmo#1876220)

    17   * Rolled back a keyboard behavior change made to the Developer

    18     Tools' Rules view when validating a property name or input with

    19     the Enter key.

    20     This moves the focus to the next input, as was the behavior

    21     in Firefox 121. (bmo#1877457)

    22 

    23 -------------------------------------------------------------------

    24 Tue Jan 30 13:51:25 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>

    25 

    26 - Recommend libfido2-udev on codestreams that exist, in order to try

    27   to get security keys (e.g. Yubikeys) work out of the box. (bsc#1184272)

    28 

    29 -------------------------------------------------------------------

    30 Sat Jan 27 23:12:05 UTC 2024 - Andreas Schwab <schwab@suse.de>

    31 

    32 - Fix file list

    33 

    34 -------------------------------------------------------------------

    35 Sun Jan 21 09:16:30 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>

    36 

    37 - Mozilla Firefox 122.0

    38   https://www.mozilla.org/en-US/firefox/122.0/releasenotes/

    39   MFSA 2024-01 (bsc#1218955)

    40   * CVE-2024-0741 (bmo#1864587)

    41     Out of bounds write in ANGLE

    42   * CVE-2024-0742 (bmo#1867152)

    43     Failure to update user input timestamp

    44   * CVE-2024-0743 (bmo#1867408)

    45     Crash in NSS TLS method

    46   * CVE-2024-0744 (bmo#1871089)

    47     Wild pointer dereference in JavaScript

    48   * CVE-2024-0745 (bmo#1871838)

    49     Stack buffer overflow in WebAudio

    50   * CVE-2024-0746 (bmo#1660223)

    51     Crash when listing printers on Linux

    52   * CVE-2024-0747 (bmo#1764343)

    53     Bypass of Content Security Policy when directive unsafe-inline was set

    54   * CVE-2024-0748 (bmo#1783504)

    55     Compromised content process could modify document URI

    56   * CVE-2024-0749 (bmo#1813463)

    57     Phishing site popup could show local origin in address bar

    58   * CVE-2024-0750 (bmo#1863083)

    59     Potential permissions request bypass via clickjacking

    60   * CVE-2024-0751 (bmo#1865689)

    61     Privilege escalation through devtools

    62   * CVE-2024-0752 (bmo#1866840)

    63     Use-after-free could occur when applying update on macOS

    64   * CVE-2024-0753 (bmo#1870262)

    65     HSTS policy on subdomain could bypass policy of upper domain

    66   * CVE-2024-0754 (bmo#1871605)

    67     Crash when using some WASM files in devtools

    68   * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)

    69     Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,

    70     and Thunderbird 115.7

    71 - requires NSS 3.96.1

    72 - rebased patches

    73