|
1 ------------------------------------------------------------------- |
|
2 Wed Jul 6 18:35:47 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de> |
|
3 |
|
4 - Firefox 102.0.1: |
|
5 * Fixed: Fixed bookmarks sidebar flashing white when opened in |
|
6 dark mode (bmo#1776157) |
|
7 * Fixed: Fixed multilingual spell checking not working with |
|
8 content in both English and a non-Latin alphabet |
|
9 (bmo#1773802) |
|
10 * Fixed: Developer tools: Fixed an issue where the console |
|
11 output keep getting scrolled to the bottom when the last |
|
12 visible message is an evaluation result (bmo#1776262) |
|
13 * Fixed: Fixed *Delete cookies and site data when Firefox is |
|
14 closed* checkbox getting disabled on startup (bmo#1777419) |
|
15 * Fixed: Various stability fixes |
|
16 |
|
17 ------------------------------------------------------------------- |
|
18 Sat Jun 25 12:51:46 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org> |
|
19 |
|
20 - Firefox 102.0 |
|
21 * You can now disable automatic opening of the download panel |
|
22 every time a new download starts |
|
23 * Firefox now mitigates query parameter tracking when navigating |
|
24 sites in ETP strict mode |
|
25 * Improved security by moving audio decoding into a separate |
|
26 process with stricter sandboxing, thus improving process isolation |
|
27 * https://www.mozilla.org/en-US/firefox/102.0/releasenotes |
|
28 MFSA 2022-24 (bsc#1200793) |
|
29 * CVE-2022-34479 (bmo#1745595) |
|
30 A popup window could be resized in a way to overlay the |
|
31 address bar with web content |
|
32 * CVE-2022-34470 (bmo#1765951) |
|
33 Use-after-free in nsSHistory |
|
34 * CVE-2022-34468 (bmo#1768537) |
|
35 CSP sandbox header without `allow-scripts` can be bypassed |
|
36 via retargeted javascript: URI |
|
37 * CVE-2022-34482 (bmo#845880) |
|
38 Drag and drop of malicious image could have led to malicious |
|
39 executable and potential code execution |
|
40 * CVE-2022-34483 (bmo#1335845) |
|
41 Drag and drop of malicious image could have led to malicious |
|
42 executable and potential code execution |
|
43 * CVE-2022-34476 (bmo#1387919) |
|
44 ASN.1 parser could have been tricked into accepting malformed ASN.1 |
|
45 * CVE-2022-34481 (bmo#1483699, bmo#1497246) |
|
46 Potential integer overflow in ReplaceElementsAt |
|
47 * CVE-2022-34474 (bmo#1677138) |
|
48 Sandboxed iframes could redirect to external schemes |
|
49 * CVE-2022-34469 (bmo#1721220) |
|
50 TLS certificate errors on HSTS-protected domains could be |
|
51 bypassed by the user on Firefox for Android |
|
52 * CVE-2022-34471 (bmo#1766047) |
|
53 Compromised server could trick a browser into an addon downgrade |
|
54 * CVE-2022-34472 (bmo#1770123) |
|
55 Unavailable PAC file resulted in OCSP requests being blocked |
|
56 * CVE-2022-34478 (bmo#1773717) |
|
57 Microsoft protocols can be attacked if a user accepts a prompt |
|
58 * CVE-2022-2200 (bmo#1771381) |
|
59 Undesired attributes could be set as part of prototype pollution |
|
60 * CVE-2022-34480 (bmo#1454072) |
|
61 Free of uninitialized pointer in lg_init |
|
62 * CVE-2022-34477 (bmo#1731614) |
|
63 MediaError message property leaked information on cross- |
|
64 origin same-site pages |
|
65 * CVE-2022-34475 (bmo#1757210) |
|
66 HTML Sanitizer could have been bypassed via same-origin |
|
67 script via use tags |
|
68 * CVE-2022-34473 (bmo#1770888) |
|
69 HTML Sanitizer could have been bypassed via use tags |
|
70 * CVE-2022-34484 (bmo#1763634, bmo#1772651) |
|
71 Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 |
|
72 * CVE-2022-34485 (bmo#1768409, bmo#1768578) |
|
73 Memory safety bugs fixed in Firefox 102 |
|
74 - requires |
|
75 NSPR >= 4.34 |
|
76 NSS >= 3.79 |
|
77 rust = 1.60 |
|
78 - switch out skia-patches with webrender-patches for big endian |
|
79 removed: |
|
80 * mozilla-bmo1504834-part2.patch |
|
81 * mozilla-bmo1504834-part4.patch |
|
82 * mozilla-bmo1626236.patch |
|
83 added: |
|
84 * one_swizzle_to_rule_them_all.patch |
|
85 * svg-rendering.patch |
|
86 - add some more returns to the no-return-patch |
|
87 |
1 ------------------------------------------------------------------- |
88 ------------------------------------------------------------------- |
2 Fri Jun 10 20:45:37 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de> |
89 Fri Jun 10 20:45:37 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de> |
3 |
90 |
4 - Mozilla Firefox 101.0.1: |
91 - Mozilla Firefox 101.0.1: |
5 * Fixed context menus not appearing when right-clicking |
92 * Fixed context menus not appearing when right-clicking |