|
1 ------------------------------------------------------------------- |
|
2 Tue Dec 28 17:45:28 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com> |
|
3 |
|
4 - Add upstream patches: |
|
5 * mozilla-bmo1745560.patch: Fix build against wayland 1.20. |
|
6 * mozilla-bmo1744896.patch: Create WaylandVsyncSource on window |
|
7 creation |
|
8 |
|
9 ------------------------------------------------------------------- |
|
10 Mon Dec 20 21:57:30 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org> |
|
11 |
|
12 - Mozilla Firefox 95.0.2 |
|
13 * Addresses frequent crashes experienced by users with C/E/Z-Series |
|
14 "Bobcat" CPUs running on Windows 7, 8, and 8.1. |
|
15 - updated constraints for ppc and x86-64 |
|
16 |
|
17 ------------------------------------------------------------------- |
|
18 Fri Dec 17 13:49:16 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org> |
|
19 |
|
20 - Mozilla Firefox 95.0.1 (bsc#1193845) |
|
21 * Fixed frequent |
|
22 MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING error |
|
23 messages when trying to connect to various microsoft.com |
|
24 domains (bmo#1745600) |
|
25 * Fix for a WebRender crash on some Linux/X11 systems (bmo#1741956) |
|
26 * Fix for a frequent Windows shutdown crash (bmo#1738984) |
|
27 * Fix websites contrast issues for some Linux users with |
|
28 Dark mode set at OS level (bmo#1740518) |
|
29 |
|
30 ------------------------------------------------------------------- |
|
31 Sat Dec 4 12:07:21 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org> |
|
32 |
|
33 - Mozilla Firefox 95.0 |
|
34 * You can now move the Picture-in-Picture toggle button to the |
|
35 opposite side of the video. Simply look for the new context menu |
|
36 option Move Picture-in-Picture Toggle to Left (Right) Side. |
|
37 * To better protect Firefox users against side-channel attacks such |
|
38 as Spectre, Site Isolation is now enabled for all Firefox 95 users. |
|
39 * https://www.mozilla.org/en-US/firefox/95.0/releasenotes |
|
40 MFSA 2021-52 (bsc#1193485) |
|
41 * CVE-2021-43536 (bmo#1730120) |
|
42 URL leakage when navigating while executing asynchronous |
|
43 function |
|
44 * CVE-2021-43537 (bmo#1738237) |
|
45 Heap buffer overflow when using structured clone |
|
46 * CVE-2021-43538 (bmo#1739091) |
|
47 Missing fullscreen and pointer lock notification when |
|
48 requesting both |
|
49 * CVE-2021-43539 (bmo#1739683) |
|
50 GC rooting failure when calling wasm instance methods |
|
51 * MOZ-2021-0010 (bmo#1735852) |
|
52 Use-after-free in fullscreen objects on MacOS |
|
53 * CVE-2021-43540 (bmo#1636629) |
|
54 WebExtensions could have installed persistent ServiceWorkers |
|
55 * CVE-2021-43541 (bmo#1696685) |
|
56 External protocol handler parameters were unescaped |
|
57 * CVE-2021-43542 (bmo#1723281) |
|
58 XMLHttpRequest error codes could have leaked the existence of |
|
59 an external protocol handler |
|
60 * CVE-2021-43543 (bmo#1738418) |
|
61 Bypass of CSP sandbox directive when embedding |
|
62 * CVE-2021-43544 (bmo#1739934) |
|
63 Receiving a malicious URL as text through a SEND intent could |
|
64 have led to XSS |
|
65 * CVE-2021-43545 (bmo#1720926) |
|
66 Denial of Service when using the Location API in a loop |
|
67 * CVE-2021-43546 (bmo#1737751) |
|
68 Cursor spoofing could overlay user interface when native |
|
69 cursor is zoomed |
|
70 * MOZ-2021-0009 (bmo#1393362, bmo#1736046, bmo#1736751, |
|
71 bmo#1737009, bmo#1739372, bmo#1739421) |
|
72 Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 |
|
73 - requires |
|
74 NSS >= 3.72 |
|
75 |
1 ------------------------------------------------------------------- |
76 ------------------------------------------------------------------- |
2 Thu Dec 2 20:32:42 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de> |
77 Thu Dec 2 20:32:42 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de> |
3 |
78 |
4 - remove x-scheme-handler/ftp from firefox.desktop boo#1193321 |
79 - remove x-scheme-handler/ftp from firefox.desktop boo#1193321 |
5 |
80 |