|
1 ------------------------------------------------------------------- |
|
2 Thu Nov 8 14:59:13 UTC 2018 - wr@rosenauer.org |
|
3 |
|
4 - update to Firefox 63.0.1 |
|
5 * Snippets are not loaded due to missing element (bmo#1503047) |
|
6 * Print preview always shows 30& scale when it is actually |
|
7 Shrink To Fit (bmo#1501952) |
|
8 * Dialog displayed when closing multiple windows shows unreplaced |
|
9 %1$S placeholder in Japanese and potentially other locales |
|
10 (bmo#1500823) |
|
11 |
1 ------------------------------------------------------------------- |
12 ------------------------------------------------------------------- |
2 Mon Oct 29 14:07:51 UTC 2018 - wr@rosenauer.org |
13 Mon Oct 29 14:07:51 UTC 2018 - wr@rosenauer.org |
3 |
14 |
4 - update to Firefox 63.0 |
15 - update to Firefox 63.0 |
5 * WebExtensions now run in their own process on Linux |
16 * WebExtensions now run in their own process on Linux |
6 * The Ctrl+Tab shortcut now displays thumbnail previews of your |
17 * The Ctrl+Tab shortcut now displays thumbnail previews of your |
7 tabs and cycles through tabs in recently used order. This new |
18 tabs and cycles through tabs in recently used order. This new |
8 default behavior is activated only in new profiles and can be |
19 default behavior is activated only in new profiles and can be |
9 changed in preferences. |
20 changed in preferences. |
10 * Added support for Web Components custom elements and shadow DOM |
21 * Added support for Web Components custom elements and shadow DOM |
|
22 MFSA 2018-26 (bsc#1112852) |
|
23 * CVE-2018-12391 (bmo#1478843) (Android-only) |
|
24 HTTP Live Stream audio data is accessible cross-origin |
|
25 * CVE-2018-12392 (bmo#1492823) |
|
26 Crash with nested event loops |
|
27 * CVE-2018-12393 (bmo#1495011) (only affects non-64-bit archs) |
|
28 Integer overflow during Unicode conversion while loading JavaScript |
|
29 * CVE-2018-12395 (bmo#1467523) |
|
30 WebExtension bypass of domain restrictions through header rewriting |
|
31 * CVE-2018-12396 (bmo#1483602) |
|
32 WebExtension content scripts can execute in disallowed contexts |
|
33 * CVE-2018-12397 (bmo#1487478) |
|
34 Missing warning prompt when WebExtension requests local file access |
|
35 * CVE-2018-12398 (bmo#1460538, bmo#1488061) |
|
36 CSP bypass through stylesheet injection in resource URIs |
|
37 * CVE-2018-12399 (bmo#1490276) |
|
38 Spoofing of protocol registration notification bar |
|
39 * CVE-2018-12400 (bmo#1448305) (Android only) |
|
40 Favicons are cached in private browsing mode on Firefox for Android |
|
41 * CVE-2018-12401 (bmo#1422456) |
|
42 DOS attack through special resource URI parsing |
|
43 * CVE-2018-12402 (bmo#1469916) |
|
44 SameSite cookies leak when pages are explicitly saved |
|
45 * CVE-2018-12403 (bmo#1484753) |
|
46 Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP |
|
47 * CVE-2018-12388 (bmo#1472639, bmo#1485698, bmo#1301547, bmo#1471427, |
|
48 bmo#1379411, bmo#1482122, bmo#1486314, bmo#1487167) |
|
49 Memory safety bugs fixed in Firefox 63 |
|
50 * CVE-2018-12390 (bmo#1487098, bmo#1487660, bmo#1490234, bmo#1496159, |
|
51 bmo#1443748, bmo#1496340, bmo#1483905, bmo#1493347, bmo#1488803, |
|
52 bmo#1498701, bmo#1498482, bmo#1442010, bmo#1495245, bmo#1483699, |
|
53 bmo#1469486, bmo#1484905, bmo#1490561, bmo#1492524, bmo#1481844) |
|
54 Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 |
11 - requires NSPR 4.20, NSS 3.39 and Rust 1.28 |
55 - requires NSPR 4.20, NSS 3.39 and Rust 1.28 |
|
56 - latest rust does not provide rust-std so stop requiring it |
12 |
57 |
13 ------------------------------------------------------------------- |
58 ------------------------------------------------------------------- |
14 Thu Oct 25 14:39:04 UTC 2018 - guillaume.gardet@opensuse.org |
59 Thu Oct 25 14:39:04 UTC 2018 - guillaume.gardet@opensuse.org |
15 |
60 |
16 - Update _constraints for armv6/7 |
61 - Update _constraints for armv6/7 |