|
1 ------------------------------------------------------------------- |
|
2 Sun Jan 30 23:58:34 UTC 2022 - Dirk Müller <dmueller@suse.com> |
|
3 |
|
4 - disable ccache, this adds about 1 minute of build time and |
|
5 over 2 GB of disk space usage without benefit on OBS builds |
|
6 - build with rust-simd like upstream does |
|
7 - use -g1 for debuginfo generation as this is what upstream |
|
8 does as well and it saves ~ 2GB of writes |
|
9 - use %limit on x86_64 to scale down to less capable workers |
|
10 - disable install stripping so that debuginfo is useful |
|
11 - use autopatch |
|
12 - cleanup constraints to specify only jobs, physicalmemory |
|
13 and memoryperjob to be more flexible on which host to build |
|
14 on |
|
15 |
|
16 ------------------------------------------------------------------- |
|
17 Fri Jan 28 15:26:45 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org> |
|
18 |
|
19 - Mozilla Firefox 96.0.3 (bsc#1195230) |
|
20 * Fixed an issue that allowed unexpected data to be submitted in |
|
21 some of our search telemetry (bmo#1752317) |
|
22 |
|
23 ------------------------------------------------------------------- |
|
24 Mon Jan 24 07:42:03 UTC 2022 - Martin Liška <mliska@suse.cz> |
|
25 |
|
26 - Enable -fimplicit-constexpr for GCC 12+. |
|
27 |
|
28 ------------------------------------------------------------------- |
|
29 Thu Jan 20 23:21:44 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de> |
|
30 |
|
31 - Mozilla Firefox 96.0.2 |
|
32 * Fix an issue that caused tab height to display inconsistently |
|
33 on Linux when audio was played (bmo#1714276) |
|
34 * Fix an issue that caused Lastpass dropdowns to appear blank in |
|
35 Private Browsing mode (bmo#1748158) |
|
36 * Fix a crash encountered when resizing a Facebook app |
|
37 (bmo#1746084) |
|
38 |
|
39 ------------------------------------------------------------------- |
|
40 Fri Jan 14 16:56:42 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de> |
|
41 |
|
42 - Mozilla Firefox 96.0.1 |
|
43 * Fixed: Improvements to make the parsing of content-length |
|
44 headers more robust (bmo#1749957, boo#1194677) |
|
45 |
|
46 ------------------------------------------------------------------- |
|
47 Sat Jan 8 10:32:46 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org> |
|
48 |
|
49 - Mozilla Firefox 96.0 |
|
50 * https://www.mozilla.org/en-US/firefox/96.0/releasenotes |
|
51 MFSA 2022-01 (bsc#1194547) |
|
52 * CVE-2022-22746 (bmo#1735071) |
|
53 Calling into reportValidity could have lead to fullscreen |
|
54 window spoof |
|
55 * CVE-2022-22743 (bmo#1739220) |
|
56 Browser window spoof using fullscreen mode |
|
57 * CVE-2022-22742 (bmo#1739923) |
|
58 Out-of-bounds memory access when inserting text in edit mode |
|
59 * CVE-2022-22741 (bmo#1740389) |
|
60 Browser window spoof using fullscreen mode |
|
61 * CVE-2022-22740 (bmo#1742334) |
|
62 Use-after-free of ChannelEventQueue::mOwner |
|
63 * CVE-2022-22738 (bmo#1742382) |
|
64 Heap-buffer-overflow in blendGaussianBlur |
|
65 * CVE-2022-22737 (bmo#1745874) |
|
66 Race condition when playing audio files |
|
67 * CVE-2021-4140 (bmo#1746720) |
|
68 Iframe sandbox bypass with XSLT |
|
69 * CVE-2022-22750 (bmo#1566608) |
|
70 IPC passing of resource handles could have lead to sandbox |
|
71 bypass |
|
72 * CVE-2022-22749 (bmo#1705094) |
|
73 Lack of URL restrictions when scanning QR codes |
|
74 * CVE-2022-22748 (bmo#1705211) |
|
75 Spoofed origin on external protocol launch dialog |
|
76 * CVE-2022-22745 (bmo#1735856) |
|
77 Leaking cross-origin URLs through securitypolicyviolation |
|
78 event |
|
79 * CVE-2022-22744 (bmo#1737252) |
|
80 The 'Copy as curl' feature in DevTools did not fully escape |
|
81 website-controlled data, potentially leading to command |
|
82 injection |
|
83 * CVE-2022-22747 (bmo#1735028) |
|
84 Crash when handling empty pkcs7 sequence |
|
85 * CVE-2022-22736 (bmo#1742692) |
|
86 Potential local privilege escalation when loading modules |
|
87 from the install directory. |
|
88 * CVE-2022-22739 (bmo#1744158) |
|
89 Missing throttling on external protocol launch dialog |
|
90 * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366, |
|
91 bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869, |
|
92 bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011) |
|
93 Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 |
|
94 * CVE-2022-22752 (bmo#1740534, bmo#1741210, bmo#1742770) |
|
95 Memory safety bugs fixed in Firefox 96 |
|
96 - removed obsolete patches |
|
97 * mozilla-bmo1745560.patch |
|
98 * mozilla-bmo1744896.patch |
|
99 * mozilla-sandbox-fips.patch |
|
100 - requires |
|
101 NSPR >= 4.33 |
|
102 NSS >= 3.73.1 |
|
103 |
1 ------------------------------------------------------------------- |
104 ------------------------------------------------------------------- |
2 Tue Dec 28 17:45:28 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com> |
105 Tue Dec 28 17:45:28 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com> |
3 |
106 |
4 - Add upstream patches: |
107 - Add upstream patches: |
5 * mozilla-bmo1745560.patch: Fix build against wayland 1.20. |
108 * mozilla-bmo1745560.patch: Fix build against wayland 1.20. |