--- a/MozillaFirefox/MozillaFirefox.changes Tue Jun 07 21:44:20 2016 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Wed Jun 08 13:45:00 2016 +0200
@@ -1,4 +1,82 @@
-------------------------------------------------------------------
+Tue Jun 7 19:47:25 UTC 2016 - wr@rosenauer.org
+
+- update to Firefox 47.0 (boo#983549)
+ * Enable VP9 video codec for users with fast machines
+ * Embedded YouTube videos now play with HTML5 video if Flash is
+ not installed
+ * View and search open tabs from your smartphone or another
+ computer in a sidebar
+ * Allow no-cache on back/forward navigations for https resources
+ security fixes:
+ * MFSA 2016-49/CVE-2016-2815/CVE-2016-2818
+ (boo#983638)
+ (bmo#1241896, bmo#1242798, bmo#1243466, bmo#1245743,
+ bmo#1264300, bmo#1271037, bmo#1234147, bmo#1256493,
+ bmo#1256739, bmo#1256968, bmo#1261230, bmo#1261752,
+ bmo#1263384, bmo#1264575, bmo#1265577, bmo#1267130,
+ bmo#1269729, bmo#1273202, bmo#1273701)
+ Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
+ * MFSA 2016-50/CVE-2016-2819 (boo#983655) (bmo#1270381)
+ Buffer overflow parsing HTML5 fragments
+ * MFSA 2016-51/CVE-2016-2821 (bsc#983653) (bmo#1271460)
+ Use-after-free deleting tables from a contenteditable document
+ * MFSA 2016-52/CVE-2016-2822 (boo#983652) (bmo#1273129)
+ Addressbar spoofing though the SELECT element
+ * MFSA 2016-53/CVE-2016-2824 (boo#983651) (bmo#1248580)
+ Out-of-bounds write with WebGL shader
+ * MFSA 2016-54/CVE-2016-2825 (boo#983649) (bmo#1193093)
+ Partial same-origin-policy through setting location.host
+ through data URI
+ * MFSA 2016-56/CVE-2016-2828 (boo#983646) (bmo#1223810)
+ Use-after-free when textures are used in WebGL operations
+ after recycle pool destruction
+ * MFSA 2016-57/CVE-2016-2829 (boo#983644) (bmo#1248329)
+ Incorrect icon displayed on permissions notifications
+ * MFSA 2016-58/CVE-2016-2831 (boo#983643) (bmo#1261933)
+ Entering fullscreen and persistent pointerlock without user
+ permission
+ * MFSA 2016-59/CVE-2016-2832 (boo#983632) (bmo#1025267)
+ Information disclosure of disabled plugins through CSS
+ pseudo-classes
+ * MFSA 2016-60/CVE-2016-2833 (boo#983640) (bmo#908933)
+ Java applets bypass CSP protections
+ * MFSA 2016-62/CVE-2016-2834 (boo#983639) (bmo#1206283,
+ bmo#1221620, bmo#1241034, bmo#1241037)
+ Network Security Services (NSS) vulnerabilities
+ fixed by requiring NSS 3.23
+ packaging changes:
+ * cleanup configure options (boo#981695):
+ - notably remove GStreamer support which is gone from FF
+ * remove obsolete patches
+ - mozilla-libproxy.patch
+ - mozilla-repo.patch
+
+-------------------------------------------------------------------
+Wed May 25 16:36:23 UTC 2016 - badshah400@gmail.com
+
+- The conditional testing for gcc was failing for different
+ openSUSE versions, drop it and apply patches unconditionally.
+
+-------------------------------------------------------------------
+Mon May 23 15:30:27 UTC 2016 - badshah400@gmail.com
+
+- Add patches to fix building with gcc6:
+ + mozilla-gcc6.patch: fix building with gcc >= 6.1; patch
+ taken from upstream:
+ https://hg.mozilla.org/mozilla-central/rev/55212130f19d.
+ + mozilla-exclude-nametablecpp.patch: Exclude NameTable.cpp
+ from unified compilation because #include <cmath> in other
+ source files causes gcc6 compilation failure; patch taken from
+ upstream:
+ https://hg.mozilla.org/mozilla-central/rev/9c57b7cacffc.
+
+-------------------------------------------------------------------
+Fri May 13 00:00:00 CEST 2016 - dsterba@suse.cz
+
+- enable build with PIE and full relro on x86_64 (boo#980384)
+
+-------------------------------------------------------------------
Wed May 4 10:27:43 UTC 2016 - wr@rosenauer.org
- update to Firefox 46.0.1