Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox78
changeset 1138 4ac678bd2a26
parent 1137 909f866430ee
child 1140 a9aa543a508a 
--- a/MozillaFirefox/MozillaFirefox.changes	Sun Jun 28 08:52:27 2020 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Thu Jul 23 16:00:58 2020 +0200
@@ -1,18 +1,105 @@
 -------------------------------------------------------------------
-Wed Jun 17 07:51:25 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
-
-- Mozilla Firefox 78.0b8
+Tue Jul 21 21:31:20 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- fixed syntax issue in desktop file (boo#1174360)
+
+-------------------------------------------------------------------
+Fri Jul 17 15:07:45 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Add mozilla-libavcodec58_91.patch to link against updated
+  soversion of libavcodec (58.91) with ffmpeg >= 4.3.
+  (patch provided by Atri Bhattacharya <badshah400@gmail.com>
+- enable MOZ_USE_XINPUT2 for TW (again) (boo#1173320)
+  (Plasma 5.19.3 is now in TW)
+
+-------------------------------------------------------------------
+Sat Jul 11 11:08:06 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 78.0.2
+  * Fixed an accessibility regression in reader mode (bmo#1650922)
+  * Made the address bar more resilient to data corruption in the
+    user profile (bmo#1649981)
+  * Fixed a regression opening certain external applications (bmo#1650162)
+  MFSA 2020-28
+  * CVE pending (bmo#1644076)
+    X-Frame-Options bypass using object or embed tags
+- added desktop file actions
+- do not use XINPUT2 for the moment until Plasma 5.19.3 has landed
+  (boo#1173993)
+- rework langpack integration (boo#1173991)
+  * ship XPIs instead of directories
+  * allow addon sideloading
+  * mark signatures for langpacks non-mandatory
+  * do not autodisable user profile scopes
+- Google API key is not usable for geolocation service
+- fix pipewire support for TW (boo#1172903)
+
+-------------------------------------------------------------------
+Wed Jul  1 07:15:02 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 78.0.1
+  * Fixed an issue which could cause installed search engines to not
+    be visible when upgrading from a previous release.
+- enable MOZ_USE_XINPUT2 for TW (boo#1173320)
+
+-------------------------------------------------------------------
+Sun Jun 28 07:17:13 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 78.0
   * startup notifications now using Gtk instead of libnotify
+  * PDF downloads now show an option to open the PDF directly in Firefox
+  * Protections Dashboard (about:protections)
+  * WebRTC not interrupted by screensaver anymore
+  * disabled TLS 1.0 and 1.1 by default
+  MFSA 2020-24 (bsc#1173576)
+  * CVE-2020-12415 (bmo#1586630)
+    AppCache manifest poisoning due to url encoded character processing
+  * CVE-2020-12416 (bmo#1639734)
+    Use-after-free in WebRTC VideoBroadcaster
+  * CVE-2020-12417 (bmo#1640737)
+    Memory corruption due to missing sign-extension for ValueTags
+    on ARM64
+  * CVE-2020-12418 (bmo#1641303)
+    Information disclosure due to manipulated URL object
+  * CVE-2020-12419 (bmo#1643874)
+    Use-after-free in nsGlobalWindowInner
+  * CVE-2020-12420 (bmo#1643437)
+    Use-After-Free when trying to connect to a STUN server
+  * CVE-2020-12402 (bmo#1631597)
+    RSA Key Generation vulnerable to side-channel attack
+  * CVE-2020-12421 (bmo#1308251)
+    Add-On updates did not respect the same certificate trust
+    rules as software updates
+  * CVE-2020-12422 (bmo#1450353)
+    Integer overflow in nsJPEGEncoder::emptyOutputBuffer
+  * CVE-2020-12423 (bmo#1642400)
+    DLL Hijacking due to searching %PATH% for a library
+  * CVE-2020-12424 (bmo#1562600)
+    WebRTC permission prompt could have been bypassed by a
+    compromised content process
+  * CVE-2020-12425 (bmo#1634738)
+    Out of bound read in Date.parse()
+  * CVE-2020-12426 (bmo#1608068, bmo#1609951, bmo#1631187, bmo#1637682)
+    Memory safety bugs fixed in Firefox 78
 - requires
-  * NSS >= 3.53
+  * NSS >= 3.53.1
   * nodejs >= 10.21
   * Gtk+3 >= 3.14
-- removed obsolete patch
+- removed obsolete patches
   * mozilla-s390-bigendian.patch
+  * mozilla-bmo1634646.patch
 - Add mozilla-pipewire-0-3.patch for openSUSE >= 15.2 to build
   WebRTC with pipewire support to enable screen sharing under
   Wayland; also add BuildRequires: pkgconfig(libpipewire-0.3)
   appropriately (boo#1172903).
+- adding SLE12 compatibility in spec file
+- add patches for s390x
+  * mozilla-bmo1602730.patch (bmo#1602730)
+  * mozilla-bmo1626236.patch (bmo#1626236)
+  * mozilla-bmo998749.patch (bmo#998749)
+  * mozilla-s390x-skia-gradient.patch
+- update create-tar.sh
+- Use same _constraints for ppc64 (BE) as ppc64le to avoid oom build failure
 
 -------------------------------------------------------------------
 Wed Jun 10 07:17:15 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>
mozilla