Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox88
changeset 1157 57fc0524b50c
parent 1156 c3d884659acf
child 1158 00846b9a35cd 
--- a/MozillaFirefox/MozillaFirefox.changes	Sat Mar 27 21:45:50 2021 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes	Sat May 29 22:52:13 2021 +0200
@@ -1,4 +1,110 @@
 -------------------------------------------------------------------
+Tue May 11 14:17:33 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- do not rely on nodejs10 anymore
+
+-------------------------------------------------------------------
+Thu May  6 13:40:10 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Relax RAM and disk constraints for aarch64
+
+-------------------------------------------------------------------
+Wed May  5 15:13:20 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 88.0.1
+  * Fixed: Resolved an issue caused by a recent Widevine plugin
+    update which prevented some purchased video content from
+    playing correctly (bmo#1705138)
+  * Fixed: Fixed corruption of videos playing on Twitter or
+    WebRTC calls on some Gen6 Intel graphics chipsets
+    (bmo#1708937)
+  * Fixed: Fixed menulists in Preferences being unreadable for
+    users with High Contrast Mode enabled (bmo#1706496)
+  MFSA 2021-20 (bsc#1185633)
+  * CVE-2021-29952 (bmo#1704227)
+    Race condition in Web Render Components
+- devel package: move macros to /usr/lib/rpm/macros.d (boo#1185658)
+
+-------------------------------------------------------------------
+Sun May  2 12:03:26 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- add compatibility for libavcodec58_134
+
+-------------------------------------------------------------------
+Sun Apr 18 09:01:32 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 88.0
+  * New: PDF forms now support JavaScript embedded in PDF files.
+    Some PDF forms use JavaScript for validation and other
+    interactive features
+  * New: Print updates: Margin units are now localized
+  * New: Smooth pinch-zooming using a touchpad is now supported
+    on Linux
+  * New: To protect against cross-site privacy leaks, Firefox now
+    isolates window.name data to the website that created it.
+    Learn more
+  * Changed: Firefox will not prompt for access to your
+    microphone or camera if you’ve already granted access to the
+    same device on the same site in the same tab within the past
+    50 seconds. This new grace period reduces the number of times
+    you’re prompted to grant device access
+  * Changed: The ‘Take a Screenshot’ feature was removed from the
+    Page Actions menu in the url bar. To take a screenshot,
+    right-click to open the context menu. You can also add a
+    screenshots shortcut directly to your toolbar via the
+    Customize menu. Open the Firefox menu and select Customize…
+  * Changed: FTP support has been disabled, and its full removal
+    is planned for an upcoming release. Addressing this security
+    risk reduces the likelihood of an attack while also removing
+    support for a non-encrypted protocol
+  * Developer: Introduced a new toggle button in the Network
+    panel for switching between JSON formatted HTTP response and
+    raw data (as received over the wire).
+    !enter image description here
+  * Enterprise: Various bug fixes and new policies have been
+    implemented in the latest version of Firefox. You can see
+    more details in the Firefox for Enterprise 88 Release Notes.
+  * Fixed: Screen readers no longer incorrectly read content that
+    websites have visually hidden, as in the case of articles in
+    the Google Help panel
+  MFSA 2021-16 (bsc#1184960)
+  * CVE-2021-23994 (bmo#1699077)
+    Out of bound write due to lazy initialization
+  * CVE-2021-23995 (bmo#1699835)
+    Use-after-free in Responsive Design Mode
+  * CVE-2021-23996 (bmo#1701834)
+    Content rendered outside of webpage viewport
+  * CVE-2021-23997 (bmo#1701942)
+    Use-after-free when freeing fonts from cache
+  * CVE-2021-23998 (bmo#1667456)
+    Secure Lock icon could have been spoofed
+  * CVE-2021-23999 (bmo#1691153)
+    Blob URLs may have been granted additional privileges
+  * CVE-2021-24000 (bmo#1694698)
+    requestPointerLock() could be applied to a tab different from
+    the visible tab
+  * CVE-2021-24001 (bmo#1694727)
+    Testing code could have enabled session history manipulations
+    by a compromised content process
+  * CVE-2021-24002 (bmo#1702374)
+    Arbitrary FTP command execution on FTP servers using an
+    encoded URL
+  * CVE-2021-29945 (bmo#1700690)
+    Incorrect size computation in WebAssembly JIT could lead to
+    null-reads
+  * CVE-2021-29944 (bmo#1697604)
+    HTML injection vulnerability in Firefox for Android's Reader View
+  * CVE-2021-29946 (bmo#1698503)
+    Port blocking could be bypassed
+  * CVE-2021-29947 (bmo#1651449, bmo#1674142, bmo#1693476,
+    bmo#1696886, bmo#1700091)
+    Memory safety bugs fixed in Firefox 88
+- requires
+  * NSPR 4.30
+  * NSS 3.63.1
+- align wayland support logic
+
+-------------------------------------------------------------------
 Sat Mar 27 10:40:46 UTC 2021 - Manfred Hollstein <manfred.h@gmx.net>
 
 - Switch to clang_build globally; just on TW/x86_64 it does not work
mozilla