--- a/MozillaFirefox/MozillaFirefox.changes Sun Nov 15 09:35:28 2020 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Thu Dec 10 14:36:59 2020 +0100
@@ -1,7 +1,85 @@
-------------------------------------------------------------------
+Sat Nov 21 08:12:17 UTC 2020 - Kirill Kirillov <kkirill@opensuse.org>
+
+- Add/Enable GNOME search provider
+
+-------------------------------------------------------------------
+Sun Nov 15 12:16:53 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 83.0
+ * major update for SpiderMonkey improving performance significantly
+ * optional HTTPS-Only mode
+ * more improvements
+ https://www.mozilla.org/en-US/firefox/83.0/releasenotes/
+ MFSA 2020-50 (bsc#1178824))
+ * CVE-2020-26951 (bmo#1667113)
+ Parsing mismatches could confuse and bypass security
+ sanitizer for chrome privileged code
+ * CVE-2020-26952 (bmo#1667685)
+ Out of memory handling of JITed, inlined functions could lead
+ to a memory corruption
+ * CVE-2020-16012 (bmo#1642028)
+ Variable time processing of cross-origin images during
+ drawImage calls
+ * CVE-2020-26953 (bmo#1656741)
+ Fullscreen could be enabled without displaying the security UI
+ * CVE-2020-26954 (bmo#1657026)
+ Local spoofing of web manifests for arbitrary pages in
+ Firefox for Android
+ * CVE-2020-26955 (bmo#1663261)
+ Cookies set during file downloads are shared between normal
+ and Private Browsing Mode in Firefox for Android
+ * CVE-2020-26956 (bmo#1666300)
+ XSS through paste (manual and clipboard API)
+ * CVE-2020-26957 (bmo#1667179)
+ OneCRL was not working in Firefox for Android
+ * CVE-2020-26958 (bmo#1669355)
+ Requests intercepted through ServiceWorkers lacked MIME type
+ restrictions
+ * CVE-2020-26959 (bmo#1669466)
+ Use-after-free in WebRequestService
+ * CVE-2020-26960 (bmo#1670358)
+ Potential use-after-free in uses of nsTArray
+ * CVE-2020-15999 (bmo#1672223)
+ Heap buffer overflow in freetype
+ * CVE-2020-26961 (bmo#1672528)
+ DoH did not filter IPv4 mapped IP Addresses
+ * CVE-2020-26962 (bmo#610997)
+ Cross-origin iframes supported login autofill
+ * CVE-2020-26963 (bmo#1314912)
+ History and Location interfaces could have been used to hang
+ the browser
+ * CVE-2020-26964 (bmo#1658865)
+ Firefox for Android's Remote Debugging via USB could have
+ been abused by untrusted apps on older versions of Android
+ * CVE-2020-26965 (bmo#1661617)
+ Software keyboards may have remembered typed passwords
+ * CVE-2020-26966 (bmo#1663571)
+ Single-word search queries were also broadcast to local
+ network
+ * CVE-2020-26967 (bmo#1665820)
+ Mutation Observers could break or confuse Firefox Screenshots
+ feature
+ * CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697,
+ bmo#1657739, bmo#1660236, bmo#1667912, bmo#1671479,
+ bmo#1671923)
+ Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
+ * CVE-2020-26969 (bmo#1623920, bmo#1651705, bmo#1667872,
+ bmo#1668876)
+ Memory safety bugs fixed in Firefox 83
+- requires
+ NSS >= 3.58
+ nodejs >= 10.22.1
+- removed obsolete mozilla-ppc-altivec_static_inline.patch
+- disable LTO on TW because of ICEs in gcc
+
+-------------------------------------------------------------------
Mon Nov 9 10:15:52 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
- Mozilla Firefox 82.0.3
+ MSFA 2020-49
+ * CVE-2020-26950 (bmo#1675905)
+ Write side effects in MCallGetProperty opcode not accounted for
-------------------------------------------------------------------
Mon Nov 2 09:00:13 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
@@ -10,6 +88,11 @@
* few bugfixes for introduced regressions
-------------------------------------------------------------------
+Sun Nov 1 20:15:17 UTC 2020 - Kirill Kirillov <kkirill@opensuse.org>
+
+- Enable GNOME search provider
+
+-------------------------------------------------------------------
Thu Oct 15 20:44:47 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
- Mozilla Firefox 82.0