Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox74
changeset 1124 f890ebd6b627
parent 1123 7fa561e5d7c7
child 1125 3fd9346c90a6 
--- a/MozillaFirefox/MozillaFirefox.changes	Mon Mar 30 21:49:01 2020 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Mon Apr 20 14:12:08 2020 +0200
@@ -1,4 +1,49 @@
 -------------------------------------------------------------------
+Tue Apr  7 12:18:27 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 75.0
+  * https://www.mozilla.org/en-US/firefox/75.0/releasenotes
+  MFSA 2020-12 (bsc#1168874)
+  * CVE-2020-6821 (bmo#1625404)
+    Uninitialized memory could be read when using the WebGL
+    copyTexSubImage method
+  * CVE-2020-6822 (bmo#1544181)
+    Out of bounds write in GMPDecodeData when processing large images
+  * CVE-2020-6823 (bmo#1614919)
+    Malicious Extension could obtain auth codes from OAuth login flows
+  * CVE-2020-6824 (bmo#1621853)
+    Generated passwords may be identical on the same site between
+    separate private browsing sessions
+  * CVE-2020-6825 (bmo#1572541,bmo#1620193,bmo#1620203)
+    Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7
+  * CVE-2020-6826 (bmo#1613009,bmo#1613195,bmo#1616734,bmo#1617488,
+    bmo#1619229,bmo#1620719,bmo#1624897)
+    Memory safety bugs fixed in Firefox 75
+- removed obsolete patch
+  mozilla-bmo1609538.patch
+- requires
+  * rust >= 1.41
+  * rust-cbindgen >= 0.13.1
+  * mozilla-nss >= 3.51
+  * nodejs10 >= 10.19
+- fix build issue in libvpx for i586 via mozilla-bmo1622013.patch
+
+-------------------------------------------------------------------
+Mon Apr  6 11:19:24 UTC 2020 - Michel Normand <normand@linux.vnet.ibm.com>
+
+- increase _constraints memory for ppc64le
+
+-------------------------------------------------------------------
+Fri Apr  3 15:23:28 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 74.0.1
+  MFSA 2020-11 (boo#1168630)
+  * CVE-2020-6819 (bmo#1620818)
+    Use-after-free while running the nsDocShell destructor
+  * CVE-2020-6820 (bmo#1626728)
+    Use-after-free when handling a ReadableStream
+
+-------------------------------------------------------------------
 Wed Mar 25 07:30:39 UTC 2020 - Marcus Meissner <meissner@suse.com>
 
 - mozilla-sandbox-fips.patch: allow /proc/sys/crypto/fips_enabled
mozilla