diff -r 4fd43e0d4a8f -r a9aa543a508a MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Thu Jul 23 16:04:32 2020 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Sat Aug 22 08:33:39 2020 +0200 @@ -1,4 +1,56 @@ ------------------------------------------------------------------- +Thu Aug 20 13:07:33 UTC 2020 - Martin Liška + +- Use new memoryperjob _constraints instead of %limit_build macro. + +------------------------------------------------------------------- +Mon Aug 10 09:19:38 UTC 2020 - Wolfgang Rosenauer + +- use ccache for build +- replace versioned RPM deps with requires_ge +- parallelize locale build + +------------------------------------------------------------------- +Thu Aug 6 14:37:16 UTC 2020 - Yunhe Guo + +- Change *.appdata.xml location to latest AppStream standard + +------------------------------------------------------------------- +Thu Jul 23 21:00:34 UTC 2020 - Wolfgang Rosenauer + +- Mozilla Firefox 79.0 + MFSA 2020-30 (bsc#1174538) + * CVE-2020-15652 (bmo#1634872) + Potential leak of redirect targets when loading scripts in a worker + * CVE-2020-6514 (bmo#1642792) + WebRTC data channel leaks internal address to peer + * CVE-2020-15655 (bmo#1645204) + Extension APIs could be used to bypass Same-Origin Policy + * CVE-2020-15653 (bmo#1521542) + Bypassing iframe sandbox when allowing popups + * CVE-2020-6463 (bmo#1635293) + Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture + * CVE-2020-15656 (bmo#1647293) + Type confusion for special arguments in IonMonkey + * CVE-2020-15658 (bmo#1637745) + Overriding file type when saving to disk + * CVE-2020-15657 (bmo#1644954) + DLL hijacking due to incorrect loading path + * CVE-2020-15654 (bmo#1648333) + Custom cursor can overlay user interface + * CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1638856, + bmo#1643613, bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646220, + bmo#1646787, bmo#1649347, bmo#1650811, bmo#1651678) + Memory safety bugs fixed in Firefox 79 +- updated dependency requirements: + * mozilla-nspr >= 4.26 + * mozilla-nss >= 3.54 + * rust >= 1.43 + * rust-cbindgen >= 0.14.3 +- removed obsolete patch + mozilla-bmo1463035.patch + +------------------------------------------------------------------- Tue Jul 21 21:31:20 UTC 2020 - Wolfgang Rosenauer - fixed syntax issue in desktop file (boo#1174360)