# HG changeset patch # User Wolfgang Rosenauer # Date 1535034952 -7200 # Node ID 33c6119b5cc5c5482247841a304da3166d45301b # Parent a0c915e59e05537951634fc229a8cef2927f6c9a 61.0.2 diff -r a0c915e59e05 -r 33c6119b5cc5 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Sat Jun 23 17:04:50 2018 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Thu Aug 23 16:35:52 2018 +0200 @@ -1,4 +1,31 @@ ------------------------------------------------------------------- +Thu Aug 9 14:22:00 UTC 2018 - wr@rosenauer.org + +- update to Firefox 61.0.2 + * Improved website rendering with the Retained Display List feature + enabled (bmo#1474402) + * Fixed broken DevTools panels with certain extensions installed + (bmo#1474379) + * Fixed a crash for users with some accessibility tools enabled + (bmo#1474007) + +------------------------------------------------------------------- +Mon Jul 9 07:22:09 UTC 2018 - astieger@suse.com + +- Mozilla Firefox 61.0.1: + * Fix missing content on the New Tab Page and the Home section of + the Preferences page (bmo#1471375) + * Fixed loss of bookmarks under rare circumstances when upgrading + from Firefox 60 (bmo#1472127) + * Improved playback of Twitch 1080p video streams (bmo#1469257) + * Web pages no longer lose focus when a browser popup window is + opened (bmo#1471415) + * Re-allowed downloading files from FTP sites via the "Save Link + As" option when linked from HTTP pages (bmo#1470295) + * Fixed extensions being unable to override the default homepage + in certain situations (bmo#1466846) + +------------------------------------------------------------------- Sat Jun 23 07:25:51 UTC 2018 - wr@rosenauer.org - update to Firefox 61.0 @@ -8,15 +35,57 @@ * OpenSearch plugins offered by web pages can now be added from the page action menu for easier installation * Improved support for allowing WebExtensions to manage and hide tabs + MFSA 2018-15 (bsc#1098998) + * CVE-2018-12359 (bmo#1459162) + Buffer overflow using computed size of canvas element + * CVE-2018-12360 (bmo#1459693) + Use-after-free when using focus() + * CVE-2018-12361 (bmo#1463244) + Integer overflow in SwizzleData + * CVE-2018-12358 (bmo#1467852) + Same-origin bypass using service worker and redirection + * CVE-2018-12362 (bmo#1452375) + Integer overflow in SSSE3 scaler + * CVE-2018-5156 (bmo#1453127) + Media recorder segmentation fault when track type is changed during capture + * CVE-2018-12363 (bmo#1464784) + Use-after-free when appending DOM nodes + * CVE-2018-12364 (bmo#1436241) + CSRF attacks through 307 redirects and NPAPI plugins + * CVE-2018-12365 (bmo#1459206) + Compromised IPC child process can list local filenames + * CVE-2018-12371 (bmo#1465686) + Integer overflow in Skia library during edge builder allocation + * CVE-2018-12366 (bmo#1464039) + Invalid data handling during QCMS transformations + * CVE-2018-12367 (bmo#1462891) + Timing attack mitigation of PerformanceNavigationTiming + * CVE-2018-12369 (bmo#1454909) + WebExtension security permission checks bypassed by embedded experiments + * CVE-2018-12370 (bmo#1456652) + SameSite cookie protections bypassed when exiting Reader View + * CVE-2018-5186 (bmo#1464872,bmo#1463329,bmo#1419373,bmo#1412882, + bmo#1413033,bmo#1444673,bmo#1454448,bmo#1453505,bmo#1438671) + Memory safety bugs fixed in Firefox 61 + * CVE-2018-5187 (bmo#1461324,bmo#1414829,bmo#1395246,bmo#1467938, + bmo#1461619,bmo#1425930,bmo#1438556,bmo#1454285,bmo#1459568, + bmo#1463884) + Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1 + * CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739, + bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576, + bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829, + bmo#1464079,bmo#1463494,bmo#1458048) + Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9 - requires NSS 3.37.3 +- requires python >= 3.5 to build - removed obsolete patches mozilla-i586-DecoderDoctorLogger.patch mozilla-i586-domPrefs.patch mozilla-fix-skia-aarch64.patch mozilla-bmo1375074.patch + mozilla-enable-csd.patch - patch for new no-return warnings (mozilla-no-return.patch) - do not disable system installed locales (mozilla-bmo1464766.patch) -- disabled outdated mozilla-enable-csd.patch temporarily ------------------------------------------------------------------- Fri Jun 8 10:52:13 UTC 2018 - bjorn.lie@gmail.com diff -r a0c915e59e05 -r 33c6119b5cc5 MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Sat Jun 23 17:04:50 2018 +0200 +++ b/MozillaFirefox/MozillaFirefox.spec Thu Aug 23 16:35:52 2018 +0200 @@ -19,12 +19,12 @@ # changed with every update %define major 61 -%define mainver %major.0 -%define orig_version 61.0 +%define mainver %major.0.2 +%define orig_version 61.0.2 %define orig_suffix %{nil} %define update_channel release %define branding 1 -%define releasedate 20180621125625 +%define releasedate 20180807170231 %define source_prefix firefox-%{orig_version} # PIE, full relro (x86_64 for now) @@ -63,7 +63,6 @@ BuildRequires: memory-constraints %if 0%{?suse_version} <= 1320 BuildRequires: gcc7-c++ -BuildRequires: python3 %else BuildRequires: gcc-c++ %endif @@ -79,6 +78,7 @@ BuildRequires: mozilla-nss-devel >= 3.37.3 BuildRequires: python-devel BuildRequires: python2-xml +BuildRequires: python3 >= 3.5 BuildRequires: rust >= 1.24 BuildRequires: rust-std BuildRequires: startup-notification-devel @@ -159,9 +159,8 @@ Patch6: mozilla-reduce-files-per-UnifiedBindings.patch Patch7: mozilla-aarch64-startup-crash.patch Patch8: mozilla-bmo256180.patch -Patch9: mozilla-enable-csd.patch -Patch10: mozilla-no-return.patch -Patch11: mozilla-bmo1464766.patch +Patch9: mozilla-no-return.patch +Patch10: mozilla-bmo1464766.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch @@ -271,9 +270,8 @@ %endif %patch7 -p1 %patch8 -p1 -#%patch9 -p1 +%patch9 -p1 %patch10 -p1 -#%patch11 -p1 # Firefox %patch101 -p1 %patch102 -p1 diff -r a0c915e59e05 -r 33c6119b5cc5 MozillaFirefox/create-tar.sh --- a/MozillaFirefox/create-tar.sh Sat Jun 23 17:04:50 2018 +0200 +++ b/MozillaFirefox/create-tar.sh Thu Aug 23 16:35:52 2018 +0200 @@ -7,8 +7,8 @@ CHANNEL="release" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="785d242a5b01d5f1094882aa2144d8e5e2791e06" -VERSION="61.0" +RELEASE_TAG="FIREFOX_61_0_2_RELEASE" +VERSION="61.0.2" VERSION_SUFFIX="" LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json" diff -r a0c915e59e05 -r 33c6119b5cc5 MozillaFirefox/source-stamp.txt --- a/MozillaFirefox/source-stamp.txt Sat Jun 23 17:04:50 2018 +0200 +++ b/MozillaFirefox/source-stamp.txt Thu Aug 23 16:35:52 2018 +0200 @@ -1,2 +1,2 @@ -REV=785d242a5b01 +REV=975058795980 REPO=http://hg.mozilla.org/releases/mozilla-release