Sync from SUSE:ALP:Source:Standard:1.0 MozillaFirefox revision 23ce8531ab2906404378c5906e8d7dc5
This commit is contained in:
parent
4c31c67b64
commit
b74cf026e1
|
|
@ -1,8 +1,67 @@
|
|||
-------------------------------------------------------------------
|
||||
Mon Feb 19 07:18:16 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
|
||||
|
||||
- Firefox Extended Support Release 115.8.0 ESR
|
||||
* Fixed: Various security fixes and other quality improvements.
|
||||
- Mozilla Firefox ESR 115.8
|
||||
MFSA 2024-UNKNOWN (bsc#1220048)
|
||||
* NO CVE-NUMBER ASSIGNED YET (bmo#1843752)
|
||||
Out-of-bounds memory read in networking channels
|
||||
* NO CVE-NUMBER ASSIGNED YET (bmo#1877879)
|
||||
Alert dialog could have been spoofed on another site
|
||||
* NO CVE-NUMBER ASSIGNED YET (bmo#1832627)
|
||||
Fullscreen Notification could have been hidden by select
|
||||
element
|
||||
* NO CVE-NUMBER ASSIGNED YET (bmo#1833814)
|
||||
Custom cursor could obscure the permission dialog
|
||||
* NO CVE-NUMBER ASSIGNED YET (bmo#1860065)
|
||||
Mouse cursor re-positioned unexpectedly could have led to
|
||||
unintended permission grants
|
||||
* NO CVE-NUMBER ASSIGNED YET (bmo#1864385)
|
||||
Multipart HTTP Responses would accept the Set-Cookie header
|
||||
in response parts
|
||||
* NO CVE-NUMBER ASSIGNED YET (bmo#1874502)
|
||||
Incorrect code generation on 32-bit ARM devices
|
||||
* NO CVE-NUMBER ASSIGNED YET (bmo#1855686, bmo#1867982, bmo#1871498,
|
||||
bmo#1872296, bmo#1873521, bmo#1873577, bmo#1873597,
|
||||
bmo#1873866, bmo#1874080, bmo#1874740, bmo#1875795,
|
||||
bmo#1875906, bmo#1876425, bmo#1878211, bmo#1878286)
|
||||
Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
|
||||
and Thunderbird 115.8
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 30 13:51:25 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
|
||||
|
||||
- Recommend libfido2-udev on codestreams that exist, in order to try
|
||||
to get security keys (e.g. Yubikeys) work out of the box. (bsc#1184272)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 18 15:24:40 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
|
||||
|
||||
- Firefox Extended Support Release 115.7.0 ESR
|
||||
Placeholder changelog-entry (bsc#1218955)
|
||||
* Fixed: Various security fixes and other quality improvements.
|
||||
- Mozilla Firefox ESR 115.7
|
||||
MFSA 2024-02 (bsc#1218955)
|
||||
* CVE-2024-0741 (bmo#1864587)
|
||||
Out of bounds write in ANGLE
|
||||
* CVE-2024-0742 (bmo#1867152)
|
||||
Failure to update user input timestamp
|
||||
* CVE-2024-0746 (bmo#1660223)
|
||||
Crash when listing printers on Linux
|
||||
* CVE-2024-0747 (bmo#1764343)
|
||||
Bypass of Content Security Policy when directive unsafe-
|
||||
inline was set
|
||||
* CVE-2024-0749 (bmo#1813463)
|
||||
Phishing site popup could show local origin in address bar
|
||||
* CVE-2024-0750 (bmo#1863083)
|
||||
Potential permissions request bypass via clickjacking
|
||||
* CVE-2024-0751 (bmo#1865689)
|
||||
Privilege escalation through devtools
|
||||
* CVE-2024-0753 (bmo#1870262)
|
||||
HSTS policy on subdomain could bypass policy of upper domain
|
||||
* CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
|
||||
Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
|
||||
and Thunderbird 115.7
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 12 08:05:10 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com>
|
||||
|
|
|
|||
|
|
@ -29,8 +29,8 @@
|
|||
# major 69
|
||||
# mainver %%major.99
|
||||
%define major 115
|
||||
%define mainver %major.7.0
|
||||
%define orig_version 115.7.0
|
||||
%define mainver %major.8.0
|
||||
%define orig_version 115.8.0
|
||||
%define orig_suffix esr
|
||||
%define update_channel release
|
||||
%define branding 1
|
||||
|
|
@ -247,6 +247,12 @@ Requires: %{name}-branding >= 68
|
|||
%requires_ge libfreetype6
|
||||
Recommends: libcanberra0
|
||||
Recommends: libpulse0
|
||||
# To make security-keys (e.g. Yubikey) work with FF, it needs the udev-rules installed.
|
||||
# A clean package with the most common rules exists only in SP3 onwards. `u2f-hosts` could be used on older
|
||||
# code streams, but it contains more than just the rules, so we're not recommending it here.
|
||||
%if 0%{?suse_version} >= 1600 || 0%{?sle_version} >= 150300
|
||||
Recommends: libfido2-udev
|
||||
%endif
|
||||
# addon leads to startup crash (bnc#908892)
|
||||
Obsoletes: tracker-miner-firefox < 0.15
|
||||
%if 0%{?devpkg} == 0
|
||||
|
|
|
|||
BIN
firefox-115.7.0esr.source.tar.xz
(Stored with Git LFS)
BIN
firefox-115.7.0esr.source.tar.xz
(Stored with Git LFS)
Binary file not shown.
|
|
@ -1,16 +0,0 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmWln+QACgkQ4207E/PZ
|
||||
MnTA8A/+KAlYgmLk4dZKxdAC8X2g/Zki24DCd4Gd7o191SsH+OXFz0AFDFp3KJqB
|
||||
DC5fViWF8Y8S1lKo3jusVjnbNPHhnYWFgoRNyHnjPrZWTO14ggfbbhWa1KvWImFd
|
||||
Jn3+S2b2VHUqL15pfSh7WlGHbZYJRakleRptGGpzfr+s5rirVrWLNh7olb3Ud+tA
|
||||
Si8uBzxQHJFIx/MiFRWCWPC5fhXAjU/X+eVcyfzjmTPXeLznxxiP+SjOjKXxwk/d
|
||||
nvcJ0XmRS5G0BPSL2E1pBQYNWZqVgHfj0hWrsMwV7XnmmnKoN9igc1rO1ivuIUuY
|
||||
6iy+ftZKW1NZgjsI+7Lg9E7Z2y7LBwOjqiHunVWqtmXsQT+vnDxf/kzDkrv2HGUa
|
||||
mcCw66C5n5izupkyxIV/ig8asnJGhG0fL4NJhFip6xnskA/OYSbqCyB93A+xBUt7
|
||||
SwytzAxcc3WUAIoBvSgi9+kt0DoeP44IaiV5FKbXc+hEZFoL6vILX3om46cO24EG
|
||||
yy2+oBdBNcOpifY8aUjc3pJnE2TLUEieu1nBTXsk4bJjpNKDI1OBasdS91qZ7ccC
|
||||
7Qkhp9n2MXfffRvxjf6JS9DSGh+n6AtN2KaW0ynH7YSGH1cav9NhzXid9jObiXUm
|
||||
rtNsPEdHsEznyLhdr6BajEJ+9Loo+ftu2Vw8iFqC5wHxTJAblDM=
|
||||
=iN5I
|
||||
-----END PGP SIGNATURE-----
|
||||
BIN
firefox-115.8.0esr.source.tar.xz
(Stored with Git LFS)
Normal file
BIN
firefox-115.8.0esr.source.tar.xz
(Stored with Git LFS)
Normal file
Binary file not shown.
16
firefox-115.8.0esr.source.tar.xz.asc
Normal file
16
firefox-115.8.0esr.source.tar.xz.asc
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmXKiskACgkQ4207E/PZ
|
||||
MnQ4wA//bA9vJkE+Q+RySotiCcZ3xLZO4h8JSNMOy3Z5PJhORXlw5S5T51gGSpIc
|
||||
o8cQzpTe6IMNNA5nLE/RR99OII1WiQ5g0ex1Vcv2/mY5wD0VxnvxGiRgSw2Ocmod
|
||||
jCvOo4LH9Z4sqRsrAkgmnbqc5iR5ULSr+/p0Y0ypIUo+rJFPD5g0saeAxkfF8Q3E
|
||||
WoeUI7MTXJlJ3yenyhAmLqcDHoAvcekULG3ERaqL953BXzftaIaooSos06MoHzFT
|
||||
W/sgNCekHsAfrUZxjJg2XmawJ4dwTc8/tuCPXEmLNJejEBhWizAN9Si4MaYg4Gmx
|
||||
wLh39i8US68dNBcOZOsEjLo6DA4RhCm0z2VVhH8C4e6PSClFDF3OtdB1aHOJWwIj
|
||||
u285DFJy738N61D9teN1uzyDS4nwRDjNCbgWvWWLxmoSkEiMgOmX41WbhOtsuqXz
|
||||
kphrckU8lxUymG15+8kJJK1jVNmbmsPOR7MZkBsJffxHQNKrKxGHY+nqd/oJvFjs
|
||||
tEu6r9eZr6rgPJqkyJvlw4e+rSO+VNOCjp9aMv6arPNTxmsfmaNopMtOBr///Wvp
|
||||
D03HarZoJDLFnTOES9AAWDq0agDLywdohNWMLtXozqVdlnyC5ZPT7OsX0/ef2/yn
|
||||
WsZjvqLX6YFw1YhYii7pPCg9AwJBJyZv942kn1zFkNuGH5oYGcs=
|
||||
=rruB
|
||||
-----END PGP SIGNATURE-----
|
||||
|
|
@ -1,10 +1,10 @@
|
|||
PRODUCT="firefox"
|
||||
CHANNEL="release"
|
||||
VERSION="115.7.0"
|
||||
VERSION="115.8.0"
|
||||
VERSION_SUFFIX="esr"
|
||||
PREV_VERSION="115.6.0"
|
||||
PREV_VERSION="115.7.0"
|
||||
PREV_VERSION_SUFFIX="esr"
|
||||
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
||||
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr115"
|
||||
RELEASE_TAG="980ec32f825b2f54c05d16057a6e60d5b62d2ee2"
|
||||
RELEASE_TIMESTAMP="20240115170312"
|
||||
RELEASE_TAG="17fcbdf6426663c10da5d0ba21927e71184304c3"
|
||||
RELEASE_TIMESTAMP="20240212204114"
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user