ALP-pool/MozillaFirefox
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sync from SUSE:ALP:Source:Standard:1.0 MozillaFirefox revision 23ce8531ab2906404378c5906e8d7dc5

Browse Source
This commit is contained in:
Adrian Schröter 2024-03-01 15:32:41 +01:00
parent 4c31c67b64
commit b74cf026e1
8 changed files with 91 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
MozillaFirefox.changes
View File

@ -1,8 +1,67 @@
-------------------------------------------------------------------
Mon Feb 19 07:18:16 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
- Firefox Extended Support Release 115.8.0 ESR
* Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.8
MFSA 2024-UNKNOWN (bsc#1220048)
* NO CVE-NUMBER ASSIGNED YET (bmo#1843752)
Out-of-bounds memory read in networking channels
* NO CVE-NUMBER ASSIGNED YET (bmo#1877879)
Alert dialog could have been spoofed on another site
* NO CVE-NUMBER ASSIGNED YET (bmo#1832627)
Fullscreen Notification could have been hidden by select
element
* NO CVE-NUMBER ASSIGNED YET (bmo#1833814)
Custom cursor could obscure the permission dialog
* NO CVE-NUMBER ASSIGNED YET (bmo#1860065)
Mouse cursor re-positioned unexpectedly could have led to
unintended permission grants
* NO CVE-NUMBER ASSIGNED YET (bmo#1864385)
Multipart HTTP Responses would accept the Set-Cookie header
in response parts
* NO CVE-NUMBER ASSIGNED YET (bmo#1874502)
Incorrect code generation on 32-bit ARM devices
* NO CVE-NUMBER ASSIGNED YET (bmo#1855686, bmo#1867982, bmo#1871498,
bmo#1872296, bmo#1873521, bmo#1873577, bmo#1873597,
bmo#1873866, bmo#1874080, bmo#1874740, bmo#1875795,
bmo#1875906, bmo#1876425, bmo#1878211, bmo#1878286)
Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8,
and Thunderbird 115.8
-------------------------------------------------------------------
Tue Jan 30 13:51:25 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
- Recommend libfido2-udev on codestreams that exist, in order to try
to get security keys (e.g. Yubikeys) work out of the box. (bsc#1184272)
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jan 18 15:24:40 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> Thu Jan 18 15:24:40 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
- Firefox Extended Support Release 115.7.0 ESR - Firefox Extended Support Release 115.7.0 ESR
Placeholder changelog-entry (bsc#1218955) * Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.7
MFSA 2024-02 (bsc#1218955)
* CVE-2024-0741 (bmo#1864587)
Out of bounds write in ANGLE
* CVE-2024-0742 (bmo#1867152)
Failure to update user input timestamp
* CVE-2024-0746 (bmo#1660223)
Crash when listing printers on Linux
* CVE-2024-0747 (bmo#1764343)
Bypass of Content Security Policy when directive unsafe-
inline was set
* CVE-2024-0749 (bmo#1813463)
Phishing site popup could show local origin in address bar
* CVE-2024-0750 (bmo#1863083)
Potential permissions request bypass via clickjacking
* CVE-2024-0751 (bmo#1865689)
Privilege escalation through devtools
* CVE-2024-0753 (bmo#1870262)
HSTS policy on subdomain could bypass policy of upper domain
* CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
and Thunderbird 115.7
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Dec 12 08:05:10 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> Tue Dec 12 08:05:10 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com>

10
MozillaFirefox.spec
View File

@ -29,8 +29,8 @@
# major 69 # major 69
# mainver %%major.99 # mainver %%major.99
%define major 115 %define major 115
%define mainver %major.7.0 %define mainver %major.8.0
%define orig_version 115.7.0 %define orig_version 115.8.0
%define orig_suffix esr %define orig_suffix esr
%define update_channel release %define update_channel release
%define branding 1 %define branding 1
@ -247,6 +247,12 @@ Requires: %{name}-branding >= 68
%requires_ge libfreetype6 %requires_ge libfreetype6
Recommends: libcanberra0 Recommends: libcanberra0
Recommends: libpulse0 Recommends: libpulse0
# To make security-keys (e.g. Yubikey) work with FF, it needs the udev-rules installed.
# A clean package with the most common rules exists only in SP3 onwards. `u2f-hosts` could be used on older
# code streams, but it contains more than just the rules, so we're not recommending it here.
%if 0%{?suse_version} >= 1600 || 0%{?sle_version} >= 150300
Recommends: libfido2-udev
%endif
# addon leads to startup crash (bnc#908892) # addon leads to startup crash (bnc#908892)
Obsoletes: tracker-miner-firefox < 0.15 Obsoletes: tracker-miner-firefox < 0.15
%if 0%{?devpkg} == 0 %if 0%{?devpkg} == 0

BIN
firefox-115.7.0esr.source.tar.xz (Stored with Git LFS)
View File

Binary file not shown.

16
firefox-115.7.0esr.source.tar.xz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmWln+QACgkQ4207E/PZ
MnTA8A/+KAlYgmLk4dZKxdAC8X2g/Zki24DCd4Gd7o191SsH+OXFz0AFDFp3KJqB
DC5fViWF8Y8S1lKo3jusVjnbNPHhnYWFgoRNyHnjPrZWTO14ggfbbhWa1KvWImFd
Jn3+S2b2VHUqL15pfSh7WlGHbZYJRakleRptGGpzfr+s5rirVrWLNh7olb3Ud+tA
Si8uBzxQHJFIx/MiFRWCWPC5fhXAjU/X+eVcyfzjmTPXeLznxxiP+SjOjKXxwk/d
nvcJ0XmRS5G0BPSL2E1pBQYNWZqVgHfj0hWrsMwV7XnmmnKoN9igc1rO1ivuIUuY
6iy+ftZKW1NZgjsI+7Lg9E7Z2y7LBwOjqiHunVWqtmXsQT+vnDxf/kzDkrv2HGUa
mcCw66C5n5izupkyxIV/ig8asnJGhG0fL4NJhFip6xnskA/OYSbqCyB93A+xBUt7
SwytzAxcc3WUAIoBvSgi9+kt0DoeP44IaiV5FKbXc+hEZFoL6vILX3om46cO24EG
yy2+oBdBNcOpifY8aUjc3pJnE2TLUEieu1nBTXsk4bJjpNKDI1OBasdS91qZ7ccC
7Qkhp9n2MXfffRvxjf6JS9DSGh+n6AtN2KaW0ynH7YSGH1cav9NhzXid9jObiXUm
rtNsPEdHsEznyLhdr6BajEJ+9Loo+ftu2Vw8iFqC5wHxTJAblDM=
=iN5I
-----END PGP SIGNATURE-----

BIN
firefox-115.8.0esr.source.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

16
firefox-115.8.0esr.source.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmXKiskACgkQ4207E/PZ
MnQ4wA//bA9vJkE+Q+RySotiCcZ3xLZO4h8JSNMOy3Z5PJhORXlw5S5T51gGSpIc
o8cQzpTe6IMNNA5nLE/RR99OII1WiQ5g0ex1Vcv2/mY5wD0VxnvxGiRgSw2Ocmod
jCvOo4LH9Z4sqRsrAkgmnbqc5iR5ULSr+/p0Y0ypIUo+rJFPD5g0saeAxkfF8Q3E
WoeUI7MTXJlJ3yenyhAmLqcDHoAvcekULG3ERaqL953BXzftaIaooSos06MoHzFT
W/sgNCekHsAfrUZxjJg2XmawJ4dwTc8/tuCPXEmLNJejEBhWizAN9Si4MaYg4Gmx
wLh39i8US68dNBcOZOsEjLo6DA4RhCm0z2VVhH8C4e6PSClFDF3OtdB1aHOJWwIj
u285DFJy738N61D9teN1uzyDS4nwRDjNCbgWvWWLxmoSkEiMgOmX41WbhOtsuqXz
kphrckU8lxUymG15+8kJJK1jVNmbmsPOR7MZkBsJffxHQNKrKxGHY+nqd/oJvFjs
tEu6r9eZr6rgPJqkyJvlw4e+rSO+VNOCjp9aMv6arPNTxmsfmaNopMtOBr///Wvp
D03HarZoJDLFnTOES9AAWDq0agDLywdohNWMLtXozqVdlnyC5ZPT7OsX0/ef2/yn
WsZjvqLX6YFw1YhYii7pPCg9AwJBJyZv942kn1zFkNuGH5oYGcs=
=rruB
-----END PGP SIGNATURE-----

0
l10n-115.7.0esr.tar.xz → l10n-115.8.0esr.tar.xz
View File

8
tar_stamps
View File

@ -1,10 +1,10 @@
PRODUCT="firefox" PRODUCT="firefox"
CHANNEL="release" CHANNEL="release"
VERSION="115.7.0" VERSION="115.8.0"
VERSION_SUFFIX="esr" VERSION_SUFFIX="esr"
PREV_VERSION="115.6.0" PREV_VERSION="115.7.0"
PREV_VERSION_SUFFIX="esr" PREV_VERSION_SUFFIX="esr"
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr115" RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr115"
RELEASE_TAG="980ec32f825b2f54c05d16057a6e60d5b62d2ee2" RELEASE_TAG="17fcbdf6426663c10da5d0ba21927e71184304c3"
RELEASE_TIMESTAMP="20240115170312" RELEASE_TIMESTAMP="20240212204114"