MozillaFirefox/tar_stamps

PRODUCT="firefox"
CHANNEL="release"
VERSION="133.0"
VERSION_SUFFIX=""
PREV_VERSION="132.0.2"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
RELEASE_TAG="8141aab3ba856d7cbae6c851dd71f2e0cb69649c"
RELEASE_TIMESTAMP="20241121140525"
- add mozilla-python313.patch to fix build with python 3.13+ * CVE-2018-12371 (bmo#1465686) * modifies the crash protection feature to increase the amount of time that plugins are allowed to be non-responsive before * firefox-bug506901.patch - improve UI colors to be usable with dark themes at all - added KDE integration patch from llunak@novell.com (firefox-kde.patch) * support for knotify, making -kde4-addon obsolete especially KDE integration: * added the ability to set the KDE default browser * MFSA 2009-05/CVE-2009-0357: XMLHttpRequest allows reading * MFSA 2009-04/CVE-2009-0356: Chrome privilege escalation via * MFSA 2009-02/CVE-2009-0354: XSS using a chrome XBL method * MFSA 2009-01/CVE-2009-0352 - CVE-2009-0353: Crashes with evidence of memory corruption (rv:1.9.0.6) (bmo#452913, * Make sure the search bar is not put back when resetting the - Update to stability/security release 3.0.1 (bnc#407573) + MFSA 2008-35 Command-line URLs launch multiple tabs when - Set browser.shell.checkDefaultBrowser to true (bnc#404119) - fix hardlinks accross partitions - move last change a bit further in specfile - Mark a .png file as nonexecutable. * MFSA 2007-26 Privilege escalation through chrome-loaded - Fixes bnc #295677 - added unzip to BuildRequires - updated tango theme Resuming your browsing session, Previewing and subscribing Improved Add-ons manager, JavaScript 1.7, Extended search OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1190 2024-11-25 10:56:51 +00:00			`PRODUCT="firefox"`
			`CHANNEL="release"`
- Mozilla Firefox 133.0 https://www.mozilla.org/en-US/firefox/133.0/releasenotes MFSA 2024-63 (bsc#1233695) * CVE-2024-11691 (bmo#1914707, bmo#1924184) Memory corruption in Apple GPU drivers * CVE-2024-11700 (bmo#1836921) Potential Tapjacking Exploit for Intent Confirmation on Android * CVE-2024-11692 (bmo#1909535) Select list elements could be shown over another site * CVE-2024-11701 (bmo#1914797) Misleading Address Bar State During Navigation Interruption * CVE-2024-11702 (bmo#1918884) Inadequate Clipboard Protection in Private Browsing Mode on Android * CVE-2024-11693 (bmo#1921458) Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694 (bmo#1924167) CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695 (bmo#1925496) URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11703 (bmo#1928779) Password access without authentication via PIN bypass on Android * CVE-2024-11696 (bmo#1929600) Unhandled Exception in Add-on Signature Verification * CVE-2024-11697 (bmo#1842187) Improper Keypress Handling in Executable File Confirmation Dialog * CVE-2024-11704 (bmo#1899402) Potential Double-Free Vulnerability in PKCS#7 Decryption Handling * CVE-2024-11698 (bmo#1916152) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1191 2024-11-27 07:41:19 +00:00			`VERSION="133.0"`
- add mozilla-python313.patch to fix build with python 3.13+ * CVE-2018-12371 (bmo#1465686) * modifies the crash protection feature to increase the amount of time that plugins are allowed to be non-responsive before * firefox-bug506901.patch - improve UI colors to be usable with dark themes at all - added KDE integration patch from llunak@novell.com (firefox-kde.patch) * support for knotify, making -kde4-addon obsolete especially KDE integration: * added the ability to set the KDE default browser * MFSA 2009-05/CVE-2009-0357: XMLHttpRequest allows reading * MFSA 2009-04/CVE-2009-0356: Chrome privilege escalation via * MFSA 2009-02/CVE-2009-0354: XSS using a chrome XBL method * MFSA 2009-01/CVE-2009-0352 - CVE-2009-0353: Crashes with evidence of memory corruption (rv:1.9.0.6) (bmo#452913, * Make sure the search bar is not put back when resetting the - Update to stability/security release 3.0.1 (bnc#407573) + MFSA 2008-35 Command-line URLs launch multiple tabs when - Set browser.shell.checkDefaultBrowser to true (bnc#404119) - fix hardlinks accross partitions - move last change a bit further in specfile - Mark a .png file as nonexecutable. * MFSA 2007-26 Privilege escalation through chrome-loaded - Fixes bnc #295677 - added unzip to BuildRequires - updated tango theme Resuming your browsing session, Previewing and subscribing Improved Add-ons manager, JavaScript 1.7, Extended search OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1190 2024-11-25 10:56:51 +00:00			`VERSION_SUFFIX=""`
- Mozilla Firefox 133.0 https://www.mozilla.org/en-US/firefox/133.0/releasenotes MFSA 2024-63 (bsc#1233695) * CVE-2024-11691 (bmo#1914707, bmo#1924184) Memory corruption in Apple GPU drivers * CVE-2024-11700 (bmo#1836921) Potential Tapjacking Exploit for Intent Confirmation on Android * CVE-2024-11692 (bmo#1909535) Select list elements could be shown over another site * CVE-2024-11701 (bmo#1914797) Misleading Address Bar State During Navigation Interruption * CVE-2024-11702 (bmo#1918884) Inadequate Clipboard Protection in Private Browsing Mode on Android * CVE-2024-11693 (bmo#1921458) Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694 (bmo#1924167) CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695 (bmo#1925496) URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11703 (bmo#1928779) Password access without authentication via PIN bypass on Android * CVE-2024-11696 (bmo#1929600) Unhandled Exception in Add-on Signature Verification * CVE-2024-11697 (bmo#1842187) Improper Keypress Handling in Executable File Confirmation Dialog * CVE-2024-11704 (bmo#1899402) Potential Double-Free Vulnerability in PKCS#7 Decryption Handling * CVE-2024-11698 (bmo#1916152) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1191 2024-11-27 07:41:19 +00:00			`PREV_VERSION="132.0.2"`
- add mozilla-python313.patch to fix build with python 3.13+ * CVE-2018-12371 (bmo#1465686) * modifies the crash protection feature to increase the amount of time that plugins are allowed to be non-responsive before * firefox-bug506901.patch - improve UI colors to be usable with dark themes at all - added KDE integration patch from llunak@novell.com (firefox-kde.patch) * support for knotify, making -kde4-addon obsolete especially KDE integration: * added the ability to set the KDE default browser * MFSA 2009-05/CVE-2009-0357: XMLHttpRequest allows reading * MFSA 2009-04/CVE-2009-0356: Chrome privilege escalation via * MFSA 2009-02/CVE-2009-0354: XSS using a chrome XBL method * MFSA 2009-01/CVE-2009-0352 - CVE-2009-0353: Crashes with evidence of memory corruption (rv:1.9.0.6) (bmo#452913, * Make sure the search bar is not put back when resetting the - Update to stability/security release 3.0.1 (bnc#407573) + MFSA 2008-35 Command-line URLs launch multiple tabs when - Set browser.shell.checkDefaultBrowser to true (bnc#404119) - fix hardlinks accross partitions - move last change a bit further in specfile - Mark a .png file as nonexecutable. * MFSA 2007-26 Privilege escalation through chrome-loaded - Fixes bnc #295677 - added unzip to BuildRequires - updated tango theme Resuming your browsing session, Previewing and subscribing Improved Add-ons manager, JavaScript 1.7, Extended search OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1190 2024-11-25 10:56:51 +00:00			`PREV_VERSION_SUFFIX=""`
			`#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation`
			`RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"`
- Mozilla Firefox 133.0 https://www.mozilla.org/en-US/firefox/133.0/releasenotes MFSA 2024-63 (bsc#1233695) * CVE-2024-11691 (bmo#1914707, bmo#1924184) Memory corruption in Apple GPU drivers * CVE-2024-11700 (bmo#1836921) Potential Tapjacking Exploit for Intent Confirmation on Android * CVE-2024-11692 (bmo#1909535) Select list elements could be shown over another site * CVE-2024-11701 (bmo#1914797) Misleading Address Bar State During Navigation Interruption * CVE-2024-11702 (bmo#1918884) Inadequate Clipboard Protection in Private Browsing Mode on Android * CVE-2024-11693 (bmo#1921458) Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694 (bmo#1924167) CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695 (bmo#1925496) URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11703 (bmo#1928779) Password access without authentication via PIN bypass on Android * CVE-2024-11696 (bmo#1929600) Unhandled Exception in Add-on Signature Verification * CVE-2024-11697 (bmo#1842187) Improper Keypress Handling in Executable File Confirmation Dialog * CVE-2024-11704 (bmo#1899402) Potential Double-Free Vulnerability in PKCS#7 Decryption Handling * CVE-2024-11698 (bmo#1916152) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1191 2024-11-27 07:41:19 +00:00			`RELEASE_TAG="8141aab3ba856d7cbae6c851dd71f2e0cb69649c"`
			`RELEASE_TIMESTAMP="20241121140525"`