pool/MozillaFirefox
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f56b5528a7
MozillaFirefox/tar_stamps

11 lines
342 B
Plaintext
Raw Normal View History

- Mozilla Firefox 68.0 * Dark mode in reader view * Improved extension security and discovery * Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences * Camera and microphone access now require an HTTPS connection MFSA 2019-21 (bsc#1140868) * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) Sandbox escape via installation of malicious languagepack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11714 (bmo#1542593) NeckoChild can trigger crash when accessed off of main thread * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11716 (bmo#1552632) globalThis not enumerable until accessed * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11718 (bmo#1408349) Activity Stream writes unsanitized content to innerHTML * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748
2019-07-09 23:21:11 +02:00
PRODUCT="firefox"
- Mozilla Firefox 69.0 * Enhanced Tracking Protection (ETP) for stronger privacy protections * Block Autoplay feature is enhanced to give users the option to block any video * Users in the US or using the en-US browser, can get a new “New Tab” page experience connecting to the best of Pocket's content. * Support for the Web Authentication HmacSecret extension via Windows Hello introduced. * Support for receiving multiple video codecs with this release makes it easier for WebRTC conferencing services to mix video from different clients. - requires * rust/cargo >= 1.35 * rust-cbindgen >= 0.9.0 * mozilla-nss >= 3.45 - rebased patches * mozilla-bmo1504834-part1.patch (currently unused as it breaks LE) * mozilla-bmo1504834-part2.patch (currently unused as it breaks LE) * mozilla-bmo1504834-part3.patch (currently unused as it breaks LE) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=765
2019-09-09 08:28:12 +02:00
CHANNEL="release"
- Mozilla Firefox 118.0.1 MFSA 2023-44 (bsc#1215814) * CVE-2023-5217 (bmo#1855550), Heap buffer overflow in libvpx - Mozilla Firefox 118.0 MFSA 2023-41 (bsc#1215575) * CVE-2023-5168 (bmo#1846683) Out-of-bounds write in FilterNodeD2D1 * CVE-2023-5169 (bmo#1846685) Out-of-bounds write in PathOps * CVE-2023-5170 (bmo#1846686) Memory leak from a privileged process * CVE-2023-5171 (bmo#1851599) Use-after-free in Ion Compiler * CVE-2023-5172 (bmo#1852218) Memory Corruption in Ion Hints * CVE-2023-5173 (bmo#1823172) Out-of-bounds write in HTTP Alternate Services * CVE-2023-5174 (bmo#1848454) Double-free in process spawning on Windows * CVE-2023-5175 (bmo#1849704) Use-after-free of ImageBitmap during process shutdown * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195) Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 - requires NSS 3.93 - deactivated KDE integration temporarily OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1108
2023-09-29 10:31:52 +02:00
VERSION="118.0.1"
- Mozilla Firefox 69.0 * Enhanced Tracking Protection (ETP) for stronger privacy protections * Block Autoplay feature is enhanced to give users the option to block any video * Users in the US or using the en-US browser, can get a new “New Tab” page experience connecting to the best of Pocket's content. * Support for the Web Authentication HmacSecret extension via Windows Hello introduced. * Support for receiving multiple video codecs with this release makes it easier for WebRTC conferencing services to mix video from different clients. - requires * rust/cargo >= 1.35 * rust-cbindgen >= 0.9.0 * mozilla-nss >= 3.45 - rebased patches * mozilla-bmo1504834-part1.patch (currently unused as it breaks LE) * mozilla-bmo1504834-part2.patch (currently unused as it breaks LE) * mozilla-bmo1504834-part3.patch (currently unused as it breaks LE) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=765
2019-09-09 08:28:12 +02:00
VERSION_SUFFIX=""
- Mozilla Firefox 118.0.1 MFSA 2023-44 (bsc#1215814) * CVE-2023-5217 (bmo#1855550), Heap buffer overflow in libvpx - Mozilla Firefox 118.0 MFSA 2023-41 (bsc#1215575) * CVE-2023-5168 (bmo#1846683) Out-of-bounds write in FilterNodeD2D1 * CVE-2023-5169 (bmo#1846685) Out-of-bounds write in PathOps * CVE-2023-5170 (bmo#1846686) Memory leak from a privileged process * CVE-2023-5171 (bmo#1851599) Use-after-free in Ion Compiler * CVE-2023-5172 (bmo#1852218) Memory Corruption in Ion Hints * CVE-2023-5173 (bmo#1823172) Out-of-bounds write in HTTP Alternate Services * CVE-2023-5174 (bmo#1848454) Double-free in process spawning on Windows * CVE-2023-5175 (bmo#1849704) Use-after-free of ImageBitmap during process shutdown * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195) Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 - requires NSS 3.93 - deactivated KDE integration temporarily OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1108
2023-09-29 10:31:52 +02:00
PREV_VERSION="118.0"
- Mozilla Firefox 68.0 * Dark mode in reader view * Improved extension security and discovery * Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences * Camera and microphone access now require an HTTPS connection MFSA 2019-21 (bsc#1140868) * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) Sandbox escape via installation of malicious languagepack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11714 (bmo#1542593) NeckoChild can trigger crash when accessed off of main thread * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11716 (bmo#1552632) globalThis not enumerable until accessed * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11718 (bmo#1408349) Activity Stream writes unsanitized content to innerHTML * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748
2019-07-09 23:21:11 +02:00
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
- Mozilla Firefox 71.0 * Improvements to Lockwise, our integrated password manager * More information about Enhanced Tracking Protection in action * Native MP3 decoding on Windows, Linux, and macOS * Configuration page (about:config) reimplemented in HTML * New kiosk mode functionality, which allows maximum screen space for customer-facing displays MFSA 2019-36 * CVE-2019-11756 (bmo#1508776) Use-after-free of SFTKSession object * CVE-2019-17008 (bmo#1546331) Use-after-free in worker destruction * CVE-2019-13722 (bmo#1580156) (Windows only) Stack corruption due to incorrect number of arguments in WebRTC code * CVE-2019-17014 (bmo#1322864) Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure * CVE-2019-17010 (bmo#1581084) Use-after-free when performing device orientation checks * CVE-2019-17005 (bmo#1584170) Buffer overflow in plain text serializer * CVE-2019-17011 (bmo#1591334) Use-after-free when retrieving a document in antitracking * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209 bmo#1580288, bmo#1585760, bmo#1592502) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937 bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865 bmo#1594181) Memory safety bugs fixed in Firefox 71 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
- Mozilla Firefox 118.0.1 MFSA 2023-44 (bsc#1215814) * CVE-2023-5217 (bmo#1855550), Heap buffer overflow in libvpx - Mozilla Firefox 118.0 MFSA 2023-41 (bsc#1215575) * CVE-2023-5168 (bmo#1846683) Out-of-bounds write in FilterNodeD2D1 * CVE-2023-5169 (bmo#1846685) Out-of-bounds write in PathOps * CVE-2023-5170 (bmo#1846686) Memory leak from a privileged process * CVE-2023-5171 (bmo#1851599) Use-after-free in Ion Compiler * CVE-2023-5172 (bmo#1852218) Memory Corruption in Ion Hints * CVE-2023-5173 (bmo#1823172) Out-of-bounds write in HTTP Alternate Services * CVE-2023-5174 (bmo#1848454) Double-free in process spawning on Windows * CVE-2023-5175 (bmo#1849704) Use-after-free of ImageBitmap during process shutdown * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195) Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 - requires NSS 3.93 - deactivated KDE integration temporarily OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1108
2023-09-29 10:31:52 +02:00
RELEASE_TAG="68e4c357d26c5a1f075a1ec0c696d4fe684ed881"
RELEASE_TIMESTAMP="20230927232528"
Reference in New Issue Copy Permalink