- Mozilla Firefox 78.0.1

* Fixed an issue which could cause installed search engines to not be visible when upgrading from a previous release. - enable MOZ_USE_XINPUT2 for TW (boo#1173320) * Protections Dashboard (about:protections) * WebRTC not interrupted by screensaver anymore * disabled TLS 1.0 and 1.1 by default MFSA 2020-24 (bsc#1173576) * CVE-2020-12415 (bmo#1586630) AppCache manifest poisoning due to url encoded character processing * CVE-2020-12416 (bmo#1639734) Use-after-free in WebRTC VideoBroadcaster * CVE-2020-12417 (bmo#1640737) Memory corruption due to missing sign-extension for ValueTags on ARM64 * CVE-2020-12418 (bmo#1641303) Information disclosure due to manipulated URL object * CVE-2020-12419 (bmo#1643874) Use-after-free in nsGlobalWindowInner * CVE-2020-12420 (bmo#1643437) Use-After-Free when trying to connect to a STUN server * CVE-2020-12402 (bmo#1631597) RSA Key Generation vulnerable to side-channel attack * CVE-2020-12421 (bmo#1308251) Add-On updates did not respect the same certificate trust rules as software updates * CVE-2020-12422 (bmo#1450353) Integer overflow in nsJPEGEncoder::emptyOutputBuffer * CVE-2020-12423 (bmo#1642400) DLL Hijacking due to searching %PATH% for a library OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=835
2020-07-03 06:52:59 +00:00 · 2020-07-03 06:52:59 +00:00 · 13e2ddea0f
commit 13e2ddea0f
parent d08406e896
9 changed files with 69 additions and 26 deletions
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@ -1,9 +1,50 @@
 -------------------------------------------------------------------
 Wed Jul  1 07:15:02 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
 - Mozilla Firefox 78.0.1
  * Fixed an issue which could cause installed search engines to not
    be visible when upgrading from a previous release.
 - enable MOZ_USE_XINPUT2 for TW (boo#1173320)
 -------------------------------------------------------------------
 Sun Jun 28 07:17:13 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
 - Mozilla Firefox 78.0
  * startup notifications now using Gtk instead of libnotify
  * PDF downloads now show an option to open the PDF directly in Firefox
  * Protections Dashboard (about:protections)
  * WebRTC not interrupted by screensaver anymore
  * disabled TLS 1.0 and 1.1 by default
  MFSA 2020-24 (bsc#1173576)
  * CVE-2020-12415 (bmo#1586630)
    AppCache manifest poisoning due to url encoded character processing
  * CVE-2020-12416 (bmo#1639734)
    Use-after-free in WebRTC VideoBroadcaster
  * CVE-2020-12417 (bmo#1640737)
    Memory corruption due to missing sign-extension for ValueTags
    on ARM64
  * CVE-2020-12418 (bmo#1641303)
    Information disclosure due to manipulated URL object
  * CVE-2020-12419 (bmo#1643874)
    Use-after-free in nsGlobalWindowInner
  * CVE-2020-12420 (bmo#1643437)
    Use-After-Free when trying to connect to a STUN server
  * CVE-2020-12402 (bmo#1631597)
    RSA Key Generation vulnerable to side-channel attack
  * CVE-2020-12421 (bmo#1308251)
    Add-On updates did not respect the same certificate trust
    rules as software updates
  * CVE-2020-12422 (bmo#1450353)
    Integer overflow in nsJPEGEncoder::emptyOutputBuffer
  * CVE-2020-12423 (bmo#1642400)
    DLL Hijacking due to searching %PATH% for a library
  * CVE-2020-12424 (bmo#1562600)
    WebRTC permission prompt could have been bypassed by a
    compromised content process
  * CVE-2020-12425 (bmo#1634738)
    Out of bound read in Date.parse()
  * CVE-2020-12426 (bmo#1608068, bmo#1609951, bmo#1631187, bmo#1637682)
    Memory safety bugs fixed in Firefox 78
 - requires
  * NSS >= 3.53.1
  * nodejs >= 10.21
--- a/MozillaFirefox.spec
+++ b/MozillaFirefox.spec
@ -26,8 +26,8 @@
 # major 69
 # mainver %major.99
 %define major          78
-%define mainver        %major.0
+%define mainver        %major.0.1
-%define orig_version   78.0
+%define orig_version   78.0.1
 %define orig_suffix    %{nil}
 %define update_channel release
 %define branding       1
--- a/firefox-78.0.1.source.tar.xz
+++ b/firefox-78.0.1.source.tar.xz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:494d277b120028e036e2aee3f658d79afc895457dc6aadb1c02f0547ef1d66ca
 size 334523644
--- a/firefox-78.0.1.source.tar.xz.asc
+++ b/firefox-78.0.1.source.tar.xz.asc
@ -0,0 +1,16 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl772cYACgkQ8aZmj7t9
 Vy4ExxAAlNStxBXW0u1WtdvxDofC3GODPf6XcMdZVJc45JKJy3hLeBXk26NsaXki
 pxE0ySHKEdzdGMYG5U6JDP3XbUpEQcsazjLdeHERvxYsZBvy41sCRkQu+XITSP5z
 HmbvYA1r+H7j2+yPkbSkyjtZONADbRwnnhwCWpo5gRhny3v17EQy6vUFYHANxtDI
 DxRi6Uccko4kV4y8hdw/rdT+IxHJAvtucJFMONUgm1DUdy5QV1BuMAxHru3CW1NK
 7YlODbG/+u6OiTJdoczVjSxmLPlH4f02pAcWsijXDBeVSVwUI4ATckbPVIY/HL/U
 Z6n4c8jXeN/pkdEr4+jUENCqKP3JDq6bEPsD1c3megnhqtLN4gR1bTp7fS8Cm1gG
 8Nv34x/deg8LADyYMIS8arduYfzKgRt28cduGeqSdtjWQR7SqrQ1OXGP2npEp/wc
 xS+Q9WPh9BNfDuOWw87BdI+UZ/BdX2PTTTvdXlMCTU9wvjs7DGYeMFiSHCVkBoFZ
 c/We+9dHreTA0qiM1K/O2iwdbH0JF4yjfnqTQUqXVjtFQJRk/xtZ6Fd3Ddwhmmtb
 FGRkOjN9Z07NjXsos5dp3Qj7PFOlMwbYDlJ5oQGYZxo6qWKUkJoZSDv1DnWDwUVc
 dP9tJy/RQ+5AeKZVauqOdgVOyTKENEOhtsf0AJ+scnryJSH4mic=
 =vbhv
 -----END PGP SIGNATURE-----
--- a/firefox-78.0.source.tar.xz
+++ b/firefox-78.0.source.tar.xz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:291a593151e476e6c4b61e48a3bdd5a11896fbde6261dcad347d5b7df265a058
 size 333422136
--- a/firefox-78.0.source.tar.xz.asc
+++ b/firefox-78.0.source.tar.xz.asc
@ -1,16 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAl706/oACgkQ8aZmj7t9
 Vy7BQQ//e9w8ZTou1TaKhI8Wkd+NwpmqPgqpkqlfZ39/G0TACqEQQnUJh6EmYmxc
 lr3U82ePOoT0pOaH1qOJpoBQUlgODqxkL/RQjrkUnY+MfWvhdQqM3X7OaqOrVYue
 pwpNQ7wWCzirIgzVdHOD8CLw0aqYfJwu8Hbnu4kEadXWEck05YDcGHvpDdpfbQ3Z
 +DmkgIRGUjed1PCZxrB4rwFE4VWzPhKByLGBtfSbI+49AwXXt/TRzCYC8y0sfl1+
 mzLMO7K02xfquWpXwSY+cyDHW1WM76BdTKOCqswD3lsB7MJiA+HZ+h6HfVRGK4ov
 VLh2H1/0RfvjO9VUOtrSRUAevFpmRMuBHwtRNF0Zp2mjunSNeHRHIndWUPSbMp6F
 Ecvm+RNAIUHOtgi+mrzq9NIVIoi4F2KYNOTJQPR/vGGbvDUmnyXm0y5wLt7pAyIv
 d7LBV7BcTmCjmnWQG40QbhLpDyFF/wUoKkxXWySnPBu5V2UD2OzBnlQ+BIZyvSar
 jjGNLlWcwQ9TIZUFqYa3J3JQ23BRHYh4Nr40YDuEGZCJcdAslbFSRUeII0XxVa1k
 YqVHSU/C1Vsumxe/Yh5s2CppZAs+KyZ5YkRlZebBR+7mRd52fuoOSMgNbiSV5aOw
 qEV4RV82Cph/uITGPzxAn3TatGRP/tGdz3b5mi+Bwmveq+9Z1Q8=
 =FBW2
 -----END PGP SIGNATURE-----
--- a/l10n-78.0.1.tar.xz
+++ b/l10n-78.0.1.tar.xz
--- a/mozilla.sh.in
+++ b/mozilla.sh.in
@ -87,9 +87,11 @@ if [ "$XDG_SESSION_TYPE" = "wayland" ]; then
  export MOZ_ENABLE_WAYLAND=1
 fi
-# enable xinput2 (boo#1032003)
+# xinput2 (boo#1173320)
-# breaks too many things right now (boo#1053959)
+source /etc/os-release
-#export MOZ_USE_XINPUT2=1
+if [ "$ID" = "opensuse-tumbleweed" ]; then
  export MOZ_USE_XINPUT2=1
 fi
 moz_debug=0
 script_args=""
--- a/4
+++ b/4
@ -1,8 +1,8 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="78.0"
+VERSION="78.0.1"
 VERSION_SUFFIX=""
-PREV_VERSION="78.0b8"
+PREV_VERSION="78.0"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation