pool/MozillaFirefox
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* https://www.mozilla.org/en-US/firefox/82.0/releasenotes/

Browse Source 
MFSA 2020-45 (bsc#1177872)
  * CVE-2020-15969 (bmo#1666570)
    Use-after-free in usersctp
  * CVE-2020-15254 (bmo#1668514)
    Undefined behavior in bounded channel of crossbeam rust crate
  * CVE-2020-15680 (bmo#1658881)
    Presence of external protocol handlers could be determined
    through image tags
  * CVE-2020-15681 (bmo#1666568)
    Multiple WASM threads may have overwritten each others' stub
    table entries
  * CVE-2020-15682 (bmo#1636654)
    The domain associated with the prompt to open an external
    protocol could be spoofed to display the incorrect origin
  * CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954,
    bmo#1662760, bmo#1663439, bmo#1666140)
    Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
  * CVE-2020-15684 (bmo#1653764, bmo#1661402, bmo#1662259,
    bmo#1664257)
    Memory safety bugs fixed in Firefox 82

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=864
This commit is contained in:
Wolfgang Rosenauer 2020-10-21 09:43:59 +00:00 committed by Git OBS Bridge
parent 3505fbb031
commit 9d0a0f0165
2 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
MozillaFirefox.changes
View File

@ -2,6 +2,27 @@
Thu Oct 15 20:44:47 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
- Mozilla Firefox 82.0
* https://www.mozilla.org/en-US/firefox/82.0/releasenotes/
MFSA 2020-45 (bsc#1177872)
* CVE-2020-15969 (bmo#1666570)
Use-after-free in usersctp
* CVE-2020-15254 (bmo#1668514)
Undefined behavior in bounded channel of crossbeam rust crate
* CVE-2020-15680 (bmo#1658881)
Presence of external protocol handlers could be determined
through image tags
* CVE-2020-15681 (bmo#1666568)
Multiple WASM threads may have overwritten each others' stub
table entries
* CVE-2020-15682 (bmo#1636654)
The domain associated with the prompt to open an external
protocol could be spoofed to display the incorrect origin
* CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954,
bmo#1662760, bmo#1663439, bmo#1666140)
Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
* CVE-2020-15684 (bmo#1653764, bmo#1661402, bmo#1662259,
bmo#1664257)
Memory safety bugs fixed in Firefox 82
- requires
* NSPR 4.29
* NSS 3.57

7
MozillaFirefox.spec
View File

@ -558,8 +558,13 @@ ac_add_options --enable-official-branding
%endif
EOF
%ifarch %ix86
%define njobs 1
%else
%define njobs 0%{?jobs:%jobs}
%endif
sed -r '/^(ja-JP-mac|ga-IE|en-US|)$/d;s/ .*$//' $RPM_BUILD_DIR/%{srcname}-%{orig_version}/browser/locales/shipped-locales \
| xargs -n 1 %{?jobs:-P %jobs} -I {} /bin/sh -c '
| xargs -n 1 %{?njobs:-P %njobs} -I {} /bin/sh -c '
locale=$1
cp ${MOZCONFIG}_LANG ${MOZCONFIG}_$locale
sed -i "s|obj_LANG|obj_$locale|" ${MOZCONFIG}_$locale