Commit Graph

526 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
a5dab91aeb - Mozilla Firefox 74.0.1
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=817
2020-04-03 15:25:40 +00:00
Wolfgang Rosenauer
a35404cae9 - mozilla-sandbox-fips.patch: allow /proc/sys/crypto/fips_enabled
to be read, as openssl 1.1.1 FIPS aborts if it cannot access it
  (bsc#1167132)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=814
2020-03-25 09:43:20 +00:00
Wolfgang Rosenauer
b2d5e2d474 Accepting request 788017 from home:msmeissn:branches:mozilla:Factory
- firefox-fips.patch: allow /proc/sys/crypto/fips_enabled to be read, as openssl 1.1.1 
  FIPS aborts if it cannot access it (bsc#1167132)

OBS-URL: https://build.opensuse.org/request/show/788017
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=813
2020-03-25 09:12:06 +00:00
Wolfgang Rosenauer
6e7a64221e (bmo#1609538, boo#1166471)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=810
2020-03-12 19:15:11 +00:00
Wolfgang Rosenauer
db2c7e2e1d - Mozilla Firefox 74.0
* https://www.mozilla.org/en-US/firefox/74.0/releasenotes/
  MFSA 2020-08 (bsc#1166238)
  * CVE-2020-6805 (bmo#1610880)
    Use-after-free when removing data about origins
  * CVE-2020-6806 (bmo#1612308)
    BodyStream::OnInputStreamReady was missing protections against
    state confusion
  * CVE-2020-6807 (bmo#1614971)
    Use-after-free in cubeb during stream destruction
  * CVE-2020-6808 (bmo#1247968)
    URL Spoofing via javascript: URL
  * CVE-2020-6809 (bmo#1420296)
    Web Extensions with the all-urls permission could access local
    files
  * CVE-2020-6810 (bmo#1432856)
    Focusing a popup while in fullscreen could have obscured the
    fullscreen notification
  * CVE-2020-6811 (bmo#1607742)
    Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection
  * CVE-2019-20503 (bmo#1613765)
    Out of bounds reads in sctp_load_addresses_from_init
  * CVE-2020-6812 (bmo#1616661)
    The names of AirPods with personally identifiable information
    were exposed to websites with camera or microphone permission
  * CVE-2020-6813 (bmo#1605814)
    @import statements in CSS could bypass the Content Security
    Policy nonce feature
  * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636,

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809
2020-03-12 19:14:24 +00:00
Wolfgang Rosenauer
c84acea70d - big endian fixes
* mozilla-bmo1610814.patch (boo#1164845, bmo#1610814)
    (bmo#1614535, boo#1164646)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=807
2020-02-26 08:14:44 +00:00
Wolfgang Rosenauer
1a4ad4356c Accepting request 779145 from home:Guillaume_G:branches:openSUSE:Factory:ARM
- Fix build on aarch64/armv7 with:
  * mozilla-bmo1610814.patch - boo#1164845

OBS-URL: https://build.opensuse.org/request/show/779145
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=806
2020-02-26 08:05:26 +00:00
Wolfgang Rosenauer
4c39376e57 - Mozilla Firefox 73.0.1
* Resolved problems connecting to the RBC Royal Bank website
    (bmo#1613943)
  * Fixed Firefox unexpectedly exiting when leaving Print Preview mode
    (bmo#1611133)
  * Fixed crashes when playing encrypted content on some Linux systems
    (bmo#1614535)
- start in wayland mode when running under wayland session

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=804
2020-02-20 13:56:27 +00:00
Wolfgang Rosenauer
ee64c038d1 - Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
    web content
  * High-contrast mode has been updated to allow background images
  * Improved audio quality when playing back audio at a faster or
    slower speed
  * Added NextDNS as alternative option for DNS over HTTPS
  MFSA 2020-05 (bsc#1163368)
  * CVE-2020-6796 (bmo#1610426)
    Missing bounds check on shared memory read in the parent process
  * CVE-2020-6797 (bmo#1596668) (MacOS X only)
    Extensions granted downloads.open permission could open arbitrary
    applications on Mac OSX
  * CVE-2020-6798 (bmo#1602944)
    Incorrect parsing of template tag could result in JavaScript injection
  * CVE-2020-6799 (bmo#1606596) (Windows only)
    Arbitrary code execution when opening pdf links from other
    applications, when Firefox is configured as default pdf reader
  * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
    bmo#1608580,bmo#1608785,bmo#1605777)
    Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
  * CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
    Memory safety bugs fixed in Firefox 73
- updated requirements
  * rust >= 1.39
  * NSS >= 3.49.2
  * rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
  * mozilla-bmo1601707.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 14:14:39 +00:00
Wolfgang Rosenauer
6cbff7e4d5 Accepting request 767929 from home:hellcp:branches:mozilla:Factory
- Use a symbolic icon from branding internals
- Pixmaps no longer required for the desktops

OBS-URL: https://build.opensuse.org/request/show/767929
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=800
2020-02-02 19:26:07 +00:00
Wolfgang Rosenauer
4413154c94 - Mozilla Firefox 72.0.2
* Various stability fixes
  * Fixed issues opening files with spaces in their path (bmo#1601905)
  * Fixed a hang opening about:logins when a master password is set
    (bmo#1606992)
  * Fixed a web compatibility issue with CSS Shadow Parts which
    shipped in Firefox 72 (bmo#1604989)
  * Fixed inconsistent playback performance for fullscreen 1080p
    videos on some systems (bmo#1608485)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=798
2020-01-22 10:33:47 +00:00
Wolfgang Rosenauer
30f52e970b Accepting request 766087 from home:Guillaume_G:branches:openSUSE:Factory:ARM
- Fix build for aarch64/ppc64le (do not update config.sub file
  for libbacktrace)

OBS-URL: https://build.opensuse.org/request/show/766087
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=797
2020-01-22 10:26:26 +00:00
Wolfgang Rosenauer
1b198ccf59 MFSA 2020-01 (bsc#1160305)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=795
2020-01-09 07:35:03 +00:00
Wolfgang Rosenauer
846912c581 MFSA 2020-03 (bsc#1160498)
* CVE-2019-17026 (bmo#1607443)
    IonMonkey type confusion with StoreElementHole and FallibleStoreElement

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=794
2020-01-09 07:31:08 +00:00
Wolfgang Rosenauer
214938d990 - Mozilla Firefox 72.0.1
- Mozilla Firefox 72.0
  * block fingerprinting scripts by default
  * new notification pop-ups
  * Picture-in-picture video
  MFSA 2020-01
  * CVE-2019-17016 (bmo#1599181)
    Bypass of @namespace CSS sanitization during pasting
  * CVE-2019-17017 (bmo#1603055)
    Type Confusion in XPCVariant.cpp
  * CVE-2019-17020 (bmo#1597645)
    Content Security Policy not applied to XSL stylesheets applied
    to XML documents
  * CVE-2019-17022 (bmo#1602843)
    CSS sanitization does not escape HTML tags
  * CVE-2019-17023 (bmo#1590001) (fixed in NSS FIXME)
    NSS may negotiate TLS 1.2 or below after a TLS 1.3
    HelloRetryRequest had been sent
  * CVE-2019-17024 (bmo#1507180,bmo#1595470,bmo#1598605,bmo#1601826)
    Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
  * CVE-2019-17025 (bmo#1328295,bmo#1328300,bmo#1590447,bmo#1590965
    bmo#1595692,bmo#1597321,bmo#1597481)
    Memory safety bugs fixed in Firefox 72
- update create-tar.sh to skip compare-locales
- requires NSPR 4.24 and NSS 3.48
- removed usage of browser-plugins convention for NPAPI plugins
  from start wrapper and changed the RPM macro to the
  /usr/$LIB/mozilla/plugins location (boo#1160302)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=793
2020-01-08 11:59:18 +00:00
Wolfgang Rosenauer
8ef71797b4 - added mozilla-bmo1601707.patch to fix gcc/LTO builds
(bmo#1601707, boo#1158466)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=791
2019-12-18 17:50:22 +00:00
Wolfgang Rosenauer
80c5d44876 - added mozilla-bmo849632.patch to fix big endian issues in skia
used for WebGL

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=790
2019-12-10 08:08:57 +00:00
Wolfgang Rosenauer
7e39194693 - Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
  * More information about Enhanced Tracking Protection in action
  * Native MP3 decoding on Windows, Linux, and macOS
  * Configuration page (about:config) reimplemented in HTML
  * New kiosk mode functionality, which allows maximum screen space
    for customer-facing displays
  MFSA 2019-36
  * CVE-2019-11756 (bmo#1508776)
    Use-after-free of SFTKSession object
  * CVE-2019-17008 (bmo#1546331)
    Use-after-free in worker destruction
  * CVE-2019-13722 (bmo#1580156) (Windows only)
    Stack corruption due to incorrect number of arguments in WebRTC code
  * CVE-2019-17014 (bmo#1322864)
    Dragging and dropping a cross-origin resource, incorrectly loaded
    as an image, could result in information disclosure
  * CVE-2019-17010 (bmo#1581084)
    Use-after-free when performing device orientation checks
  * CVE-2019-17005 (bmo#1584170)
    Buffer overflow in plain text serializer
  * CVE-2019-17011 (bmo#1591334)
    Use-after-free when retrieving a document in antitracking
  * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
    bmo#1580288, bmo#1585760, bmo#1592502)
    Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
  * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
    bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
    bmo#1594181)
    Memory safety bugs fixed in Firefox 71

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 07:58:52 +00:00
Wolfgang Rosenauer
eda563f611 - Mozilla Firefox 70.0.1
* Fix for an issue that caused some websites or page elements using
    dynamic JavaScript to fail to load. (bmo#1592136)
  * Title bar no longer shows in full screen view (bmo#1588747)
- added mozilla-bmo1504834-part4.patch to fix some visual issues on
  big endian platforms

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=787
2019-11-01 14:24:05 +00:00
Wolfgang Rosenauer
4685228ce1 - Mozilla Firefox 70.0
* more privacy protections from Enhanced Tracking Protection
  * Firefox Lockwise passwordmanager
  * Improvements to core engine components, for better browsing on more sites
  * Improved privacy and security indicators
  MFSA 2019-34
  * CVE-2018-6156 (bmo#1480088)
    Heap buffer overflow in FEC processing in WebRTC
  * CVE-2019-15903 (bmo#1584907)
    Heap overflow in expat library in XML_GetCurrentLineNumber
  * CVE-2019-11757 (bmo#1577107)
    Use-after-free when creating index updates in IndexedDB
  * CVE-2019-11759 (bmo#1577953)
    Stack buffer overflow in HKDF output
  * CVE-2019-11760 (bmo#1577719)
    Stack buffer overflow in WebRTC networking
  * CVE-2019-11761 (bmo#1561502)
    Unintended access to a privileged JSONView object
  * CVE-2019-11762 (bmo#1582857)
    document.domain-based origin isolation has same-origin-property violation
  * CVE-2019-11763 (bmo#1584216)
    Incorrect HTML parsing results in XSS bypass technique
  * CVE-2019-11765 (bmo#1562582)
    Incorrect permissions could be granted to a website
  * CVE-2019-17000 (bmo#1441468)
    CSP bypass using object tag with data: URI
  * CVE-2019-17001 (bmo#1587976)
    CSP bypass using object tag when script-src 'none' is specified
  * CVE-2019-17002 (bmo#1561056)
    upgrade-insecure-requests was not being honored for links dragged and dropped

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=786
2019-10-25 09:13:30 +00:00
Wolfgang Rosenauer
4dc35f45b0 - Mozilla Firefox 69.0.3
* Fixed Yahoo mail users being prompted to download files when
    clicking on emails (bmo#1582848)
- devel package build can easily be disabled now

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=783
2019-10-13 16:07:47 +00:00
Wolfgang Rosenauer
4b9fc308f3 * Fixed a crash when editing files on Office 365 websites (bmo#1579858)
* Fixed a Linux-only crash when changing the playback speed while
    watching YouTube videos (bmo#1582222)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=781
2019-10-04 12:31:42 +00:00
Wolfgang Rosenauer
5642edf99e - extension preferences moved from branding package to core package
(packaging but not branding specific)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=779
2019-10-03 20:32:17 +00:00
Wolfgang Rosenauer
d303d78eb4 - Mozilla Firefox 69.0.2
- updated supported locale list
- remove obsolete kde.js setting (boo#1151186) and related patch
  firefox-add-kde.js-in-order-to-survive-PGO-build.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=778
2019-10-03 08:42:59 +00:00
Wolfgang Rosenauer
5f35e0f9e2 - add mozilla-fix-top-level-asm.patch to fix LTO build (w/o PGO)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=775
2019-09-25 12:32:05 +00:00
Wolfgang Rosenauer
df898f1059 - update create-tar.sh to latest revision and adjusted tar_stamps
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=773
2019-09-25 11:40:52 +00:00
Wolfgang Rosenauer
bbc11438a2 (contributed by Bernhard Wiedemann)
- Make build verbose (contributed by Martin Liška)
- remove obsolete kde.js setting (boo#1151186)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=772
2019-09-25 11:38:27 +00:00
Wolfgang Rosenauer
05dad937b9 Accepting request 733089 from home:bmwiedemann:branches:mozilla:Factory
Allow to build without profile guided optimizations (boo#1040589)

OBS-URL: https://build.opensuse.org/request/show/733089
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=771
2019-09-25 08:59:57 +00:00
Wolfgang Rosenauer
42f080f490 Accepting request 732112 from home:marxin:branches:mozilla:Factory
- Make build verbose.

OBS-URL: https://build.opensuse.org/request/show/732112
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=769
2019-09-20 10:17:52 +00:00
Wolfgang Rosenauer
6dbd83543a - Mozilla Firefox 69.0.1
* Fixed external programs launching in the background when clicking
    a link from inside Firefox to launch them (bmo#1570845)
  * Usability improvements to the Add-ons Manager for users with
    screen readers (bmo#1567600)
  * Fixed the Captive Portal notification bar not being dismissable
    in some situations after login is complete (bmo#1578633)
  * Fixed the maximum size of fonts in Reader Mode when zoomed (bmo#1578454)
  * Fixed missing stacks in the Developer Tools Performance section
    (bmo#1578354)
  MFSA 2019-31
  * CVE-2019-11754 (bmo#1580506)
    Pointer Lock is enabled with no user notification
- disable DOH by default

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=768
2019-09-20 07:16:58 +00:00
Wolfgang Rosenauer
f4232f868e * mozilla-bmo1504834-part1.patch
* mozilla-bmo1504834-part2.patch
  * mozilla-bmo1504834-part3.patch
  * mozilla-bmo1512162.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=766
2019-09-12 21:14:35 +00:00
Wolfgang Rosenauer
c09b76bede - Mozilla Firefox 69.0
* Enhanced Tracking Protection (ETP) for stronger privacy protections
  * Block Autoplay feature is enhanced to give users the option to block
    any video
  * Users in the US or using the en-US browser, can get a new “New Tab”
    page experience connecting to the best of Pocket's content.
  * Support for the Web Authentication HmacSecret extension via
    Windows Hello introduced.
  * Support for receiving multiple video codecs with this release makes
    it easier for WebRTC conferencing services to mix video from
    different clients.
- requires
  * rust/cargo >= 1.35
  * rust-cbindgen >= 0.9.0
  * mozilla-nss >= 3.45
- rebased patches
  * mozilla-bmo1504834-part1.patch (currently unused as it breaks LE)
  * mozilla-bmo1504834-part2.patch (currently unused as it breaks LE)
  * mozilla-bmo1504834-part3.patch (currently unused as it breaks LE)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=765
2019-09-09 06:28:12 +00:00
Wolfgang Rosenauer
74d23cbbdc - added a bunch of patches mainly for big endian platforms
* mozilla-bmo1504834-part1.patch
  * mozilla-bmo1504834-part2.patch
  * mozilla-bmo1504834-part3.patch
  * mozilla-bmo1511604.patch
  * mozilla-bmo1554971.patch
  * mozilla-bmo1573381.patch
  * mozilla-nestegg-big-endian.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=763
2019-09-05 12:57:01 +00:00
Wolfgang Rosenauer
f633f8cbba - Mozilla Firefox 68.1.0
MFSA 2019-26
  * CVE-2019-11751 (bmo#1572838; Windows only)
    Malicious code execution through command line parameters
  * CVE-2019-11746 (bmo#1564449)
    Use-after-free while manipulating video
  * CVE-2019-11744 (bmo#1562033)
    XSS by breaking out of title and textarea elements using innerHTML
  * CVE-2019-11742 (bmo#1559715)
    Same-origin policy violation with SVG filters and canvas to steal
    cross-origin images
  * CVE-2019-11736 (bmo#1551913, bmo#1552206; Windows only))
    File manipulation and privilege escalation in Mozilla Maintenance Service
  * CVE-2019-11753 (bmo#1574980; Windows only)
    Privilege escalation with Mozilla Maintenance Service in custom
    Firefox installation location
  * CVE-2019-11752 (bmo#1501152)
    Use-after-free while extracting a key value in IndexedDB
  * CVE-2019-9812 (bmo#1538008, bmo#1538015)
    Sandbox escape through Firefox Sync
  * CVE-2019-11743 (bmo#1560495)
    Cross-origin access to unload event attributes
  * CVE-2019-11748 (bmo#1564588)
    Persistence of WebRTC permissions in a third party context
  * CVE-2019-11749 (bmo#1565374)
    Camera information available without prompting using getUserMedia
  * CVE-2019-11750 (bmo#1568397)
    Type confusion in Spidermonkey
  * CVE-2019-11738 (bmo#1452037)
    Content security policy bypass through hash-based sources in directives

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=760
2019-09-04 08:35:37 +00:00
Wolfgang Rosenauer
2313923257 Accepting request 724187 from home:jbrielmaier:ppc64le
Sadly there is now better solution at the moment. A deeper look from upstream is necessary, it also could be some compiler bug. I'll watch the upstream bug closely.

I verified that the workaround actually fixes the problem on my ppc64le workstation :)

OBS-URL: https://build.opensuse.org/request/show/724187
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=758
2019-08-20 07:58:20 +00:00
Wolfgang Rosenauer
067cb127f1 Accepting request 724472 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 68.0.2 MFSA 2019-24 (boo#1145665) CVE-2019-11733

OBS-URL: https://build.opensuse.org/request/show/724472
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=757
2019-08-19 06:30:53 +00:00
Wolfgang Rosenauer
2ae7171a4c Accepting request 720873 from home:Guillaume_G:branches:mozilla:Factory
Update build constraints to fix arm builds

OBS-URL: https://build.opensuse.org/request/show/720873
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=755
2019-08-06 07:53:11 +00:00
Wolfgang Rosenauer
69f0a4b612 - Mozilla Firefox 68.0.1
* Fixed missing Full Screen button when watching videos in full
    screen mode on HBO GO (bmo#1562837)
  * Fixed a bug causing incorrect messages to appear for some
    locales when sites try to request the use of the Storage
    Access API (bmo#1558503)
  * Users in Russian regions may have their default search engine
    changed (bmo#1565315)
  * Built-in search engines in some locales do not function
    correctly (bmo#1565779)
  * SupportMenu policy doesn't always work (bmo#1553290)
  * Allow the privacy.file_unique_origin pref to be controlled by
    policy (bmo#1563759)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=753
2019-07-19 14:43:08 +00:00
Wolfgang Rosenauer
8923fa08c3 Accepting request 714628 from home:jirislaby:branches:mozilla:Factory
- add fix-build-after-y2038-changes-in-glibc.patch

OBS-URL: https://build.opensuse.org/request/show/714628
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=752
2019-07-15 15:15:08 +00:00
Wolfgang Rosenauer
c6a711605e Accepting request 714438 from home:bmwiedemann:branches:mozilla:Factory
Generate langpacks sequentially to avoid file corruption from racy file writes (boo#1137970)

OBS-URL: https://build.opensuse.org/request/show/714438
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=750
2019-07-11 13:04:54 +00:00
Wolfgang Rosenauer
f1498ec6ec * added firefox-add-kde.js-in-order-to-survive-PGO-build.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=749
2019-07-10 06:15:59 +00:00
Wolfgang Rosenauer
6dafe68fc5 - Mozilla Firefox 68.0
* Dark mode in reader view
  * Improved extension security and discovery
  * Cryptomining and fingerprinting protections are added to strict
    content blocking settings in Privacy & Security preferences
  * Camera and microphone access now require an HTTPS connection
  MFSA 2019-21 (bsc#1140868)
  * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
    Sandbox escape via installation of malicious languagepack
  * CVE-2019-11711 (bmo#1552541)
    Script injection within domain through inner window reuse
  * CVE-2019-11712 (bmo#1543804)
    Cross-origin POST requests can be made with NPAPI plugins by
    following 308 redirects
  * CVE-2019-11713 (bmo#1528481)
    Use-after-free with HTTP/2 cached stream
  * CVE-2019-11714 (bmo#1542593)
    NeckoChild can trigger crash when accessed off of main thread
  * CVE-2019-11729 (bmo#1515342)
    Empty or malformed p256-ECDH public keys may trigger a segmentation fault
  * CVE-2019-11715 (bmo#1555523)
    HTML parsing error can contribute to content XSS
  * CVE-2019-11716 (bmo#1552632)
    globalThis not enumerable until accessed
  * CVE-2019-11717 (bmo#1548306)
    Caret character improperly escaped in origins
  * CVE-2019-11718 (bmo#1408349)
    Activity Stream writes unsanitized content to innerHTML
  * CVE-2019-11719 (bmo#1540541)
    Out-of-bounds read when importing curve25519 private key

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748
2019-07-09 21:21:11 +00:00
Wolfgang Rosenauer
cd62703825 - Enable PGO for x86_64.
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=747
2019-07-08 08:37:13 +00:00
Wolfgang Rosenauer
0dcd4b5002 Accepting request 713071 from home:marxin:branches:mozilla:Factory
- Enable PGO for x86_64.

OBS-URL: https://build.opensuse.org/request/show/713071
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=746
2019-07-02 20:43:20 +00:00
Wolfgang Rosenauer
d5e1634312 - Mozilla Firefox 67.0.4
MFSA 2019-19 (boo#1138872)
  * CVE-2019-11708 (bmo#1559858)
    sandbox escape using Prompt:Open

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=744
2019-06-20 19:02:43 +00:00
Wolfgang Rosenauer
192b3d63ef MFSA 2019-18 (boo#1138614)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=743
2019-06-18 20:41:18 +00:00
Wolfgang Rosenauer
287311f811 - Mozilla Firefox 67.0.3
MFSA 2019-18
  * CVE-2019-11707 (bmo#1544386)
    Type confusion in Array.pop

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=742
2019-06-18 18:51:07 +00:00
Wolfgang Rosenauer
a85995a18f - Mozilla Firefox 67.0.2
* Fixed: Fix JavaScript error ("TypeError: data is null in
    PrivacyFilter.jsm") in console which may significantly degrade
    sessionstore reliability and performance (bmo#1553413)
  * Fixed: Proxy authentication dialog box repeatedly pops up
    asking to authenticate after upgrading to Firefox 67 (bmo#1548804)
  * Fixed: Pearson MyCloud breaks if FIDO U2F is not Chrome's
    implementation (bmo#1551282)
  * Fixed: Starting in safe mode on Linux or macOS causes Firefox
    to think on the subsequent launch that the profile is too
    recent to be used with this version of Firefox (bmo#1556612)
  * Fixed: Linux distribution users can't easily install/use
    additional/different languages using the built-in preferences
    UI (bmo#1554744)
  * Fixed: Developer tools users can't copy the href/src content
    from various HTML tags via the context menu in the Inspector
    markup view (bmo#1552275)
  * Fixed: Custom home page is broken with clearing data on shutdown
    settings applied (bmo#1554167)
  * Fixed: Performance-regression for eclipse RAP based applications
    (bmo#1555962)
  * Fixed: macOS 10.15 crash fix (bmo#1556076)
  * Fixed: Can't start two downloads in parallel via <a download>
    anymore (bmo#1542912)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=741
2019-06-12 21:30:01 +00:00
Wolfgang Rosenauer
67e4feaf97 - Mozilla Firefox 67.0.1
* enable enhanced tracking protection by default for new users
  * upgrade of Facebook container to version 2.0
  * new version of Firefox Lockwise (password management)
  * new version of Firefox Monitor
  * Firefox Send improvements

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=740
2019-06-09 08:21:04 +00:00
Wolfgang Rosenauer
2a97134362 MFSA 2019-13 (boo#1135824)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=737
2019-05-23 07:51:20 +00:00