a9628fa6ae
* https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ MFSA 2020-08 (bsc#1166238) * CVE-2020-6805 (bmo#1610880) Use-after-free when removing data about origins * CVE-2020-6806 (bmo#1612308) BodyStream::OnInputStreamReady was missing protections against state confusion * CVE-2020-6807 (bmo#1614971) Use-after-free in cubeb during stream destruction * CVE-2020-6808 (bmo#1247968) URL Spoofing via javascript: URL * CVE-2020-6809 (bmo#1420296) Web Extensions with the all-urls permission could access local files * CVE-2020-6810 (bmo#1432856) Focusing a popup while in fullscreen could have obscured the fullscreen notification * CVE-2020-6811 (bmo#1607742) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2019-20503 (bmo#1613765) Out of bounds reads in sctp_load_addresses_from_init * CVE-2020-6812 (bmo#1616661) The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission * CVE-2020-6813 (bmo#1605814) @import statements in CSS could bypass the Content Security Policy nonce feature * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636, OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809
12 lines
341 B
Plaintext
12 lines
341 B
Plaintext
PRODUCT="firefox"
|
|
CHANNEL="release"
|
|
VERSION="74.0"
|
|
VERSION_SUFFIX=""
|
|
PREV_VERSION="73.0.1"
|
|
PREV_VERSION_SUFFIX=""
|
|
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
|
|
|
|
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
|
|
RELEASE_TAG="c6e493873ba543907dadabb42b64208a3679d43d"
|
|
RELEASE_TIMESTAMP="20200309095159"
|