MozillaFirefox/tar_stamps

PRODUCT="firefox"
CHANNEL="release"
VERSION="73.0"
VERSION_SUFFIX=""
PREV_VERSION="73.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation

RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
RELEASE_TAG="816e7f29478180f322fb4731df776d3b7854f0f8"
RELEASE_TIMESTAMP="20200207195153"
- Mozilla Firefox 68.0 * Dark mode in reader view * Improved extension security and discovery * Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences * Camera and microphone access now require an HTTPS connection MFSA 2019-21 (bsc#1140868) * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) Sandbox escape via installation of malicious languagepack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11714 (bmo#1542593) NeckoChild can trigger crash when accessed off of main thread * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11716 (bmo#1552632) globalThis not enumerable until accessed * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11718 (bmo#1408349) Activity Stream writes unsanitized content to innerHTML * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748 2019-07-09 21:21:11 +00:00			`PRODUCT="firefox"`
- Mozilla Firefox 69.0 * Enhanced Tracking Protection (ETP) for stronger privacy protections * Block Autoplay feature is enhanced to give users the option to block any video * Users in the US or using the en-US browser, can get a new “New Tab” page experience connecting to the best of Pocket's content. * Support for the Web Authentication HmacSecret extension via Windows Hello introduced. * Support for receiving multiple video codecs with this release makes it easier for WebRTC conferencing services to mix video from different clients. - requires * rust/cargo >= 1.35 * rust-cbindgen >= 0.9.0 * mozilla-nss >= 3.45 - rebased patches * mozilla-bmo1504834-part1.patch (currently unused as it breaks LE) * mozilla-bmo1504834-part2.patch (currently unused as it breaks LE) * mozilla-bmo1504834-part3.patch (currently unused as it breaks LE) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=765 2019-09-09 06:28:12 +00:00			`CHANNEL="release"`
- Mozilla Firefox 73.0 * Added support for setting a default zoom level applicable for all web content * High-contrast mode has been updated to allow background images * Improved audio quality when playing back audio at a faster or slower speed * Added NextDNS as alternative option for DNS over HTTPS MFSA 2020-05 (bsc#1163368) * CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent process * CVE-2020-6797 (bmo#1596668) (MacOS X only) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6799 (bmo#1606596) (Windows only) Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851, bmo#1608580,bmo#1608785,bmo#1605777) Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 * CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492) Memory safety bugs fixed in Firefox 73 - updated requirements * rust >= 1.39 * NSS >= 3.49.2 * rust-cbindgen >= 0.12.0 - rebased patches - removed obsolete patch * mozilla-bmo1601707.patch OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802 2020-02-12 14:14:39 +00:00			`VERSION="73.0"`
- Mozilla Firefox 69.0 * Enhanced Tracking Protection (ETP) for stronger privacy protections * Block Autoplay feature is enhanced to give users the option to block any video * Users in the US or using the en-US browser, can get a new “New Tab” page experience connecting to the best of Pocket's content. * Support for the Web Authentication HmacSecret extension via Windows Hello introduced. * Support for receiving multiple video codecs with this release makes it easier for WebRTC conferencing services to mix video from different clients. - requires * rust/cargo >= 1.35 * rust-cbindgen >= 0.9.0 * mozilla-nss >= 3.45 - rebased patches * mozilla-bmo1504834-part1.patch (currently unused as it breaks LE) * mozilla-bmo1504834-part2.patch (currently unused as it breaks LE) * mozilla-bmo1504834-part3.patch (currently unused as it breaks LE) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=765 2019-09-09 06:28:12 +00:00			`VERSION_SUFFIX=""`
- Mozilla Firefox 73.0 * Added support for setting a default zoom level applicable for all web content * High-contrast mode has been updated to allow background images * Improved audio quality when playing back audio at a faster or slower speed * Added NextDNS as alternative option for DNS over HTTPS MFSA 2020-05 (bsc#1163368) * CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent process * CVE-2020-6797 (bmo#1596668) (MacOS X only) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6799 (bmo#1606596) (Windows only) Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851, bmo#1608580,bmo#1608785,bmo#1605777) Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 * CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492) Memory safety bugs fixed in Firefox 73 - updated requirements * rust >= 1.39 * NSS >= 3.49.2 * rust-cbindgen >= 0.12.0 - rebased patches - removed obsolete patch * mozilla-bmo1601707.patch OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802 2020-02-12 14:14:39 +00:00			`PREV_VERSION="73.0"`
- Mozilla Firefox 68.0 * Dark mode in reader view * Improved extension security and discovery * Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences * Camera and microphone access now require an HTTPS connection MFSA 2019-21 (bsc#1140868) * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) Sandbox escape via installation of malicious languagepack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11714 (bmo#1542593) NeckoChild can trigger crash when accessed off of main thread * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11716 (bmo#1552632) globalThis not enumerable until accessed * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11718 (bmo#1408349) Activity Stream writes unsanitized content to innerHTML * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748 2019-07-09 21:21:11 +00:00			`PREV_VERSION_SUFFIX=""`
			`#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation`

- Mozilla Firefox 71.0 * Improvements to Lockwise, our integrated password manager * More information about Enhanced Tracking Protection in action * Native MP3 decoding on Windows, Linux, and macOS * Configuration page (about:config) reimplemented in HTML * New kiosk mode functionality, which allows maximum screen space for customer-facing displays MFSA 2019-36 * CVE-2019-11756 (bmo#1508776) Use-after-free of SFTKSession object * CVE-2019-17008 (bmo#1546331) Use-after-free in worker destruction * CVE-2019-13722 (bmo#1580156) (Windows only) Stack corruption due to incorrect number of arguments in WebRTC code * CVE-2019-17014 (bmo#1322864) Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure * CVE-2019-17010 (bmo#1581084) Use-after-free when performing device orientation checks * CVE-2019-17005 (bmo#1584170) Buffer overflow in plain text serializer * CVE-2019-17011 (bmo#1591334) Use-after-free when retrieving a document in antitracking * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209 bmo#1580288, bmo#1585760, bmo#1592502) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937 bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865 bmo#1594181) Memory safety bugs fixed in Firefox 71 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789 2019-12-09 07:58:52 +00:00			`RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"`
- Mozilla Firefox 73.0 * Added support for setting a default zoom level applicable for all web content * High-contrast mode has been updated to allow background images * Improved audio quality when playing back audio at a faster or slower speed * Added NextDNS as alternative option for DNS over HTTPS MFSA 2020-05 (bsc#1163368) * CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent process * CVE-2020-6797 (bmo#1596668) (MacOS X only) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6799 (bmo#1606596) (Windows only) Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851, bmo#1608580,bmo#1608785,bmo#1605777) Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 * CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492) Memory safety bugs fixed in Firefox 73 - updated requirements * rust >= 1.39 * NSS >= 3.49.2 * rust-cbindgen >= 0.12.0 - rebased patches - removed obsolete patch * mozilla-bmo1601707.patch OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802 2020-02-12 14:14:39 +00:00			`RELEASE_TAG="816e7f29478180f322fb4731df776d3b7854f0f8"`
			`RELEASE_TIMESTAMP="20200207195153"`