* https://www.mozilla.org/en-US/firefox/116.0/releasenotes/

MFSA 2023-29 (bsc#1213746) * CVE-2023-4045 (bmo#1833876) Offscreen Canvas could have bypassed cross-origin restrictions * CVE-2023-4046 (bmo#1837686) Incorrect value used during WASM compilation * CVE-2023-4047 (bmo#1839073) Potential permissions request bypass via clickjacking * CVE-2023-4048 (bmo#1841368) Crash in DOMParser due to out-of-memory conditions * CVE-2023-4049 (bmo#1842658) Fix potential race conditions when releasing platform objects * CVE-2023-4050 (bmo#1843038) Stack buffer overflow in StorageManager * CVE-2023-4051 (bmo#1821884) Full screen notification obscured by file open dialog * CVE-2023-4052 (bmo#1824420) File deletion and privilege escalation through Firefox uninstaller * CVE-2023-4053 (bmo#1839079) Full screen notification obscured by external program * CVE-2023-4054 (bmo#1840777) Lack of warning when opening appref-ms files * CVE-2023-4055 (bmo#1782561) Cookie jar overflow caused unexpected cookie jar state * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325, bmo#1843847) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 * CVE-2023-4057 (bmo#1841682) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1080
2023-08-02 07:26:14 +00:00 · 2023-08-02 07:26:14 +00:00 · 03b7e7950d
commit 03b7e7950d
parent 8197a462a5
2 changed files with 36 additions and 3 deletions
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@ -2,6 +2,39 @@
 Sun Jul 30 19:55:49 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>

 - Mozilla Firefox 116.0
+  * https://www.mozilla.org/en-US/firefox/116.0/releasenotes/
+  MFSA 2023-29 (bsc#1213746)
+  * CVE-2023-4045 (bmo#1833876)
+    Offscreen Canvas could have bypassed cross-origin restrictions
+  * CVE-2023-4046 (bmo#1837686)
+    Incorrect value used during WASM compilation
+  * CVE-2023-4047 (bmo#1839073)
+    Potential permissions request bypass via clickjacking
+  * CVE-2023-4048 (bmo#1841368)
+    Crash in DOMParser due to out-of-memory conditions
+  * CVE-2023-4049 (bmo#1842658)
+    Fix potential race conditions when releasing platform objects
+  * CVE-2023-4050 (bmo#1843038)
+    Stack buffer overflow in StorageManager
+  * CVE-2023-4051 (bmo#1821884)
+    Full screen notification obscured by file open dialog
+  * CVE-2023-4052 (bmo#1824420)
+    File deletion and privilege escalation through Firefox uninstaller
+  * CVE-2023-4053 (bmo#1839079)
+    Full screen notification obscured by external program
+  * CVE-2023-4054 (bmo#1840777)
+    Lack of warning when opening appref-ms files
+  * CVE-2023-4055 (bmo#1782561)
+    Cookie jar overflow caused unexpected cookie jar state
+  * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235,
+    bmo#1842325, bmo#1843847)
+    Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
+    Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
+  * CVE-2023-4057 (bmo#1841682)
+    Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
+    and Thunderbird 115.1
+  * CVE-2023-4058 (bmo#1819160, bmo#1828024)
+    Memory safety bugs fixed in Firefox 116
 - require NSS 3.91
 - remove obsolete mozilla-fix-top-level-asm.patch
 - re-enable LTO
--- a/MozillaFirefox.spec
+++ b/MozillaFirefox.spec
@ -114,7 +114,7 @@ BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.35
-BuildRequires:  mozilla-nss-devel >= 3.90
+BuildRequires:  mozilla-nss-devel >= 3.91
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs >= 12.22.12
 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@ -388,7 +388,7 @@ export CFLAGS="\$CFLAGS -fimplicit-constexpr"
 %endif
 %ifarch %arm %ix86
 # Limit RAM usage during link
-export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads"
+export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads -Wl,--no-map-whole-files -Wl,--no-mmap-output-file"
 # A lie to prevent -Wl,--gc-sections being set which requires more memory than 32bit can offer
 export GC_SECTIONS_BREAKS_DEBUG_RANGES=yes
 %endif
@ -408,7 +408,7 @@ EOF
 # Done with env-variables.
 source ./.obsenv.sh

-%ifarch aarch64 %arm ppc64 ppc64le riscv64
+%ifarch aarch64 %arm ppc64 ppc64le riscv64 %ix86
 %limit_build -m 2500
 %endif