diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes
index cf50caf..8f14921 100644
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Fri Mar 27 09:43:43 CET 2009 - wr@rosenauer.org
+
+- security update to 1.9.0.8 (bnc#488955,489411)
+  * MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217)
+      Crash and remote code execution in XSL transformation
+  * MFSA 2009-13/CVE-2009-1044 (bmo#484320)
+      Arbitrary code execution via XUL tree moveToEdgeShift
+- allow RPM provides for stuff besides shared libraries
+  (e.g. mime-types)
+
 -------------------------------------------------------------------
 Sun Mar  1 11:08:58 CET 2009 - wr@rosenauer.org
 
diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec
index 17d118a..5cb97d3 100644
--- a/MozillaFirefox.spec
+++ b/MozillaFirefox.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package MozillaFirefox (Version 3.0.7)
+# spec file for package MozillaFirefox (Version 3.0.8)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -26,7 +26,7 @@ BuildRequires:  fdupes
 License:        GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE (MPL/NPL)
 Provides:       web_browser
 Provides:       firefox
-Version:        3.0.7
+Version:        3.0.8
 Release:        1
 Summary:        Mozilla Firefox Web Browser
 Url:            http://www.mozilla.org/
@@ -58,8 +58,9 @@ Requires:       %{name}-branding >= 3.0
 %define _unpackaged_files_terminate_build 0
 %define _use_internal_dependency_generator 0
 %define __find_requires sh %{SOURCE4}
-%define __find_provides %{nil}
-%define releasedate 2009022800
+%global provfind sh -c "grep -v '.so' | %__find_provides"
+%global __find_provides %provfind
+%define releasedate 2009032600
 %define progname firefox
 %define progdir %{_prefix}/%_lib/%{progname}
 %if %suse_version > 1020
@@ -339,6 +340,14 @@ fi
 %{progdir}/defaults/profile/bookmarks.html
 
 %changelog
+* Fri Mar 27 2009 wr@rosenauer.org
+- security update to 1.9.0.8 (bnc#488955,489411)
+  * MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217)
+  Crash and remote code execution in XSL transformation
+  * MFSA 2009-13/CVE-2009-1044 (bmo#484320)
+  Arbitrary code execution via XUL tree moveToEdgeShift
+- allow RPM provides for stuff besides shared libraries
+  (e.g. mime-types)
 * Sun Mar 01 2009 wr@rosenauer.org
 - security update to 3.0.7 (bnc#478625)
   * MFSA 2009-07 - Crashes with evidence of memory corruption
diff --git a/firefox-3.0.7-source.tar.bz2 b/firefox-3.0.7-source.tar.bz2
deleted file mode 100644
index b35f78c..0000000
--- a/firefox-3.0.7-source.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0536214eae6ee315363c17deb5ad49d2256141f36bebba7f39cca3f5343f5bf3
-size 36900484
diff --git a/firefox-3.0.8-source.tar.bz2 b/firefox-3.0.8-source.tar.bz2
new file mode 100644
index 0000000..9297abc
--- /dev/null
+++ b/firefox-3.0.8-source.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cf272b6be6733500fed37e42147cc8082291577ec6ad752a8f73b9b12d21e490
+size 36921714
diff --git a/l10n-3.0.7.tar.bz2 b/l10n-3.0.7.tar.bz2
deleted file mode 100644
index d14a407..0000000
--- a/l10n-3.0.7.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:cdffc42fbb363c61fa2d0ab0cbf9ddd58fd26e5f6b65b59e1042e723186a7027
-size 29348350
diff --git a/l10n-3.0.8.tar.bz2 b/l10n-3.0.8.tar.bz2
new file mode 100644
index 0000000..f8ff819
--- /dev/null
+++ b/l10n-3.0.8.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:47fc0ea01c4d0030a6469f611d29133c3dbad3994d8d5ed5f115b02ddf11bde8
+size 29350258