From efa14df02cd9c1f8e040e09f4c6cc11b2689eafc2f52fa8047091287a48b8c7b Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Fri, 13 Aug 2021 21:34:50 +0000
Subject: [PATCH] MFSA 2021-33 (bsc#1188891)   * CVE-2021-29986 (bmo#1696138)  
   Race condition when resolving DNS names could have led to     memory
 corruption   * CVE-2021-29981 (bmo#1707774)     Live range splitting could
 have led to conflicting     assignments in the JIT   * CVE-2021-29988
 (bmo#1717922)     Memory corruption as a result of incorrect style treatment 
  * CVE-2021-29983 (bmo#1719088)     Firefox for Android could get stuck in
 fullscreen mode   * CVE-2021-29984 (bmo#1720031)     Incorrect instruction
 reordering during JIT optimization   * CVE-2021-29980 (bmo#1722204)    
 Uninitialized memory in a canvas object could have led to     memory
 corruption   * CVE-2021-29987 (bmo#1716129)     Users could have been tricked
 into accepting unwanted     permissions on Linux   * CVE-2021-29985
 (bmo#1722083)     Use-after-free media channels   * CVE-2021-29982
 (bmo#1715318)     Single bit data leak due to incorrect JIT optimization and 
    type confusion   * CVE-2021-29989 (bmo#1662676, bmo#1666184, bmo#1719178, 
    bmo#1719998, bmo#1720568)     Memory safety bugs fixed in Firefox 91 and
 Firefox ESR 78.13   * CVE-2021-29990 (bmo#1544190, bmo#1716481, bmo#1717778, 
    bmo#1719319, bmo#1722073)     Memory safety bugs fixed in Firefox 91

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=927
---
 MozillaFirefox.changes | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes
index d058556..00a89be 100644
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@@ -2,7 +2,36 @@
 Mon Aug  9 14:55:22 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
 
 - Mozilla Firefox 91.0
-  MFSA 2021-?? (boo#1188891)
+  MFSA 2021-33 (bsc#1188891)
+  * CVE-2021-29986 (bmo#1696138)
+    Race condition when resolving DNS names could have led to
+    memory corruption
+  * CVE-2021-29981 (bmo#1707774)
+    Live range splitting could have led to conflicting
+    assignments in the JIT
+  * CVE-2021-29988 (bmo#1717922)
+    Memory corruption as a result of incorrect style treatment
+  * CVE-2021-29983 (bmo#1719088)
+    Firefox for Android could get stuck in fullscreen mode
+  * CVE-2021-29984 (bmo#1720031)
+    Incorrect instruction reordering during JIT optimization
+  * CVE-2021-29980 (bmo#1722204)
+    Uninitialized memory in a canvas object could have led to
+    memory corruption
+  * CVE-2021-29987 (bmo#1716129)
+    Users could have been tricked into accepting unwanted
+    permissions on Linux
+  * CVE-2021-29985 (bmo#1722083)
+    Use-after-free media channels
+  * CVE-2021-29982 (bmo#1715318)
+    Single bit data leak due to incorrect JIT optimization and
+    type confusion
+  * CVE-2021-29989 (bmo#1662676, bmo#1666184, bmo#1719178,
+    bmo#1719998, bmo#1720568)
+    Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
+  * CVE-2021-29990 (bmo#1544190, bmo#1716481, bmo#1717778,
+    bmo#1719319, bmo#1722073)
+    Memory safety bugs fixed in Firefox 91
 - requires
   * rustc/cargo >= 1.51
   * NSPR >= 4.32