1
0
Commit Graph

11 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
9b2ce29f83 - update to Firefox 56.0 (boo#1060445)
* Find Options/Preferences more quickly with new search function
  * Media is no longer auto-played when opened in a background tab
  * Enable CSS Grid Layout View
- requires NSPR 4.16 and NSS 3.32.1

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=603
2017-09-28 08:44:46 +00:00
Wolfgang Rosenauer
0f2d4906dd - update to Firefox 51.0
* requires NSPR >= 4.13.1, NSS >= 3.28.1
  * Added support for FLAC (Free Lossless Audio Codec) playback
  * Added support for WebGL 2
  * Added Georgian (ka) and Kabyle (kab) locales
  * Support saving passwords for forms without 'submit' events
  * Improved video performance for users without GPU acceleration
  * Zoom indicator is shown in the URL bar if the zoom level is not
    at default level
  * View passwords from the prompt before saving them
  * Remove Belarusian (be) locale
  * Use Skia for content rendering (Linux)
  * MFSA 2017-01
    CVE-2017-5375: Excessive JIT code allocation allows bypass of
                   ASLR and DEP (bmo#1325200, boo#1021814)
    CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
    CVE-2017-5377: Memory corruption with transforms to create
                   gradients in Skia (bmo#1306883, boo#1021826)
    CVE-2017-5378: Pointer and frame data leakage of Javascript objects
                   (bmo#1312001, bmo#1330769, boo#1021818)
    CVE-2017-5379: Use-after-free in Web Animations
                   (bmo#1309198,boo#1021827)
    CVE-2017-5380: Potential use-after-free during DOM manipulations
                   (bmo#1322107, boo#1021819)
    CVE-2017-5390: Insecure communication methods in Developer Tools
                   JSON viewer (bmo#1297361, boo#1021820)
    CVE-2017-5389: WebExtensions can install additional add-ons via
                   modified host requests (bmo#1308688, boo#1021828)
    CVE-2017-5396: Use-after-free with Media Decoder
                   (bmo#1329403, boo#1021821)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=567
2017-01-25 10:27:08 +00:00
Wolfgang Rosenauer
a1ebdac66f - update to Firefox 50.0 (boo#1009026)
* requires NSS 3.26.2
  new features
  * Updates to keyboard shortcuts
    Set a preference to have Ctrl+Tab cycle through tabs in recently
    used order
    View a page in Reader Mode by using Ctrl+Alt+R
  * Added option to Find in page that allows users to limit search to
    whole words only
  * Added download protection for a large number of executable file
    types on Windows, Mac and Linux
  * Fixed rendering of dashed and dotted borders with rounded corners
    (border-radius)
  * Added a built-in Emoji set for operating systems without native
    Emoji fonts (Windows 8.0 and lower and Linux)
  * Blocked versions of libavcodec older than 54.35.1
  * additional locale
  security fixes:
  * MFSA 2016-89
    CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
                   (bmo#1292443)
    CVE-2016-5292: URL parsing causes crash (bmo#1288482)
    CVE-2016-5293: Write to arbitrary file with updater and moz
                   maintenance service using updater.log hardlink
		   (Windows only) (bmo#1246945)
    CVE-2016-5294: Arbitrary target directory for result files of
                   update process (Windows only) (bmo#1246972)
    CVE-2016-5297: Incorrect argument length checking in Javascript
                   (bmo#1303678)
    CVE-2016-9064: Addons update must verify IDs match between

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=555
2016-11-15 18:06:29 +00:00
Wolfgang Rosenauer
2ea3069057 - update to Firefox 44.0 (boo#963520)
* MFSA 2016-01/CVE-2016-1930/CVE-2016-1931
    Miscellaneous memory safety hazards
  * MFSA 2016-02/CVE-2016-1933 (bmo#1231761)
    Out of Memory crash when parsing GIF format images
  * MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
    Buffer overflow in WebGL after out of memory allocation
  * MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784)
    Firefox allows for control characters to be set in cookie names
  * MFSA 2016-06/CVE-2016-1937 (bmo#724353)
    Missing delay following user click events in protocol handler dialog
  * MFSA 2016-07/CVE-2016-1938 (bmo#1190248)
    Errors in mp_div and mp_exptmod cryptographic functions in NSS
    (fixed by requiring NSS 3.21)
  * MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590)
    Addressbar spoofing attacks
  * MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946
    (bmo#1186621, bmo#1214782, bmo#1232096)
    Unsafe memory manipulation found through code inspection
  * MFSA 2016-11/CVE-2016-1947 (bmo#1237103)
    Application Reputation service disabled in Firefox 43
  * requires NSPR 4.11
  * requires NSS 3.21
- prepare mozilla-kde.patch for Gtk3 builds
- rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=480
2016-01-26 22:39:03 +00:00
Wolfgang Rosenauer
c24ccd4afb - update to Firefox 40.0 (bnc#940806)
* Added protection against unwanted software downloads
  * Suggested Tiles show sites of interest, based on categories
    from your recent browsing history
  * Hello allows adding a link to conversations to provide context
    on what the conversation will be about
  * New style for add-on manager based on the in-content
    preferences style
  * Improved scrolling, graphics, and video playback performance
    with off main thread compositing (GNU/Linux only)
  * Graphic blocklist mechanism improved: Firefox version ranges
    can be specified, limiting the number of devices blocked
  security fixes:
  * MFSA 2015-79/CVE-2015-4473/CVE-2015-4474
    Miscellaneous memory safety hazards
  * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
    Out-of-bounds read with malformed MP3 file
  * MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
    Use-after-free in MediaStream playback
  * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
    Redefinition of non-configurable JavaScript object properties
  * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
    Overflow issues in libstagefright
  * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
    Arbitrary file overwriting through Mozilla Maintenance Service
    with hard links (only affected Windows)
  * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
    Out-of-bounds write with Updater and malicious MAR file
    (does not affect openSUSE RPM packages which do not ship the
     updater)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=454
2015-08-12 07:11:49 +00:00
Wolfgang Rosenauer
4a13134b83 - update to Firefox 34.0.5 (bnc#908009)
* Default search engine changed to Yahoo! for North America
  * Default search engine changed to Yandex for Belarusian, Kazakh,
    and Russian locales
  * Improved search bar (en-US only)
  * Firefox Hello real-time communication client
  * Easily switch themes/personas directly in the Customizing mode
  * Implementation of HTTP/2 (draft14) and ALPN
  * Disabled SSLv3
  * MFSA 2014-83/CVE-2014-1587/CVE-2014-1588
    Miscellaneous memory safety hazards
  * MFSA 2014-84/CVE-2014-1589 (bmo#1043787)
    XBL bindings accessible via improper CSS declarations
  * MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
    XMLHttpRequest crashes with some input streams
  * MFSA 2014-86/CVE-2014-1591 (bmo#1069762)
    CSP leaks redirect data via violation reports
  * MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
    Use-after-free during HTML5 parsing
  * MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
    Buffer overflow while parsing media content
  * MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
    Bad casting from the BasicThebesLayer to BasicContainerLayer
- rebased patches
- limit linker memory usage for %ix86

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=415
2014-12-02 22:01:52 +00:00
Wolfgang Rosenauer
83b187e5a4 - update to Firefox 30.0 (bnc#881874)
* MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
    (bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
     bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
     bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
     bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
     bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
     bmo#1009952, bmo#1011007)
    Miscellaneous memory safety hazards (rv:30.0)
  * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
    (bmo#989994, bmo#999274, bmo#1005584)
    Use-after-free and out of bounds issues found using Address
    Sanitizer
  * MFSA 2014-50/CVE-2014-1539 (bmo#995603)
    Clickjacking through cursor invisability after Flash interaction
  * MFSA 2014-51/CVE-2014-1540 (bmo#978862)
    Use-after-free in Event Listener Manager
  * MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
    Use-after-free with SMIL Animation Controller
  * MFSA 2014-53/CVE-2014-1542 (bmo#991533)
    Buffer overflow in Web Audio Speex resampler
  * MFSA 2014-54/CVE-2014-1543 (bmo#1011859)
    Buffer overflow in Gamepad API
- rebased patches
- removed obsolete patches
  * firefox-browser-css.patch
  * mozilla-aarch64-bmo-962488.patch
  * mozilla-aarch64-bmo-963023.patch
  * mozilla-aarch64-bmo-963024.patch
  * mozilla-aarch64-bmo-963027.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=384
2014-06-11 08:41:30 +00:00
Wolfgang Rosenauer
09a0ed1d17 - update to Firefox 22.0 (bnc#825935)
* removed obsolete patches
    + mozilla-qcms-ppc.patch
    + mozilla-gstreamer-760140.patch
  * GStreamer support does not build on 12.1 anymore (build only
    on 12.2 and later)
- Fix qcms altivec include (mozilla-qcms-ppc.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=340
2013-06-24 07:57:33 +00:00
Wolfgang Rosenauer
16dbe14e33 - update to Firefox 18.0 (bnc#796895)
* requires NSS 3.14.1
  * removed obsolete SLE11 patches (mozilla-gcc43*)
- ported patches
- reenable WebRTC

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=308
2013-01-07 20:49:28 +00:00
Wolfgang Rosenauer
9933e45a18 version 7
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=231
2011-09-26 06:53:33 +00:00
Wolfgang Rosenauer
688ee2c30f 5.0b3
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=202
2011-06-01 06:05:09 +00:00