1
0
Commit Graph

3 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
a9628fa6ae - Mozilla Firefox 74.0
* https://www.mozilla.org/en-US/firefox/74.0/releasenotes/
  MFSA 2020-08 (bsc#1166238)
  * CVE-2020-6805 (bmo#1610880)
    Use-after-free when removing data about origins
  * CVE-2020-6806 (bmo#1612308)
    BodyStream::OnInputStreamReady was missing protections against
    state confusion
  * CVE-2020-6807 (bmo#1614971)
    Use-after-free in cubeb during stream destruction
  * CVE-2020-6808 (bmo#1247968)
    URL Spoofing via javascript: URL
  * CVE-2020-6809 (bmo#1420296)
    Web Extensions with the all-urls permission could access local
    files
  * CVE-2020-6810 (bmo#1432856)
    Focusing a popup while in fullscreen could have obscured the
    fullscreen notification
  * CVE-2020-6811 (bmo#1607742)
    Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection
  * CVE-2019-20503 (bmo#1613765)
    Out of bounds reads in sctp_load_addresses_from_init
  * CVE-2020-6812 (bmo#1616661)
    The names of AirPods with personally identifiable information
    were exposed to websites with camera or microphone permission
  * CVE-2020-6813 (bmo#1605814)
    @import statements in CSS could bypass the Content Security
    Policy nonce feature
  * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636,

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809
2020-03-12 19:14:24 +00:00
Wolfgang Rosenauer
0844347457 - big endian fixes
* mozilla-bmo1610814.patch (boo#1164845, bmo#1610814)
    (bmo#1614535, boo#1164646)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=807
2020-02-26 08:14:44 +00:00
Wolfgang Rosenauer
474457216d - Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
  * More information about Enhanced Tracking Protection in action
  * Native MP3 decoding on Windows, Linux, and macOS
  * Configuration page (about:config) reimplemented in HTML
  * New kiosk mode functionality, which allows maximum screen space
    for customer-facing displays
  MFSA 2019-36
  * CVE-2019-11756 (bmo#1508776)
    Use-after-free of SFTKSession object
  * CVE-2019-17008 (bmo#1546331)
    Use-after-free in worker destruction
  * CVE-2019-13722 (bmo#1580156) (Windows only)
    Stack corruption due to incorrect number of arguments in WebRTC code
  * CVE-2019-17014 (bmo#1322864)
    Dragging and dropping a cross-origin resource, incorrectly loaded
    as an image, could result in information disclosure
  * CVE-2019-17010 (bmo#1581084)
    Use-after-free when performing device orientation checks
  * CVE-2019-17005 (bmo#1584170)
    Buffer overflow in plain text serializer
  * CVE-2019-17011 (bmo#1591334)
    Use-after-free when retrieving a document in antitracking
  * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
    bmo#1580288, bmo#1585760, bmo#1592502)
    Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
  * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
    bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
    bmo#1594181)
    Memory safety bugs fixed in Firefox 71

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 07:58:52 +00:00