rpm/MozillaFirefox
SHA256
1
0
Fork 0
forked from pool/MozillaFirefox
Code Pull Requests Activity
822 Commits 2 Branches 0 Tags
Commit Graph

3 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
82f4bf17d0 - Mozilla Firefox 73.0 
* Added support for setting a default zoom level applicable for all
    web content
  * High-contrast mode has been updated to allow background images
  * Improved audio quality when playing back audio at a faster or
    slower speed
  * Added NextDNS as alternative option for DNS over HTTPS
  MFSA 2020-05 (bsc#1163368)
  * CVE-2020-6796 (bmo#1610426)
    Missing bounds check on shared memory read in the parent process
  * CVE-2020-6797 (bmo#1596668) (MacOS X only)
    Extensions granted downloads.open permission could open arbitrary
    applications on Mac OSX
  * CVE-2020-6798 (bmo#1602944)
    Incorrect parsing of template tag could result in JavaScript injection
  * CVE-2020-6799 (bmo#1606596) (Windows only)
    Arbitrary code execution when opening pdf links from other
    applications, when Firefox is configured as default pdf reader
  * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
    bmo#1608580,bmo#1608785,bmo#1605777)
    Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
  * CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
    Memory safety bugs fixed in Firefox 73
- updated requirements
  * rust >= 1.39
  * NSS >= 3.49.2
  * rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
  * mozilla-bmo1601707.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
 2020-02-12 14:14:39 +00:00
Wolfgang Rosenauer
31f1b363df - Mozilla Firefox 72.0.1 
- Mozilla Firefox 72.0
  * block fingerprinting scripts by default
  * new notification pop-ups
  * Picture-in-picture video
  MFSA 2020-01
  * CVE-2019-17016 (bmo#1599181)
    Bypass of @namespace CSS sanitization during pasting
  * CVE-2019-17017 (bmo#1603055)
    Type Confusion in XPCVariant.cpp
  * CVE-2019-17020 (bmo#1597645)
    Content Security Policy not applied to XSL stylesheets applied
    to XML documents
  * CVE-2019-17022 (bmo#1602843)
    CSS sanitization does not escape HTML tags
  * CVE-2019-17023 (bmo#1590001) (fixed in NSS FIXME)
    NSS may negotiate TLS 1.2 or below after a TLS 1.3
    HelloRetryRequest had been sent
  * CVE-2019-17024 (bmo#1507180,bmo#1595470,bmo#1598605,bmo#1601826)
    Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
  * CVE-2019-17025 (bmo#1328295,bmo#1328300,bmo#1590447,bmo#1590965
    bmo#1595692,bmo#1597321,bmo#1597481)
    Memory safety bugs fixed in Firefox 72
- update create-tar.sh to skip compare-locales
- requires NSPR 4.24 and NSS 3.48
- removed usage of browser-plugins convention for NPAPI plugins
  from start wrapper and changed the RPM macro to the
  /usr/$LIB/mozilla/plugins location (boo#1160302)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=793
 2020-01-08 11:59:18 +00:00
Wolfgang Rosenauer
e72a516450 - added a bunch of patches mainly for big endian platforms 
* mozilla-bmo1504834-part1.patch
  * mozilla-bmo1504834-part2.patch
  * mozilla-bmo1504834-part3.patch
  * mozilla-bmo1511604.patch
  * mozilla-bmo1554971.patch
  * mozilla-bmo1573381.patch
  * mozilla-nestegg-big-endian.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=763
 2019-09-05 12:57:01 +00:00