MozillaFirefox

rpm/MozillaFirefox

SHA256

Fork 0

forked from pool/MozillaFirefox

Commit Graph

Author	SHA256	Message	Date
Wolfgang Rosenauer	5e0222bbda	Accepting request 593016 from home:badshah400:branches:mozilla:Factory - Add back mozilla-enable-csd.patch: New rebased version from Fedora for version 59.0.x. OBS-URL: https://build.opensuse.org/request/show/593016 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=646	2018-04-03 07:38:15 +00:00
Wolfgang Rosenauer	3f1ee3498d	- update to Firefox 59.0 * Performance enhancements * Drag-and-drop to rearrange Top Sites on the Firefox Home page * added features for Firefox Screenshots * Enhanced WebExtensions API * Improved RTC capabilities MFSA 2018-06 (bsc#1085130) * CVE-2018-5127 (bmo#1430557) Buffer overflow manipulating SVG animatedPathSegList * CVE-2018-5128 (bmo#1431336) Use-after-free manipulating editor selection ranges * CVE-2018-5129 (bmo#1428947) Out-of-bounds write with malformed IPC messages * CVE-2018-5130 (bmo#1433005) Mismatched RTP payload type can trigger memory corruption * CVE-2018-5131 (bmo#1440775) Fetch API improperly returns cached copies of no-store/no-cache resources * CVE-2018-5132 (bmo#1408194) WebExtension Find API can search privileged pages * CVE-2018-5133 (bmo#1430511, bmo#1430974) Value of the app.support.baseURL preference is not properly sanitized * CVE-2018-5134 (bmo#1429379) WebExtensions may use view-source: URLs to bypass content restrictions * CVE-2018-5135 (bmo#1431371) WebExtension browserAction can inject scripts into unintended contexts * CVE-2018-5136 (bmo#1419166) Same-origin policy violation with data: URL shared workers * CVE-2018-5137 (bmo#1432870) Script content can access legacy extension non-contentaccessible resources * CVE-2018-5138 (bmo#1432624) (Android only) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=636	2018-03-13 19:46:06 +00:00
Wolfgang Rosenauer	dd53ed18ec	- update to Firefox 58.0.1 MFSA 2018-05 * Arbitrary code execution through unsanitized browser UI (bmo#1432966) - fixed language packs (boo#1077590) - readd mozilla-enable-csd.patch as it only lands for FF59 upstream - allow larger number of nested elements (mozilla-bmo256180.patch) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=630	2018-01-29 22:56:59 +00:00

Author

SHA256

Message

Date

Wolfgang Rosenauer

5e0222bbda

Accepting request 593016 from home:badshah400:branches:mozilla:Factory

- Add back mozilla-enable-csd.patch: New rebased version from Fedora for version 59.0.x.

OBS-URL: https://build.opensuse.org/request/show/593016
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=646

2018-04-03 07:38:15 +00:00

Wolfgang Rosenauer

3f1ee3498d

- update to Firefox 59.0

* Performance enhancements
  * Drag-and-drop to rearrange Top Sites on the Firefox Home page
  * added features for Firefox Screenshots
  * Enhanced WebExtensions API
  * Improved RTC capabilities
  MFSA 2018-06 (bsc#1085130)
  * CVE-2018-5127 (bmo#1430557)
    Buffer overflow manipulating SVG animatedPathSegList
  * CVE-2018-5128 (bmo#1431336)
    Use-after-free manipulating editor selection ranges
  * CVE-2018-5129 (bmo#1428947)
    Out-of-bounds write with malformed IPC messages
  * CVE-2018-5130 (bmo#1433005)
    Mismatched RTP payload type can trigger memory corruption
  * CVE-2018-5131 (bmo#1440775)
    Fetch API improperly returns cached copies of no-store/no-cache resources
  * CVE-2018-5132 (bmo#1408194)
    WebExtension Find API can search privileged pages
  * CVE-2018-5133 (bmo#1430511, bmo#1430974)
    Value of the app.support.baseURL preference is not properly sanitized
  * CVE-2018-5134 (bmo#1429379)
    WebExtensions may use view-source: URLs to bypass content restrictions
  * CVE-2018-5135 (bmo#1431371)
    WebExtension browserAction can inject scripts into unintended contexts
  * CVE-2018-5136 (bmo#1419166)
    Same-origin policy violation with data: URL shared workers
  * CVE-2018-5137 (bmo#1432870)
    Script content can access legacy extension non-contentaccessible resources
  * CVE-2018-5138 (bmo#1432624) (Android only)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=636

2018-03-13 19:46:06 +00:00

Wolfgang Rosenauer

dd53ed18ec

- update to Firefox 58.0.1

MFSA 2018-05
  *  Arbitrary code execution through unsanitized browser UI (bmo#1432966)
- fixed language packs (boo#1077590)
- readd mozilla-enable-csd.patch as it only lands for FF59 upstream
- allow larger number of nested elements (mozilla-bmo256180.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=630

2018-01-29 22:56:59 +00:00

3 Commits