MozillaFirefox

rpm/MozillaFirefox

SHA256

Fork 0

forked from pool/MozillaFirefox

Commit Graph

Author	SHA256	Message	Date
Wolfgang Rosenauer	f9c0480028	- Mozilla Firefox 80.0 MFSA 2020- (bsc#1175686) * CVE-2020-15663 (bmo#1643199) Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege * CVE-2020-15664 (bmo#1658214) Attacker-induced prompt for extension installation * CVE-2020-12401 (bmo#1631573) Timing-attack on ECDSA signature generation * CVE-2020-6829 (bmo#1631583) P-384 and P-521 vulnerable to an electro-magnetic side channel attack on signature generation * CVE-2020-12400 (bmo#1623116) P-384 and P-521 vulnerable to a side channel attack on modular inversion * CVE-2020-15665 (bmo#1651636) Address bar not reset when choosing to stay on a page after the beforeunload dialog is shown * CVE-2020-15666 (bmo#1450853) MediaError message property leaks cross-origin response status * CVE-2020-15667 (bmo#1653371) Heap overflow when processing an update file * CVE-2020-15668 (bmo#1651520) Data Race when reading certificate information * CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626, bmo#1656957) Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2 - requires * NSPR 4.27 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=853	2020-08-25 18:18:25 +00:00
Wolfgang Rosenauer	ec5d636a3c	- update to 14.0.1 (bnc#) - license change from tri license to MPL-2.0 - fix crashreporter restart option (bmo#762780) - reenabled mozilla-yarr-pcre.patch to fix build for PPC - require NSS 3.13.5 - remove mozjs pacrunner obsoletes again for now - adopted mozilla-prefer_plugin_pref.patch OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=284	2012-07-16 08:13:51 +00:00
Wolfgang Rosenauer	a7f369b4c2	- update to Firefox 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - fix sound notifications when filename/path contains a whitespace (bmo#749739) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=280	2012-06-05 18:01:53 +00:00

Author

SHA256

Message

Date

Wolfgang Rosenauer

f9c0480028

- Mozilla Firefox 80.0

MFSA 2020- (bsc#1175686)
  * CVE-2020-15663 (bmo#1643199)
    Downgrade attack on the Mozilla Maintenance Service could
    have resulted in escalation of privilege
  * CVE-2020-15664 (bmo#1658214)
    Attacker-induced prompt for extension installation
  * CVE-2020-12401 (bmo#1631573)
    Timing-attack on ECDSA signature generation
  * CVE-2020-6829 (bmo#1631583)
    P-384 and P-521 vulnerable to an electro-magnetic side
    channel attack on signature generation
  * CVE-2020-12400 (bmo#1623116)
    P-384 and P-521 vulnerable to a side channel attack on
    modular inversion
  * CVE-2020-15665 (bmo#1651636)
    Address bar not reset when choosing to stay on a page after
    the beforeunload dialog is shown
  * CVE-2020-15666 (bmo#1450853)
    MediaError message property leaks cross-origin response
    status
  * CVE-2020-15667 (bmo#1653371)
    Heap overflow when processing an update file
  * CVE-2020-15668 (bmo#1651520)
    Data Race when reading certificate information
  * CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
    bmo#1656957)
    Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
- requires
  * NSPR 4.27

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=853

2020-08-25 18:18:25 +00:00

Wolfgang Rosenauer

ec5d636a3c

- update to 14.0.1 (bnc#)

- license change from tri license to MPL-2.0
- fix crashreporter restart option (bmo#762780)
- reenabled mozilla-yarr-pcre.patch to fix build for PPC
- require NSS 3.13.5
- remove mozjs pacrunner obsoletes again for now
- adopted mozilla-prefer_plugin_pref.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=284

2012-07-16 08:13:51 +00:00

Wolfgang Rosenauer

a7f369b4c2

- update to Firefox 13.0 (bnc#765204)

* MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
    Miscellaneous memory safety hazards
  * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
    Content Security Policy inline-script bypass
  * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
    Information disclosure though Windows file shares and shortcut
    files
  * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
    Use-after-free while replacing/inserting a node in a document
  * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
    Buffer overflow and use-after-free issues found using Address
    Sanitizer
- require NSS 3.13.4
  * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
- fix sound notifications when filename/path contains a whitespace
  (bmo#749739)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=280

2012-06-05 18:01:53 +00:00

3 Commits