rpm/MozillaFirefox
SHA256
1
0
Fork 0
forked from pool/MozillaFirefox
Code Pull Requests Activity
639 Commits 2 Branches 0 Tags 12 MiB
a33735930f
Commit Graph

3 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
5afd51282e - Mozilla Firefox 81.0 
* https://www.mozilla.org/en-US/firefox/81.0/releasenotes
  MFSA 2020-42 (bsc#1176756)
  * CVE-2020-15675 (bmo#1654211)
    Use-After-Free in WebGL
  * CVE-2020-15677 (bmo#1641487)
    Download origin spoofing via redirect
  * CVE-2020-15676 (bmo#1646140)
    XSS when pasting attacker-controlled data into a
    contenteditable element
  * CVE-2020-15678 (bmo#1660211)
    When recursing through layers while scrolling, an iterator
    may have become invalid, resulting in a potential use-after-
    free scenario
  * CVE-2020-15673 (bmo#1648493, bmo#1660800)
    Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3
  * CVE-2020-15674 (bmo#1656063, bmo#1656064, bmo#1656067, bmo#1660293)
    Memory safety bugs fixed in Firefox 81
- requires
  NSPR 4.28
  NSS 3.56
- removed obsolete patches
  * mozilla-system-nspr.patch
  * mozilla-bmo1661715.patch
  * mozilla-silence-no-return-type.patch
- skip post-build-checks for 15.0 and 15.1
- add revert-795c8762b16b.patch to fix LTO builds with gcc
  (related to bmo#1644409)
- Use %limit_build macro again for aarch64 and armv7, instead of

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=858
 2020-09-22 14:04:54 +00:00
Wolfgang Rosenauer
8addddfe67 - Mozilla Firefox 79.0 
MFSA 2020-30 (bsc#1174538)
  * CVE-2020-15652 (bmo#1634872)
    Potential leak of redirect targets when loading scripts in a worker
  * CVE-2020-6514 (bmo#1642792)
    WebRTC data channel leaks internal address to peer
  * CVE-2020-15655 (bmo#1645204)
    Extension APIs could be used to bypass Same-Origin Policy
  * CVE-2020-15653 (bmo#1521542)
    Bypassing iframe sandbox when allowing popups
  * CVE-2020-6463 (bmo#1635293)
    Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
  * CVE-2020-15656 (bmo#1647293)
    Type confusion for special arguments in IonMonkey
  * CVE-2020-15658 (bmo#1637745)
    Overriding file type when saving to disk
  * CVE-2020-15657 (bmo#1644954)
    DLL hijacking due to incorrect loading path
  * CVE-2020-15654 (bmo#1648333)
    Custom cursor can overlay user interface
  * CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1638856,
    bmo#1643613, bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646220,
    bmo#1646787, bmo#1649347, bmo#1650811, bmo#1651678)
    Memory safety bugs fixed in Firefox 79
- updated dependency requirements:
  * mozilla-nspr >= 4.26
  * mozilla-nss >= 3.54
  * rust >= 1.43
  * rust-cbindgen >= 0.14.3
- removed obsolete patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=847
 2020-07-29 07:07:58 +00:00
Wolfgang Rosenauer
d08406e896 - Mozilla Firefox 78.0 
* startup notifications now using Gtk instead of libnotify
  * PDF downloads now show an option to open the PDF directly in Firefox
- requires
  * NSS >= 3.53.1
  * nodejs >= 10.21
  * Gtk+3 >= 3.14
- removed obsolete patch
  * mozilla-s390-bigendian.patch
- Add mozilla-pipewire-0-3.patch for openSUSE >= 15.2 to build
  WebRTC with pipewire support to enable screen sharing under
  Wayland; also add BuildRequires: pkgconfig(libpipewire-0.3)
  appropriately (boo#1172903).
- adding SLE12 compatibility in spec file
- add patches for s390x
  * mozilla-bmo1602730.patch (bmo#1602730)
  * mozilla-bmo1626236.patch (bmo#1626236)
  * mozilla-bmo998749.patch (bmo#998749)
  * mozilla-s390x-skia-gradient.patch
- update create-tar.sh
- Use same _constraints for ppc64 (BE) as ppc64le to avoid oom build failure

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=834
 2020-06-30 11:39:58 +00:00