1
0
Commit Graph

441 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
c66dced2e8 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=751 2019-07-11 15:10:52 +00:00
Wolfgang Rosenauer
668f506a0c Accepting request 714438 from home:bmwiedemann:branches:mozilla:Factory
Generate langpacks sequentially to avoid file corruption from racy file writes (boo#1137970)

OBS-URL: https://build.opensuse.org/request/show/714438
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=750
2019-07-11 13:04:54 +00:00
Wolfgang Rosenauer
c4b62217a3 - Mozilla Firefox 68.0
* Dark mode in reader view
  * Improved extension security and discovery
  * Cryptomining and fingerprinting protections are added to strict
    content blocking settings in Privacy & Security preferences
  * Camera and microphone access now require an HTTPS connection
  MFSA 2019-21 (bsc#1140868)
  * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
    Sandbox escape via installation of malicious languagepack
  * CVE-2019-11711 (bmo#1552541)
    Script injection within domain through inner window reuse
  * CVE-2019-11712 (bmo#1543804)
    Cross-origin POST requests can be made with NPAPI plugins by
    following 308 redirects
  * CVE-2019-11713 (bmo#1528481)
    Use-after-free with HTTP/2 cached stream
  * CVE-2019-11714 (bmo#1542593)
    NeckoChild can trigger crash when accessed off of main thread
  * CVE-2019-11729 (bmo#1515342)
    Empty or malformed p256-ECDH public keys may trigger a segmentation fault
  * CVE-2019-11715 (bmo#1555523)
    HTML parsing error can contribute to content XSS
  * CVE-2019-11716 (bmo#1552632)
    globalThis not enumerable until accessed
  * CVE-2019-11717 (bmo#1548306)
    Caret character improperly escaped in origins
  * CVE-2019-11718 (bmo#1408349)
    Activity Stream writes unsanitized content to innerHTML
  * CVE-2019-11719 (bmo#1540541)
    Out-of-bounds read when importing curve25519 private key

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748
2019-07-09 21:21:11 +00:00
Wolfgang Rosenauer
2be5772ed8 Accepting request 713071 from home:marxin:branches:mozilla:Factory
- Enable PGO for x86_64.

OBS-URL: https://build.opensuse.org/request/show/713071
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=746
2019-07-02 20:43:20 +00:00
Wolfgang Rosenauer
0ef859ba7d - Mozilla Firefox 67.0.4
MFSA 2019-19 (boo#1138872)
  * CVE-2019-11708 (bmo#1559858)
    sandbox escape using Prompt:Open

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=744
2019-06-20 19:02:43 +00:00
Wolfgang Rosenauer
2a64714492 - Mozilla Firefox 67.0.3
MFSA 2019-18
  * CVE-2019-11707 (bmo#1544386)
    Type confusion in Array.pop

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=742
2019-06-18 18:51:07 +00:00
Wolfgang Rosenauer
55599abb93 - Mozilla Firefox 67.0.2
* Fixed: Fix JavaScript error ("TypeError: data is null in
    PrivacyFilter.jsm") in console which may significantly degrade
    sessionstore reliability and performance (bmo#1553413)
  * Fixed: Proxy authentication dialog box repeatedly pops up
    asking to authenticate after upgrading to Firefox 67 (bmo#1548804)
  * Fixed: Pearson MyCloud breaks if FIDO U2F is not Chrome's
    implementation (bmo#1551282)
  * Fixed: Starting in safe mode on Linux or macOS causes Firefox
    to think on the subsequent launch that the profile is too
    recent to be used with this version of Firefox (bmo#1556612)
  * Fixed: Linux distribution users can't easily install/use
    additional/different languages using the built-in preferences
    UI (bmo#1554744)
  * Fixed: Developer tools users can't copy the href/src content
    from various HTML tags via the context menu in the Inspector
    markup view (bmo#1552275)
  * Fixed: Custom home page is broken with clearing data on shutdown
    settings applied (bmo#1554167)
  * Fixed: Performance-regression for eclipse RAP based applications
    (bmo#1555962)
  * Fixed: macOS 10.15 crash fix (bmo#1556076)
  * Fixed: Can't start two downloads in parallel via <a download>
    anymore (bmo#1542912)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=741
2019-06-12 21:30:01 +00:00
Wolfgang Rosenauer
fc63e9e0d5 - Mozilla Firefox 67.0.1
* enable enhanced tracking protection by default for new users
  * upgrade of Facebook container to version 2.0
  * new version of Firefox Lockwise (password management)
  * new version of Firefox Monitor
  * Firefox Send improvements

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=740
2019-06-09 08:21:04 +00:00
Wolfgang Rosenauer
3a4466d1cf - Mozilla Firefox 67.0
* Firefox 67 will be able to run different Firefox installs side by side
    https://blog.nightly.mozilla.org/2019/01/14/moving-to-a-profile-per-install-architecture/
  * Tabs can now be pinned from the Page Actions menu in the address bar
  * Users can block known cryptominers and fingerprinters in the
    Custom settings or their Content Blocking preferences
  * The Import Data from Another Browser feature is now also available
    from the File menu
  * Firefox will now protect you against running older versions which
    can lead to data corruption and stability issues
  * Easier access to your list of saved logins from the main menu and
    login autocomplete
  * We’ve added a toolbar menu for your Firefox Account to provide more
    transparency for when you are synced, sharing data across devices
    and with Firefox. Personalize the appearance of the menu with your
    own avatar
  * Enable FIDO U2F API, and permit registrations for Google Accounts
  * Enabled AV1 support on Linux
  MFSA 2019-13
  * CVE-2019-9815 (bmo#1546544)
    Disable hyperthreading on content JavaScript threads on macOS
  * CVE-2019-9816 (bmo#1536768)
    Type confusion with object groups and UnboxedObjects
  * CVE-2019-9817 (bmo#1540221)
    Stealing of cross-domain images using canvas
  * CVE-2019-9818 (bmo#1542581) (Windows only)
    Use-after-free in crash generation server
  * CVE-2019-9819 (bmo#1532553)
    Compartment mismatch with fetch API
  * CVE-2019-9820 (bmo#1536405)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=736
2019-05-22 20:38:29 +00:00
Wolfgang Rosenauer
c6af23c61b - Mozilla Firefox 66.0.5
* Fixed: Further improvements to re-enable web extensions which
    had been disabled for users with a master password set (bmo#1549249)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=734
2019-05-10 19:46:56 +00:00
Wolfgang Rosenauer
5b3482e861 - Mozilla Firefox 66.0.4 (boo#1134126)
* fix extension certificate chain
    https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=732
2019-05-05 20:35:52 +00:00
Wolfgang Rosenauer
4a05b1c2ea - Mozilla Firefox 66.0.3
* Fixed: Address bar on tablets running Windows 10 now behaves
    correctly (bmo#1498973)
  * Fixed: Performance issues with some HTML5 games (bmo#1537609)
  * Fixed a bug with keypress events in IBM cloud applications
    (bmo#1538970)
  * Fix for keypress events in some Microsoft cloud applications
    (bmo#1539618)
  * Changed: Updated Baidu search plugin

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=730
2019-04-13 15:12:36 +00:00
Wolfgang Rosenauer
77d74ed5ac - Mozilla Firefox 66.0.2
* Fixed Web compatibility issues with Office 365, iCloud and
    IBM WebMail caused by recent changes to the handling of
    keyboard events (bmo#1538966)
  * Crash fixes (bmo#1521370, bmo#1539118)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=728
2019-03-30 12:06:55 +00:00
Wolfgang Rosenauer
94b2d29d06 Accepting request 689279 from home:Guillaume_G:branches:mozilla:Factory
- Add patch to fix aarch64 build:
  * mozilla-fix-aarch64-libopus.patch (bmo#1539737)

OBS-URL: https://build.opensuse.org/request/show/689279
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=727
2019-03-28 10:24:32 +00:00
Wolfgang Rosenauer
7e741ea41d - Mozilla Firefox 66.0.1
MFSA 2019-09 (bsc#1130262)
  * CVE-2019-9810 (bmo#1537924)
    IonMonkey MArraySlice has incorrect alias information
  * CVE-2019-9813 (bmo#1538006)
    Ionmonkey type confusion with __proto__ mutations

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=724
2019-03-23 07:56:11 +00:00
Wolfgang Rosenauer
c35c1573d5 - Mozilla Firefox 66.0
* Increased content processes to 8
  * Added capability to search through open tabs from the tab overflow menu
  * New backend for the storage.local WebExtensions API, providing
    I/O performance improvements when the extension updates a small
    subset of the stored data
  * WebExtension keyboard shortcuts can now be managed or overridden
    from about:addons
  * Improved scrolling behavior: Firefox will now attempt to keep content
    from jumping around while a page is loading by supporting scroll
    anchoring
  * New about:privatebrowsing with search
  * A certificate error page now notifies the user of the name of the
    certificate issuer that breaks HTTPs connections on intercepted
    connections to help troubleshooting possible anti-virus software
    issues.
  * Fixed an performance issue some Linux users experienced with the
    Downloads panel (bmo#1517101)
  * Firefox now blocks all autoplay media with sound by default. Users
    can add individual sites to an exceptions list or turn the blocking
    off.
  * System title bar is hidden by default to match Gnome guideline
  MFSA 2019-07 (bsc#1129821)
  * CVE-2019-9790 (bmo#1525145)
    Use-after-free when removing in-use DOM elements
  * CVE-2019-9791 (bmo#1530958)
    Type inference is incorrect for constructors entered through on-stack
    replacement with IonMonkey
  * CVE-2019-9792 (bmo#1532599)
    IonMonkey leaks JS_OPTIMIZED_OUT magic value to script

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=723
2019-03-19 22:01:55 +00:00
Wolfgang Rosenauer
0d243c2ff1 Accepting request 681668 from home:coolo:branches:mozilla:Factory
- Do not hardcode nodejs8 but leave the prefer to the distribution
  (Tumbleweed staging wants to switch to nodejs10)

OBS-URL: https://build.opensuse.org/request/show/681668
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=721
2019-03-07 08:01:24 +00:00
Wolfgang Rosenauer
9feea8555d - Mozilla Firefox 65.0.1
* Fixed accidental requests to addons.mozilla.org when an addon
    recommendation doorhanger is shown (bmo#1526387)
  * Improved playback of interactive Netflix videos (bmo#1524500)
  * Fixed incorrect sizing of the "Clear Recent History" window in
    some situations (bmo#1523696)
  * Fixed audio & video delays while making WebRTC calls
    (bmo#1521577, bmo#1523817)
  * Fixed video sizing problems during some WebRTC calls (bmo#1520200)
  * Fixed looping CONNECT requests when using WebSockets over HTTP/2
    from behind a proxy server (bmo#1523427)
  * Fixed the "Enter" key not working on password entry fields for
    certain Linux distributions (bmo#1523635)
  MFSA 2019-04
  * CVE-2018-18356 bmo#1525817
    Use-after-free in Skia
  * CVE-2019-5785 bmo#1525433
    Integer overflow in Skia
  * CVE-2018-18511 bmo#1526218
    Cross-origin theft of images with ImageBitmapRenderingContext
- Enable LTO only for latest new toolchain (boo#1125038) for x86_64
  (with increased memory constraints)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=717
2019-02-13 08:14:35 +00:00
Wolfgang Rosenauer
6164077723 Accepting request 674399 from home:marxin:branches:mozilla:Factory
- Enable LTO only for latest toolchain (boo#1125038).

OBS-URL: https://build.opensuse.org/request/show/674399
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=716
2019-02-13 07:10:01 +00:00
Wolfgang Rosenauer
292dbe02a3 Accepting request 673283 from home:marxin:branches:mozilla:Factory
- Enable LTO for x86_64 (with increased memory constraints).

OBS-URL: https://build.opensuse.org/request/show/673283
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=714
2019-02-11 11:41:34 +00:00
Wolfgang Rosenauer
1030f9ddf5 - rebased patches
- remove workaround for build memory consumption on i586; other
  mitigations meanwhile introduced (mainly parallelity) will be
  sufficient
  mozilla-reduce-files-per-UnifiedBindings.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=712
2019-02-03 06:39:38 +00:00
Wolfgang Rosenauer
4962fbcbc3 missing proper changelog before Factory submission
- Mozilla Firefox 65.0
- requires
  NSS 3.41
  rust/carge 1.30
  rust-cbindgen 0.6.7
-rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=709
2019-01-29 18:07:12 +00:00
Wolfgang Rosenauer
59c27b8c6c Accepting request 666261 from home:marxin:branches:mozilla:Factory
- Increase disk constraint.
- Remove -v from mach build in order to work-around bmo#1500436.

OBS-URL: https://build.opensuse.org/request/show/666261
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=708
2019-01-16 09:31:29 +00:00
Wolfgang Rosenauer
68e8e12c27 Accepting request 664693 from home:marxin:branches:mozilla:Factory-new2
- Set %clang_build to false on all architectures
- Do not use -fno-delete-null-pointer-checks and -fno-strict-aliasing:
  it should not be needed.
- Do not overwrite enable-optimize and when possible
  enable --enable-debug-symbols.
- Add -v to mach in order to make build verbose.

OBS-URL: https://build.opensuse.org/request/show/664693
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=705
2019-01-12 22:48:04 +00:00
Wolfgang Rosenauer
c828807e6d Accepting request 664321 from home:AndreasStieger:branches:mozilla:Factory
64.0.2

OBS-URL: https://build.opensuse.org/request/show/664321
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=704
2019-01-10 10:25:49 +00:00
Wolfgang Rosenauer
96abfaec58 Accepting request 659329 from home:Guillaume_G:branches:mozilla:Factory
- Enable build_hardened for all architectures
- Switch back aarch64 to clang as '-fPIC' fixes bmo#1513605
- Remove obolete '--enable-pie' as -pie is always enabled for gcc and clang

OBS-URL: https://build.opensuse.org/request/show/659329
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=703
2019-01-07 19:59:56 +00:00
Wolfgang Rosenauer
f2a1d1c9f4 Accepting request 657818 from home:Guillaume_G:branches:mozilla:Factory
- Switch aarch64 builds back to gcc, not clang (bmo#1513605)
- Switch %arm builds back to gcc, not clang to avoid OOM
- Fix build flags when clang is not used
- Fix flags for clang ppc64 builds

OBS-URL: https://build.opensuse.org/request/show/657818
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=700
2018-12-13 12:15:35 +00:00
Wolfgang Rosenauer
7d565ee4aa - update to Firefox 64.0
* Better recommendations: You may see suggestions in regular browsing
    mode for new and relevant Firefox features, services, and extensions
    based on how you use the web (for US users only)
  * Enhanced tab management: You can now select multiple tabs from the
    tab bar and close, move, bookmark, or pin them quickly and easily
  * Easier performance management: The new Task Manager page found at
    about:performance lets you see how much energy each open tab consumes
    and provides access to close tabs to conserve power
  * Improved performance for Mac and Linux users, by enabling link time
    optimization (Clang LTO).
  * Added option to remove add-ons using the context menu on their
    toolbar buttons
  * RSS feed preview and live bookmarks are available only via add-ons
  * TLS certificates issued by Symantec are no longer trusted by Firefox.
    Website operators are strongly encouraged to replace any remaining
    Symantec TLS certificates as soon as possible
  MFSA 2018-29 (bsc#1119105)
  * CVE-2018-12407 bmo#1505973
    Buffer overflow with ANGLE library when using VertexBuffer11 module
  * CVE-2018-17466 bmo#1488295
    Buffer overflow and out-of-bounds read in ANGLE library with
    TextureStorage11
  * CVE-2018-18492 bmo#1499861
    Use-after-free with select element
  * CVE-2018-18493 bmo#1504452
    Buffer overflow in accelerated 2D canvas with Skia
  * CVE-2018-18494 bmo#1487964
    Same-origin policy violation using location attribute and
    performance.getEntries to steal cross-origin URLs

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=699
2018-12-12 11:35:28 +00:00
Wolfgang Rosenauer
d8b75f888e Accepting request 652365 from home:Guillaume_G:branches:mozilla:Factory
- Remove --disable-elf-hack when not available: on aarch64 and ppc64*

OBS-URL: https://build.opensuse.org/request/show/652365
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=698
2018-12-11 07:45:25 +00:00
Wolfgang Rosenauer
f6f6df084e Accepting request 651976 from home:Guillaume_G:branches:mozilla:Factory2
- Clean-up %arm build

OBS-URL: https://build.opensuse.org/request/show/651976
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=695
2018-11-26 10:42:10 +00:00
Wolfgang Rosenauer
3ce0fd3bc7 - update to Firefox 63.0.3
* Games using WebGL (created in Unity) get stuck after very short
    time of gameplay (bmo#1502748)
  * Slow page loading for some users with specific proxy configurations
    (bmo#1495024)
  * Disable HTTP response throttling by default for causing bugs with
    videos in background tabs (bmo#1503354)
  * Opening magnet links no longer works (bmo#1498934)
  * Crash fixes (bmo#1498510, bmo#1503424)
- removed mozilla-newer-cbindgen.patch; no longer needed
- requires rust-cbindgen >= 0.6.2 to build
- requires nodejs >= 8.11 to build
- added mozilla-newer-cbindgen.patch to fix build with cbindgen 0.6.7

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=694
2018-11-18 21:46:59 +00:00
Wolfgang Rosenauer
b19ebee19e - disable elfhack for TW and newer due to build errors
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=693
2018-11-12 11:49:28 +00:00
Wolfgang Rosenauer
2f1f7dea2a - update to Firefox 63.0.1
* Snippets are not loaded due to missing element (bmo#1503047)
  * Print preview always shows 30& scale when it is actually
    Shrink To Fit (bmo#1501952)
  * Dialog displayed when closing multiple windows shows unreplaced
    %1$S placeholder in Japanese and potentially other locales
    (bmo#1500823)
  MFSA 2018-26 (bsc#1112852)
  * CVE-2018-12391 (bmo#1478843) (Android-only)
    HTTP Live Stream audio data is accessible cross-origin
  * CVE-2018-12392 (bmo#1492823)
    Crash with nested event loops
  * CVE-2018-12393 (bmo#1495011) (only affects non-64-bit archs)
    Integer overflow during Unicode conversion while loading JavaScript
  * CVE-2018-12395 (bmo#1467523)
    WebExtension bypass of domain restrictions through header rewriting
  * CVE-2018-12396 (bmo#1483602)
    WebExtension content scripts can execute in disallowed contexts
  * CVE-2018-12397 (bmo#1487478)
    Missing warning prompt when WebExtension requests local file access
  * CVE-2018-12398 (bmo#1460538, bmo#1488061)
    CSP bypass through stylesheet injection in resource URIs
  * CVE-2018-12399 (bmo#1490276)
    Spoofing of protocol registration notification bar
  * CVE-2018-12400 (bmo#1448305) (Android only)
    Favicons are cached in private browsing mode on Firefox for Android
  * CVE-2018-12401 (bmo#1422456)
    DOS attack through special resource URI parsing
  * CVE-2018-12402 (bmo#1469916)
    SameSite cookies leak when pages are explicitly saved

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=692
2018-11-10 21:07:09 +00:00
Wolfgang Rosenauer
6bbb36ffe9 - update to Firefox 63.0
* WebExtensions now run in their own process on Linux
  * The Ctrl+Tab shortcut now displays thumbnail previews of your
    tabs and cycles through tabs in recently used order. This new
    default behavior is activated only in new profiles and can be
    changed in preferences.
  * Added support for Web Components custom elements and shadow DOM
- requires NSPR 4.20, NSS 3.39 and Rust 1.28

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=691
2018-10-29 15:21:53 +00:00
Wolfgang Rosenauer
5048a922bb Accepting request 644806 from home:Guillaume_G:branches:mozilla:Factory
- Update _constraints for armv6/7
- Add patch to fix build on armv7:
  * mozilla-bmo1463035.patch

OBS-URL: https://build.opensuse.org/request/show/644806
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=690
2018-10-29 14:09:04 +00:00
Wolfgang Rosenauer
7f0ad4c413 Accepting request 639735 from home:AndreasStieger:branches:mozilla:Factory
- Mozilla Firefox 62.0.3:
  MFSA 2018-24
  * CVE-2018-12386 (bsc#1110506, bmo#1493900)
    Type confusion in JavaScript allowed remote code execution
  * CVE-2018-12387 (bsc#1110507, bmo#1493903)
    Array.prototype.push stack pointer vulnerability may enable
    exploits in the sandboxed content process

OBS-URL: https://build.opensuse.org/request/show/639735
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=688
2018-10-03 12:24:02 +00:00
Wolfgang Rosenauer
42ab585fa7 - disable rust debug symbols to fix build on %ix86
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=686
2018-09-24 20:59:09 +00:00
Wolfgang Rosenauer
ec4afab305 Accepting request 637170 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 62.0.2
  * CVE-2018-12385 (boo#1109363, bmo#1490585)

OBS-URL: https://build.opensuse.org/request/show/637170
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=684
2018-09-22 09:37:16 +00:00
Wolfgang Rosenauer
551d63d536 - update to Firefox 62.0 (build2)
- requires NSS >= 3.38
- removed obsolete patches
  mozilla-bmo1464766.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=682
2018-09-05 07:16:27 +00:00
Wolfgang Rosenauer
a3dfca5f05 - update to Firefox 61.0.2
* Improved website rendering with the Retained Display List feature
    enabled (bmo#1474402)
  * Fixed broken DevTools panels with certain extensions installed
    (bmo#1474379)
  * Fixed a crash for users with some accessibility tools enabled
    (bmo#1474007)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=680
2018-08-09 18:13:29 +00:00
Wolfgang Rosenauer
b94eb6767e Accepting request 621667 from home:AndreasStieger:branches:mozilla:Factory
Firefox 61.0.1

OBS-URL: https://build.opensuse.org/request/show/621667
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=678
2018-07-09 16:46:43 +00:00
Wolfgang Rosenauer
206b6f2820 - update to Firefox 61.0
* Performance enhancements
  * Various improvements for dark theme support will provide a more
    consistent experience across the entire Firefox UI
  * OpenSearch plugins offered by web pages can now be added from the
    page action menu for easier installation
  * Improved support for allowing WebExtensions to manage and hide tabs
- requires NSS 3.37.3
- requires python >= 3.5 to build
- removed obsolete patches
  mozilla-i586-DecoderDoctorLogger.patch
  mozilla-i586-domPrefs.patch
  mozilla-fix-skia-aarch64.patch
  mozilla-bmo1375074.patch
  mozilla-enable-csd.patch
- patch for new no-return warnings (mozilla-no-return.patch)
- do not disable system installed locales (mozilla-bmo1464766.patch)

- Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass
  conditional --disable-gconf to configure: no longer pull in
  obsolete gconf2 for Tumbleweed.

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=673
2018-06-25 20:56:47 +00:00
Wolfgang Rosenauer
ea8e2a80bd - update to Firefox 60.0.2
* requires NSS 3.36.4
  MFSA 2018-14 (bsc#1096449)
  * CVE-2018-6126 (bmo#1462682)
    Heap buffer overflow rasterizing paths in SVG with Skia

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=671
2018-06-07 14:08:54 +00:00
Wolfgang Rosenauer
4a2d8988d3 Accepting request 614877 from home:Guillaume_G:branches:mozilla:Factory
- Add upstream patch to fix boo#1093059 instead of '-ffixed-x28' workaround:
  * mozilla-bmo1375074.patch

OBS-URL: https://build.opensuse.org/request/show/614877
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=670
2018-06-07 11:56:20 +00:00
Wolfgang Rosenauer
6b78971621 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=668 2018-05-26 21:36:30 +00:00
Wolfgang Rosenauer
5210fcee40 Accepting request 612415 from home:Guillaume_G:branches:mozilla:Factory
- Workaround crash on startup on aarch64, boo#1093059

OBS-URL: https://build.opensuse.org/request/show/612415
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=666
2018-05-26 15:51:56 +00:00
Wolfgang Rosenauer
45b6b99978 Accepting request 608990 from home:Guillaume_G:branches:mozilla:Factory
- Disable webrtc for aarch64 due to bmo#1434589
- Add patch to fix skia build on AArch64:
  * mozilla-fix-skia-aarch64.patch

OBS-URL: https://build.opensuse.org/request/show/608990
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=663
2018-05-23 08:43:47 +00:00
Wolfgang Rosenauer
9915e415f7 - update to Firefox 60.0.1
* Avoid overly long cycle collector pauses with some add-ons installed
    (bmo#1449033)
  * After unckecking the "Sponsored Stories" option, the New Tab page
    now immediately stops displaying "Sponsored content" cards (bmo#1458906)
  * On touchscreen devices, fixed momentum scrolling on non-zoomable pages
    (bmo#1457743)
  * Use the right default background when opening tabs or windows in
    high contrast mode (bmo#1458956)
  * Restored translations of the Preferences panels when using a
    language pack (bmo#1461590)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=661
2018-05-17 14:35:18 +00:00
Wolfgang Rosenauer
eef38bbb12 Accepting request 607198 from home:pcerny:factory
parellelise locales building (package build speedup 10%+)

OBS-URL: https://build.opensuse.org/request/show/607198
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=660
2018-05-14 16:04:59 +00:00
Wolfgang Rosenauer
19ab3bdb06 MFSA 2018-11 (bsc#1092548)
* CVE-2018-5154 (bmo#1443092)
    Use-after-free with SVG animations and clip paths
  * CVE-2018-5155 (bmo#1448774)
    Use-after-free with SVG animations and text paths
  * CVE-2018-5157 (bmo#1449898)
    Same-origin bypass of PDF Viewer to view protected PDF files
  * CVE-2018-5158 (bmo#1452075)
    Malicious PDF can inject JavaScript into PDF Viewer
  * CVE-2018-5159 (bmo#1441941)
    Integer overflow and out-of-bounds write in Skia
  * CVE-2018-5160 (bmo#1436117)
    Uninitialized memory use by WebRTC encoder
  * CVE-2018-5152 (bmo#1415644, bmo#1427289)
    WebExtensions information leak through webRequest API
  * CVE-2018-5153 (bmo#1436809)
    Out-of-bounds read in mixed content websocket messages
  * CVE-2018-5163 (bmo#1426353)
    Replacing cached data in JavaScript Start-up Bytecode Cache
  * CVE-2018-5164 (bmo#1416045)
    CSP not applied to all multipart content sent with
    multipart/x-mixed-replace
  * CVE-2018-5166 (bmo#1437325)
    WebExtension host permission bypass through filterReponseData
  * CVE-2018-5167 (bmo#1447969)
    Improper linkification of chrome: and javascript: content in
    web console and JavaScript debugger
  * CVE-2018-5168 (bmo#1449548)
    Lightweight themes can be installed without user interaction
  * CVE-2018-5169 (bmo#1319157)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=658
2018-05-09 19:58:20 +00:00