rpm/MozillaFirefox
SHA256
1
0
Fork 0
forked from pool/MozillaFirefox
Code Pull Requests Activity
1,175 Commits 2 Branches 0 Tags 12 MiB
d1be093a13
Commit Graph

1175 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Ana Guerrero
d1be093a13 Accepting request 1146565 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1146565
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=420
 2024-02-15 19:58:57 +00:00
Wolfgang Rosenauer
d2bb239998 Accepting request 1146484 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Firefox 122.0.1

OBS-URL: https://build.opensuse.org/request/show/1146484
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1134
 2024-02-14 12:25:21 +00:00
Ana Guerrero
dae9c9db48 Accepting request 1143092 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1143092
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=419
 2024-02-01 17:03:42 +00:00
Wolfgang Rosenauer
c4d54d7b75 Accepting request 1142978 from home:MSirringhaus:branches:mozilla:Factory 
- Recommend libfido2-udev on codestreams that exist, in order to try
  to get security keys (e.g. Yubikeys) work out of the box. (bsc#1184272)

OBS-URL: https://build.opensuse.org/request/show/1142978
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1132
 2024-01-31 17:28:29 +00:00
Ana Guerrero
0299745734 Accepting request 1142680 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1142680
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=418
 2024-01-30 17:24:32 +00:00
Wolfgang Rosenauer
e23269fde0 Accepting request 1142188 from home:Andreas_Schwab:Factory 
- Fix file list

OBS-URL: https://build.opensuse.org/request/show/1142188
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1130
 2024-01-29 22:24:08 +00:00
Ana Guerrero
fbd6485905 Accepting request 1141490 from mozilla:Factory 
- Mozilla Firefox 122.0
  https://www.mozilla.org/en-US/firefox/122.0/releasenotes/
  MFSA 2024-01 (bsc#1218955)
  * CVE-2024-0741 (bmo#1864587)
    Out of bounds write in ANGLE
  * CVE-2024-0742 (bmo#1867152)
    Failure to update user input timestamp
  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-0744 (bmo#1871089)
    Wild pointer dereference in JavaScript
  * CVE-2024-0745 (bmo#1871838)
    Stack buffer overflow in WebAudio
  * CVE-2024-0746 (bmo#1660223)
    Crash when listing printers on Linux
  * CVE-2024-0747 (bmo#1764343)
    Bypass of Content Security Policy when directive unsafe-inline was set
  * CVE-2024-0748 (bmo#1783504)
    Compromised content process could modify document URI
  * CVE-2024-0749 (bmo#1813463)
    Phishing site popup could show local origin in address bar
  * CVE-2024-0750 (bmo#1863083)
    Potential permissions request bypass via clickjacking
  * CVE-2024-0751 (bmo#1865689)
    Privilege escalation through devtools
  * CVE-2024-0752 (bmo#1866840)
    Use-after-free could occur when applying update on macOS
  * CVE-2024-0753 (bmo#1870262)
    HSTS policy on subdomain could bypass policy of upper domain
  * CVE-2024-0754 (bmo#1871605)

OBS-URL: https://build.opensuse.org/request/show/1141490
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=417
 2024-01-26 21:45:43 +00:00
Wolfgang Rosenauer
3eb8b737e4 - Mozilla Firefox 122.0 
https://www.mozilla.org/en-US/firefox/122.0/releasenotes/
  MFSA 2024-01 (bsc#1218955)
  * CVE-2024-0741 (bmo#1864587)
    Out of bounds write in ANGLE
  * CVE-2024-0742 (bmo#1867152)
    Failure to update user input timestamp
  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-0744 (bmo#1871089)
    Wild pointer dereference in JavaScript
  * CVE-2024-0745 (bmo#1871838)
    Stack buffer overflow in WebAudio
  * CVE-2024-0746 (bmo#1660223)
    Crash when listing printers on Linux
  * CVE-2024-0747 (bmo#1764343)
    Bypass of Content Security Policy when directive unsafe-inline was set
  * CVE-2024-0748 (bmo#1783504)
    Compromised content process could modify document URI
  * CVE-2024-0749 (bmo#1813463)
    Phishing site popup could show local origin in address bar
  * CVE-2024-0750 (bmo#1863083)
    Potential permissions request bypass via clickjacking
  * CVE-2024-0751 (bmo#1865689)
    Privilege escalation through devtools
  * CVE-2024-0752 (bmo#1866840)
    Use-after-free could occur when applying update on macOS
  * CVE-2024-0753 (bmo#1870262)
    HSTS policy on subdomain could bypass policy of upper domain
  * CVE-2024-0754 (bmo#1871605)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1128
 2024-01-25 11:10:30 +00:00
Ana Guerrero
da52efa0fb Accepting request 1138351 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1138351
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=416
 2024-01-14 18:01:25 +00:00
Wolfgang Rosenauer
7bf217f6ac Accepting request 1137806 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Firefox 121.0.1

OBS-URL: https://build.opensuse.org/request/show/1137806
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1126
 2024-01-12 16:07:06 +00:00
Ana Guerrero
9aad02882d Accepting request 1134603 from mozilla:Factory 
- Mozilla Firefox 121.0
  https://www.mozilla.org/en-US/firefox/121.0/releasenotes
  MFSA 2023-56 (bsc#1217974)
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6135 (bmo#1853908)
    NSS susceptible to "Minerva" attack
  * CVE-2023-6865 (bmo#1864123)
    Potential exposure of uninitialized data in EncryptingOutputStream
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6866 (bmo#1849037)
    TypedArrays lack sufficient exception handling
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6867 (bmo#1863863)
    Clickjacking permission prompts using the popup transition
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6868 (bmo#1865488)
    WebPush requests on Firefox for Android did not require VAPID key
  * CVE-2023-6869 (bmo#1799036)
    Content can paint outside of sandboxed iframe

OBS-URL: https://build.opensuse.org/request/show/1134603
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=415
 2023-12-22 21:41:04 +00:00
Wolfgang Rosenauer
20ffb64e05 - Mozilla Firefox 121.0 
https://www.mozilla.org/en-US/firefox/121.0/releasenotes
  MFSA 2023-56 (bsc#1217974)
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6135 (bmo#1853908)
    NSS susceptible to "Minerva" attack
  * CVE-2023-6865 (bmo#1864123)
    Potential exposure of uninitialized data in EncryptingOutputStream
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6866 (bmo#1849037)
    TypedArrays lack sufficient exception handling
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6867 (bmo#1863863)
    Clickjacking permission prompts using the popup transition
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6868 (bmo#1865488)
    WebPush requests on Firefox for Android did not require VAPID key
  * CVE-2023-6869 (bmo#1799036)
    Content can paint outside of sandboxed iframe

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1124
 2023-12-22 09:01:08 +00:00
Dominique Leuenberger
710f8bf00b Accepting request 1132165 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1132165
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=414
 2023-12-09 21:49:34 +00:00
Wolfgang Rosenauer
3c65948f42 Accepting request 1132141 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Firefox 120.0.1 (boo#1217910)

OBS-URL: https://build.opensuse.org/request/show/1132141
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1122
 2023-12-08 21:21:52 +00:00
Ana Guerrero
a2e18a8139 Accepting request 1129161 from mozilla:Factory 
- Mozilla Firefox 120.0
  https://www.mozilla.org/en-US/firefox/120.0/releasenotes
  MFSA 2023-49 (bsc#1217230)
  * CVE-2023-6204 (bmo#1841050)
    Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205 (bmo#1854076)
    Use-after-free in MessagePort::Entangled
  * CVE-2023-6206 (bmo#1857430)
    Clickjacking permission prompts using the fullscreen
    transition
  * CVE-2023-6207 (bmo#1861344)
    Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208 (bmo#1855345)
    Using Selection API would copy contents into X11 primary
    selection.
  * CVE-2023-6209 (bmo#1858570)
    Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6210 (bmo#1801501)
    Mixed-content resources not blocked in a javascript: pop-up
  * CVE-2023-6211 (bmo#1850200)
    Clickjacking to load insecure pages in HTTPS-only mode
  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,
    bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,
    bmo#1862782)
    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
    and Thunderbird 115.5
  * CVE-2023-6213 (bmo#1849265, bmo#1851118, bmo#1854911)
    Memory safety bugs fixed in Firefox 120
- rebased patches

OBS-URL: https://build.opensuse.org/request/show/1129161
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=413
 2023-11-27 21:42:07 +00:00
Wolfgang Rosenauer
9a9faccc26 - Mozilla Firefox 120.0 
https://www.mozilla.org/en-US/firefox/120.0/releasenotes
  MFSA 2023-49 (bsc#1217230)
  * CVE-2023-6204 (bmo#1841050)
    Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205 (bmo#1854076)
    Use-after-free in MessagePort::Entangled
  * CVE-2023-6206 (bmo#1857430)
    Clickjacking permission prompts using the fullscreen
    transition
  * CVE-2023-6207 (bmo#1861344)
    Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208 (bmo#1855345)
    Using Selection API would copy contents into X11 primary
    selection.
  * CVE-2023-6209 (bmo#1858570)
    Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6210 (bmo#1801501)
    Mixed-content resources not blocked in a javascript: pop-up
  * CVE-2023-6211 (bmo#1850200)
    Clickjacking to load insecure pages in HTTPS-only mode
  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,
    bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,
    bmo#1862782)
    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
    and Thunderbird 115.5
  * CVE-2023-6213 (bmo#1849265, bmo#1851118, bmo#1854911)
    Memory safety bugs fixed in Firefox 120
- rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1120
 2023-11-27 14:33:21 +00:00
Ana Guerrero
6430926302 Accepting request 1124746 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1124746
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=412
 2023-11-13 21:15:56 +00:00
Wolfgang Rosenauer
0682eecc12 Accepting request 1124728 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Firefox 119.0.1

OBS-URL: https://build.opensuse.org/request/show/1124728
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1118
 2023-11-09 21:23:49 +00:00
Ana Guerrero
94af17d03a Accepting request 1121261 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1121261
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=411
 2023-10-31 19:24:50 +00:00
Wolfgang Rosenauer
fba3ce914b Accepting request 1121257 from home:iznogood:factory 
Alter .changes to avoid factory bots nack'ing the submission. (mention patches enabled/disabled).

OBS-URL: https://build.opensuse.org/request/show/1121257
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1116
 2023-10-30 17:34:27 +00:00
Wolfgang Rosenauer
ea5dd3dbee - Mozilla Firefox 119.0 
https://www.mozilla.org/en-US/firefox/119.0/releasenotes
  MFSA 2023-45 (bsc#1216338)
  * CVE-2023-5721 (bmo#1830820)
    Queued up rendering could have allowed websites to clickjack
  * CVE-2023-5722 (bmo#1738426)
    Cross-Origin size and header leakage
  * CVE-2023-5723 (bmo#1802057)
    Invalid cookie characters could have led to unexpected errors
  * CVE-2023-5724 (bmo#1836705)
    Large WebGL draw could have led to a crash
  * CVE-2023-5725 (bmo#1845739)
    WebExtensions could open arbitrary URLs
  * CVE-2023-5726 (bmo#1846205)
    Full screen notification obscured by file open dialog on macOS
  * CVE-2023-5727 (bmo#1847180)
    Download Protections were bypassed by .msix, .msixbundle,
    .appx, and .appxbundle files on Windows
  * CVE-2023-5728 (bmo#1852729)
    Improper object tracking during GC in the JavaScript engine
    could have led to a crash.
  * CVE-2023-5729 (bmo#1823720)
    Fullscreen notification dialog could have been obscured by
    WebAuthn prompts
  * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833,
    bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002,
    bmo#1855306, bmo#1855640, bmo#1856695)
    Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
    and Thunderbird 115.4.1
  * CVE-2023-5731 (bmo#1690111, bmo#1721904, bmo#1851803, bmo#1854068)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1115
 2023-10-27 07:18:39 +00:00
Wolfgang Rosenauer
d3e0fd0201 (boo#1216027) 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1114
 2023-10-14 14:32:42 +00:00
Wolfgang Rosenauer
3e7afa6df6 - Activate KDE integration again, included rebased and updated patches 
(upstream removed special files handling for preferences but that
  has no effect since we haven't shipped obsolete kde.js for a while)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1113
 2023-10-14 12:04:21 +00:00
Wolfgang Rosenauer
93544be53d Accepting request 1114576 from home:Thaodan:branches:mozilla:Factory 
- Active KDE integration again, included rebased and updated patches

OBS-URL: https://build.opensuse.org/request/show/1114576
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1112
 2023-10-14 12:01:14 +00:00
Wolfgang Rosenauer
865d7485c2 Accepting request 1117058 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Firefox 118.0.2

OBS-URL: https://build.opensuse.org/request/show/1117058
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1111
 2023-10-12 08:10:17 +00:00
Ana Guerrero
3d079c76d1 Accepting request 1114282 from mozilla:Factory 
- Mozilla Firefox 118.0.1
  MFSA 2023-44 (bsc#1215814)
  * CVE-2023-5217 (bmo#1855550),
    Heap buffer overflow in libvpx

- Mozilla Firefox 118.0
  MFSA 2023-41 (bsc#1215575)
  * CVE-2023-5168 (bmo#1846683)
    Out-of-bounds write in FilterNodeD2D1
  * CVE-2023-5169 (bmo#1846685)
    Out-of-bounds write in PathOps
  * CVE-2023-5170 (bmo#1846686)
    Memory leak from a privileged process
  * CVE-2023-5171 (bmo#1851599)
    Use-after-free in Ion Compiler
  * CVE-2023-5172 (bmo#1852218)
    Memory Corruption in Ion Hints
  * CVE-2023-5173 (bmo#1823172)
    Out-of-bounds write in HTTP Alternate Services
  * CVE-2023-5174 (bmo#1848454)
    Double-free in process spawning on Windows
  * CVE-2023-5175 (bmo#1849704)
    Use-after-free of ImageBitmap during process shutdown
  * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962,
    bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195)
    Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
    and Thunderbird 115.3
- requires NSS 3.93
- add mozilla-bmo1822730.patch
- deactivated KDE integration temporarily

OBS-URL: https://build.opensuse.org/request/show/1114282
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=410
 2023-09-29 09:43:11 +00:00
Wolfgang Rosenauer
f56b5528a7 (removed mozilla-kde.patch and firefox-kde.patch for now) 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1109
 2023-09-29 08:34:10 +00:00
Wolfgang Rosenauer
aeb0620d41 - Mozilla Firefox 118.0.1 
MFSA 2023-44 (bsc#1215814)
  * CVE-2023-5217 (bmo#1855550),
    Heap buffer overflow in libvpx

- Mozilla Firefox 118.0
  MFSA 2023-41 (bsc#1215575)
  * CVE-2023-5168 (bmo#1846683)
    Out-of-bounds write in FilterNodeD2D1
  * CVE-2023-5169 (bmo#1846685)
    Out-of-bounds write in PathOps
  * CVE-2023-5170 (bmo#1846686)
    Memory leak from a privileged process
  * CVE-2023-5171 (bmo#1851599)
    Use-after-free in Ion Compiler
  * CVE-2023-5172 (bmo#1852218)
    Memory Corruption in Ion Hints
  * CVE-2023-5173 (bmo#1823172)
    Out-of-bounds write in HTTP Alternate Services
  * CVE-2023-5174 (bmo#1848454)
    Double-free in process spawning on Windows
  * CVE-2023-5175 (bmo#1849704)
    Use-after-free of ImageBitmap during process shutdown
  * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962,
    bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195)
    Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
    and Thunderbird 115.3
- requires NSS 3.93
- deactivated KDE integration temporarily

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1108
 2023-09-29 08:31:52 +00:00
Wolfgang Rosenauer
24d80f3612 - add mozilla-bmo1822730.patch 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1107
 2023-09-23 07:29:59 +00:00
Wolfgang Rosenauer
226302d631 Accepting request 1113090 from home:biggestsonicfan:branches:mozilla:Factory 
Fixes 1822730, which will be blocked from merging until 1768383 is resolved.

OBS-URL: https://build.opensuse.org/request/show/1113090
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1106
 2023-09-23 07:28:40 +00:00
Ana Guerrero
bf59babbb3 Accepting request 1110687 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1110687
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=409
 2023-09-13 18:43:34 +00:00
Wolfgang Rosenauer
202b7e7c4a Accepting request 1110680 from home:AndreasStieger:branches:mozilla:Factory 
117.0.1 MFSA 2023-40 CVE-2023-4863 (boo#1215231)

OBS-URL: https://build.opensuse.org/request/show/1110680
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1104
 2023-09-12 17:59:40 +00:00
Ana Guerrero
16d69b154b Accepting request 1107944 from mozilla:Factory 
- Mozilla Firefox 117.0
  https://www.mozilla.org/en-US/firefox/117.0/releasenotes
  MFSA 2023-34 (bsc#1214606)
  * CVE-2023-4573 (bmo#1846687)
    Memory corruption in IPC CanvasTranslator
  * CVE-2023-4574 (bmo#1846688)
    Memory corruption in IPC ColorPickerShownCallback
  * CVE-2023-4575 (bmo#1846689)
    Memory corruption in IPC FilePickerShownCallback
  * CVE-2023-4576 (bmo#1846694)
    Integer Overflow in RecordedSourceSurfaceCreation
  * CVE-2023-4577 (bmo#1847397)
    Memory corruption in JIT UpdateRegExpStatics
  * CVE-2023-4578 (bmo#1839007)
    Error reporting methods in SpiderMonkey could have triggered
    an Out of Memory Exception
  * CVE-2023-4579 (bmo#1842766)
    Persisted search terms were formatted as URLs
  * CVE-2023-4580 (bmo#1843046)
    Push notifications saved to disk unencrypted
  * CVE-2023-4581 (bmo#1843758)
    XLL file extensions were downloadable without warnings
  * CVE-2023-4582 (bmo#1773874)
    Buffer Overflow in WebGL glGetProgramiv
  * CVE-2023-4583 (bmo#1842030)
    Browsing Context potentially not cleared when closing Private
    Window
  * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,
    bmo#1846526, bmo#1847529)
    Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,

OBS-URL: https://build.opensuse.org/request/show/1107944
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=408
 2023-08-30 08:18:38 +00:00
Wolfgang Rosenauer
bbbb712787 - Mozilla Firefox 117.0 
https://www.mozilla.org/en-US/firefox/117.0/releasenotes
  MFSA 2023-34 (bsc#1214606)
  * CVE-2023-4573 (bmo#1846687)
    Memory corruption in IPC CanvasTranslator
  * CVE-2023-4574 (bmo#1846688)
    Memory corruption in IPC ColorPickerShownCallback
  * CVE-2023-4575 (bmo#1846689)
    Memory corruption in IPC FilePickerShownCallback
  * CVE-2023-4576 (bmo#1846694)
    Integer Overflow in RecordedSourceSurfaceCreation
  * CVE-2023-4577 (bmo#1847397)
    Memory corruption in JIT UpdateRegExpStatics
  * CVE-2023-4578 (bmo#1839007)
    Error reporting methods in SpiderMonkey could have triggered
    an Out of Memory Exception
  * CVE-2023-4579 (bmo#1842766)
    Persisted search terms were formatted as URLs
  * CVE-2023-4580 (bmo#1843046)
    Push notifications saved to disk unencrypted
  * CVE-2023-4581 (bmo#1843758)
    XLL file extensions were downloadable without warnings
  * CVE-2023-4582 (bmo#1773874)
    Buffer Overflow in WebGL glGetProgramiv
  * CVE-2023-4583 (bmo#1842030)
    Browsing Context potentially not cleared when closing Private
    Window
  * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,
    bmo#1846526, bmo#1847529)
    Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1102
 2023-08-29 12:55:43 +00:00
Ana Guerrero
5112b91bbf Accepting request 1104464 from mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/1104464
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=407
 2023-08-18 17:27:10 +00:00
Wolfgang Rosenauer
42f90b08c5 Accepting request 1104460 from home:AndreasStieger:branches:mozilla:Factory 
Mozilla Firefox 116.0.3

OBS-URL: https://build.opensuse.org/request/show/1104460
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1100
 2023-08-17 19:11:10 +00:00
Wolfgang Rosenauer
afd2ed8433 Accepting request 1104036 from home:adamm:ldbug 
- After further testing on memory consumption during linking, it's
  safe to remove most of the memory reducing options for ix86 linker.
  A combination of these actually resulted in the OOM condition.
  It's even possible to add basic debugging info while keeping
  linker memory consumption at about 2GB

OBS-URL: https://build.opensuse.org/request/show/1104036
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1099
 2023-08-15 21:01:22 +00:00
Wolfgang Rosenauer
062ac2aed4 Accepting request 1103590 from home:adamm:ldbug 
- Remove -j1 limit on x86. The build runs on 64-bit kernel with a
  32-bit userland. This means there is plenty of memory available
  but userland is limited to just under 4GB per process.

OBS-URL: https://build.opensuse.org/request/show/1103590
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1098
 2023-08-12 20:13:40 +00:00
Dominique Leuenberger
2d4931ecd0 Accepting request 1103536 from mozilla:Factory 
- Mozilla Firefox 116.0.2
  * fixes for other platforms

- Fix OOM when linking on 32-bit

- Mozilla Firefox 116.0.1
  * fixes for other platforms

- ship vaapitest binary for supported archs

- re-enable ppc64le
- ship v4l2test binary for supported archs
- drop obsolete mozilla-bmo1775202.patch

- Mozilla Firefox 116.0
  * https://www.mozilla.org/en-US/firefox/116.0/releasenotes/
  MFSA 2023-29 (bsc#1213746)
  * CVE-2023-4045 (bmo#1833876)
    Offscreen Canvas could have bypassed cross-origin restrictions
  * CVE-2023-4046 (bmo#1837686)
    Incorrect value used during WASM compilation
  * CVE-2023-4047 (bmo#1839073)
    Potential permissions request bypass via clickjacking
  * CVE-2023-4048 (bmo#1841368)
    Crash in DOMParser due to out-of-memory conditions
  * CVE-2023-4049 (bmo#1842658)
    Fix potential race conditions when releasing platform objects
  * CVE-2023-4050 (bmo#1843038)
    Stack buffer overflow in StorageManager
  * CVE-2023-4051 (bmo#1821884)

OBS-URL: https://build.opensuse.org/request/show/1103536
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=406
 2023-08-12 13:06:14 +00:00
Wolfgang Rosenauer
5ef499faa4 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1096 2023-08-11 14:23:29 +00:00
Wolfgang Rosenauer
3a86056012 Accepting request 1103454 from home:adamm:branches:mozilla:Factory 
- Fix OOM when linking on 32-bit

OBS-URL: https://build.opensuse.org/request/show/1103454
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1095
 2023-08-11 14:20:02 +00:00
Wolfgang Rosenauer
155b3d9c31 Accepting request 1103362 from home:AndreasStieger:branches:mozilla:Factory 
- Mozilla Firefox 116.0.2
  * fixes for other platforms

OBS-URL: https://build.opensuse.org/request/show/1103362
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1094
 2023-08-10 20:13:00 +00:00
Wolfgang Rosenauer
49fcd30862 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1093 2023-08-07 07:24:23 +00:00
Wolfgang Rosenauer
ef55d0543e Accepting request 1102535 from home:Andreas_Schwab:riscv:mozilla 
- ship vaapitest binary for supported archs

OBS-URL: https://build.opensuse.org/request/show/1102535
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1092
 2023-08-06 07:59:16 +00:00
Wolfgang Rosenauer
b4c782f656 Accepting request 1102496 from home:AndreasStieger:branches:mozilla:Factory 
- Mozilla Firefox 116.0.1
  * fixes for other platforms

OBS-URL: https://build.opensuse.org/request/show/1102496
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1091
 2023-08-06 07:58:18 +00:00
Wolfgang Rosenauer
9f4536dddd OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1090 2023-08-04 17:04:22 +00:00
Wolfgang Rosenauer
119d807d14 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1089 2023-08-04 17:03:28 +00:00
Wolfgang Rosenauer
28cc6cc335 - drop obsolete mozilla-bmo1775202.patch 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1088
 2023-08-04 10:40:33 +00:00
Wolfgang Rosenauer
d9a83463ef - re-enable ppc64le 
- ship v4l2test binary for supported archs

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1087
 2023-08-04 10:12:18 +00:00
Wolfgang Rosenauer
b33933d92e OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1086 2023-08-03 06:11:35 +00:00