openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of firefox115esr

Wolfgang Rosenauer (wrosenauer) accepted request 1226630 from

Manfred Hollstein (manfred-h) 1 day ago (revision 58)

- Firefox Extended Support Release 115.18.0 ESR
  * Fixed: Various security fixes.
- Mozilla Firefox ESR 115.18.0
  https://www.mozilla.org/security/advisories/mfsa2024-65
  MFSA 2024-65 (boo#???????)
  * CVE-2024-11691 (bmo#1914707, bmo#1924184)
    Memory corruption in Apple GPU drivers
  * CVE-2024-11694 (bmo#1924167)
    CSP Bypass and XSS Exposure via Web Compatibility Shims

Wolfgang Rosenauer (wrosenauer) accepted request 1226434 from

Manfred Hollstein (manfred-h) 2 days ago (revision 57)

- Firefox Extended Support Release 115.18.0 ESR
  * Fixed: Various security fixes.
- Mozilla Firefox ESR 115.18.0
  https://www.mozilla.org/security/advisories/mfsa2024-65
  MFSA 2024-65 (boo#???????)

Wolfgang Rosenauer (wrosenauer) accepted request 1225599 from

Manfred Hollstein (manfred-h) 7 days ago (revision 56)

see e-mail "Build-Matrix der verschiedenen Mozilla/Thunderbird ESR Varianten"

Wolfgang Rosenauer (wrosenauer) accepted request 1225145 from

Manfred Hollstein (manfred-h) 9 days ago (revision 55)

Fucking OBS resolver logic - had to move this package to mozilla:esr:legacy to ensure rust-cbindgen-0.24.3 gets used :-(

Wolfgang Rosenauer (wrosenauer) accepted request 1225140 from

Manfred Hollstein (manfred-h) 9 days ago (revision 54)

Properly define cargo, rust and rust-cbindgen version.

Wolfgang Rosenauer (wrosenauer) accepted request 1224871 from

Manfred Hollstein (manfred-h) 10 days ago (revision 53)

- Remove old, unneeded patch:
  * mozilla-partial-revert-1768632.patch

Wolfgang Rosenauer (wrosenauer) accepted request 1224189 from

Manfred Hollstein (manfred-h) 14 days ago (revision 52)

- require xdg-desktop-portal (boo#1233166)
- remove KDE integration patches
  - mozilla-kde.patch
  - firefox-kde.patch
  on KDE use these settings instead
  widget.use-xdg-desktop-portal.file-picker=1
  widget.use-xdg-desktop-portal.mime-handler=1
  (those are set by the latest branding package as well)

Wolfgang Rosenauer (wrosenauer) accepted request 1223394 from

Manfred Hollstein (manfred-h) 16 days ago (revision 51)

- Sync firefox-esr.spec with MozillaFirefox.spec from project "mozilla"
- Don't use clang-devel >= 19 on Tumbleweed! For this to work, one has
  to use the llvm18 packages from
    home:manfred-h:devel:languages:rust

Wolfgang Rosenauer (wrosenauer) accepted request 1222890 from

Manfred Hollstein (manfred-h) 18 days ago (revision 50)

- Ensure this package is always called "firefox-esr" on Tumbleweed
  and Slowroll. Use the ff_esr_name macro to override the default
  name "MozillaFirefox" on SLE and Leap.
  This allows parallel installation of firefox-esr and the
  default version of MozillaFirefox.

Wolfgang Rosenauer (wrosenauer) committed about 1 month ago (revision 49)

Wolfgang Rosenauer (wrosenauer) accepted request 1219031 from

Manfred Hollstein (manfred-h) about 1 month ago (revision 48)

- Firefox Extended Support Release 115.17.0 ESR
  * Fixed: Various security fixes.
- Mozilla Firefox ESR 115.17.0
  https://www.mozilla.org/security/advisories/mfsa2024-57
  MFSA 2024-57 (boo#???????)
  * CVE-2024-10458 (bmo#1921733)
    Permission leak via embed or object elements
  * CVE-2024-10459 (bmo#1919087)
    Use-after-free in layout with accessibility
  * CVE-2024-10463 (bmo#1920800)
    Cross origin video frame leak
- Remove obsolete patch mozilla-rust-disable-future-incompat.patch
- Refresh patch mozilla-fix-issues-with-llvm18.patch

Wolfgang Rosenauer (wrosenauer) committed about 1 month ago (revision 47)

Wolfgang Rosenauer (wrosenauer) accepted request 1218957 from

Manfred Hollstein (manfred-h) about 1 month ago (revision 46)

- Mozilla Firefox ESR 115.17.0
  https://www.mozilla.org/security/advisories/mfsa2024-57
  MFSA 2024-57 (boo#???????)
- Remove obsolete patch mozilla-rust-disable-future-incompat.patch
- Refresh patch mozilla-fix-issues-with-llvm18.patch

Wolfgang Rosenauer (wrosenauer) accepted request 1206603 from

Manfred Hollstein (manfred-h) about 2 months ago (revision 45)

- Mozilla Firefox ESR 115.16.1
  https://www.mozilla.org/security/advisories/mfsa2024-51
  MFSA 2024-51 (boo#???????)
  * CVE-2024-9680 (bmo#1923344)
    Use-after-free in Animation timeline

Wolfgang Rosenauer (wrosenauer) accepted request 1204973 from

Manfred Hollstein (manfred-h) about 2 months ago (revision 44)

- Firefox Extended Support Release 115.16.0 ESR
  * Fixed: Fixed Windows 7 incompatibility with the latest
    Widevine library to retain Encrypted Media Extensions (EME)
    support, ensuring support for content from video streaming
    providers. (bmo#1918478)
  * Fixed: Various security fixes.
- Mozilla Firefox ESR 115.16
  https://www.mozilla.org/security/advisories/mfsa2024-48
  MFSA 2024-48 (boo#???????)
  * CVE-2024-9392 (bmo#1899154, bmo#1905843)
    Compromised content process can bypass site isolation
  * CVE-2024-9393 (bmo#1918301)
    Cross-origin access to PDF contents through multipart
    responses
  * CVE-2024-9394 (bmo#1918874)
    Cross-origin access to JSON contents through multipart
    responses
  * CVE-2024-9401 (bmo#1872744, bmo#1897792, bmo#1911317,
    bmo#1916476)
    Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16,
    Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3

Wolfgang Rosenauer (wrosenauer) accepted request 1204802 from

Manfred Hollstein (manfred-h) about 2 months ago (revision 43)

- Firefox Extended Support Release 115.16.0 ESR
  * Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.16.0
  https://www.mozilla.org/security/advisories/mfsa2024-??
  MFSA 2024-?? (boo#???????)

Wolfgang Rosenauer (wrosenauer) accepted request 1198506 from

Manfred Hollstein (manfred-h) 3 months ago (revision 42)

- Firefox Extended Support Release 115.15.0 ESR
  * Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.15.0
  https://www.mozilla.org/security/advisories/mfsa2024-41
  MFSA 2024-41 (boo#???????)
  * CVE-2024-8381 (bmo#1912715)
    Type confusion when looking up a property name in a
    &quot;with&quot; block
  * CVE-2024-8382 (bmo#1906744)
    Internal event interfaces were exposed to web content when
    browser EventHandler listener callbacks ran
  * CVE-2024-8383 (bmo#1908496)
    Firefox did not ask before openings news: links in an
    external application
  * CVE-2024-8384 (bmo#1911288)
    Garbage collection could mis-color cross-compartment objects
    in OOM conditions
- Stick with gcc13 on Tumbleweed; sources don't compile using gcc14!

Wolfgang Rosenauer (wrosenauer) accepted request 1191879 from

Manfred Hollstein (manfred-h) 4 months ago (revision 41)

- Firefox Extended Support Release 115.14.0 ESR
  * Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.14.0
  https://www.mozilla.org/security/advisories/mfsa2024-34
  MFSA 2024-34 (boo#???????)
  * CVE-2024-7519 (bmo#1902307)
    Out of bounds memory access in graphics shared memory
    handling
  * CVE-2024-7521 (bmo#1904644)
    Incomplete WebAssembly exception handing
  * CVE-2024-7522 (bmo#1906727)
    Out of bounds read in editor component
  * CVE-2024-7524 (bmo#1909241)
    CSP strict-dynamic bypass using web-compatibility shims
  * CVE-2024-7525 (bmo#1909298)
    Missing permission check when creating a StreamFilter
  * CVE-2024-7526 (bmo#1910306)
    Uninitialized memory used by WebGL
  * CVE-2024-7527 (bmo#1871303)
    Use-after-free in JavaScript garbage collection
  * CVE-2024-7529 (bmo#1903187)
    Document content could partially obscure security prompts
  * CVE-2024-7531 (bmo#1905691)
    PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel
    Sandy Bridge machines

Wolfgang Rosenauer (wrosenauer) accepted request 1186958 from

Manfred Hollstein (manfred-h) 5 months ago (revision 40)

- Firefox Extended Support Release 115.13.0 ESR
  * Changed: The root certificate used to verify add-ons and
    signed content has been renewed to avoid upcoming expiration.
    (bmo#None)
  * Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.13.0
  https://www.mozilla.org/security/advisories/mfsa2024-30
  MFSA 2024-30 (boo#1226316)
  * CVE-2024-6600 (bmo#1888340)
    Memory corruption in WebGL API
  * CVE-2024-6601 (bmo#1890748)
    Race condition in permission assignment
  * CVE-2024-6602 (bmo#1895032)
    Memory corruption in NSS
  * CVE-2024-6603 (bmo#1895081)
    Memory corruption in thread creation
  * CVE-2024-6604 (bmo#1748105, bmo#1837550, bmo#1884266)
    Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13,
    and Thunderbird 115.13
- Update create_tar.sh from our firefox-scripts git
- Use gcc13 and gcc13-c++ on all Leap versions.
- Use cargo/rust1.76 for building.

Wolfgang Rosenauer (wrosenauer) accepted request 1186236 from

Manfred Hollstein (manfred-h) 5 months ago (revision 39)

- Firefox Extended Support Release 115.13.0 ESR
  * Fixed: Various security fixes and other quality improvements.
- Mozilla Firefox ESR 115.13.0
  https://www.mozilla.org/security/advisories/mfsa2024-29
  MFSA 2024-29 (boo#???????)
- Update create_tar.sh from our firefox-scripts git

Displaying revisions 1 - 20 of 58

Places

Revisions of firefox115esr

Places