Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
MozillaFirefox
MozillaFirefox.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File MozillaFirefox.changes of Package MozillaFirefox
------------------------------------------------------------------- Tue Oct 22 06:30:36 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 128.4.0 ESR Placeholder changelog-entry (bsc#1231879) - Rebase mozilla-rust-disable-future-incompat.patch ------------------------------------------------------------------- Wed Oct 9 07:11:07 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 128.3.1 ESR MFSA 2024-51 (bsc#1231413) * CVE-2024-9680 (bmo#1923344) Use-after-free in Animation timeline ------------------------------------------------------------------- Wed Sep 25 11:30:58 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 128.3.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2024-47 (bsc#1230979) * CVE-2024-9392 (bmo#1899154, bmo#1905843) Compromised content process can bypass site isolation * CVE-2024-9393 (bmo#1918301) Cross-origin access to PDF contents through multipart responses * CVE-2024-9394 (bmo#1918874) Cross-origin access to JSON contents through multipart responses * CVE-2024-8900 (bmo#1872841) Clipboard write permission bypass * CVE-2024-9396 (bmo#1912471) Potential memory corruption may occur when cloning certain objects * CVE-2024-9397 (bmo#1916659) Potential directory upload bypass via clickjacking * CVE-2024-9398 (bmo#1881037) External protocol handlers could be enumerated via popups * CVE-2024-9399 (bmo#1907726) Specially crafted WebTransport requests could lead to denial of service * CVE-2024-9400 (bmo#1915249) Potential memory corruption during JIT compilation * CVE-2024-9401 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1916476) Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 * CVE-2024-9402 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1913445, bmo#1914106, bmo#1914475, bmo#1914963, bmo#1915008, bmo#1916476) Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 ------------------------------------------------------------------- Mon Sep 9 21:01:17 UTC 2024 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 128.2.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2024-40 (bsc#1229821) * CVE-2024-8385 (bmo#1911909) WASM type confusion involving ArrayTypes * CVE-2024-8381 (bmo#1912715) Type confusion when looking up a property name in a "with" block * CVE-2024-8382 (bmo#1906744) Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran * CVE-2024-8383 (bmo#1908496) Firefox did not ask before openings news: links in an external application * CVE-2024-8384 (bmo#1911288) Garbage collection could mis-color cross-compartment objects in OOM conditions * CVE-2024-8386 (bmo#1907032, bmo#1909163, bmo#1909529) SelectElements could be shown over another site if popups are allowed * CVE-2024-8387 (bmo#1857607, bmo#1911858, bmo#1914009) Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 - Removed upstreamed patches mozilla-bmo1907511.patch mozilla-bmo1898476.patch ------------------------------------------------------------------- Wed Jul 31 11:59:32 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 128.1.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2024-35 (bsc#1228648) * CVE-2024-7518 (bmo#1875354) Fullscreen notification dialog can be obscured by document content * CVE-2024-7519 (bmo#1902307) Out of bounds memory access in graphics shared memory handling * CVE-2024-7520 (bmo#1903041) Type confusion in WebAssembly * CVE-2024-7521 (bmo#1904644) Incomplete WebAssembly exception handing * CVE-2024-7522 (bmo#1906727) Out of bounds read in editor component * CVE-2024-7524 (bmo#1909241) CSP strict-dynamic bypass using web-compatibility shims * CVE-2024-7525 (bmo#1909298) Missing permission check when creating a StreamFilter * CVE-2024-7526 (bmo#1910306) Uninitialized memory used by WebGL * CVE-2024-7527 (bmo#1871303) Use-after-free in JavaScript garbage collection * CVE-2024-7528 (bmo#1895951) Use-after-free in IndexedDB * CVE-2024-7529 (bmo#1903187) Document content could partially obscure security prompts * CVE-2024-7531 (bmo#1905691) PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines ------------------------------------------------------------------- Wed Jul 10 13:00:49 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 128.0esr ESR * ### General * Windows 7-8.1 and macOS 10.12-10.14 are no longer supported operating systems. * Firefox now supports automated translation of web content. Also, unlike cloud-based alternatives, translation is done locally so that the text being translated never leaves the machine. * The line breaking rules of web content now match the Unicode standard, improving cross-browser compatibility. Additionally, for East Asian and South East Asian end users, Firefox now supports proper language-aware word selection when double-clicking on text for languages including Chinese, Japanese, Burmese, Lao, Khmer, and Thai. * Video effects and background blur are now available to Firefox users on Google Meet. Firefox now displays images and descriptions for search suggestions when provided by the search engine. * It is now possible to copy and paste any file from the operating system into Firefox. * Having any issues with a website on Firefox, yet the site seems to be working as expected on another browser? You can now let us know via the Web Compatibility Reporting Tool! By filing a web compatibility issue, you’re directly helping us detect, target, and fix the most impacted sites to make your browsing experience on Firefox smoother. * Firefox now prompts users in the US and Canada to save their addresses upon submitting an address form, allowing Firefox to autofill stored address information in the future. * Support for credit card autofill has been extended to users running Firefox in the IT, ES, AT, BE, and PL locales. * Recently closed tabs now persist between sessions that don't have automatic session restore enabled. Manually restoring a previous session will continue to reopen any previously open tabs or windows. * When migrating data from Chrome, Firefox now offers the ability to import certain extensions as well. * The Screenshots feature in Firefox has been updated. It now supports taking screenshots of file types like SVG, XML, and more as well as various about: pages within Firefox. The screenshot tool was also made more accessible to everyone by implementing new keyboard shortcuts and adding theme compatibility and High Contrast Mode (HCM) support. And finally, performance for capturing large screenshots has been improved. * ### PDF Viewer * The Firefox PDF viewer has expanded PDF editing capabilities: * Text highlighting is now supported. * Editing already-existing text annotations is now supported. * Images and alt text can be added in addition to text and drawings. * A floating button is now included to simplify deleting drawings, text, and images added in PDFs. * Caret browsing mode now also works in the PDF viewer. (Learn more) * ### Firefox View * Firefox View includes more content. You can now see all open tabs from all windows. If you sync open tabs, you’ll see all tabs from other devices. Browsing history is now listed and you can sort by date or by site. As before, recently closed tabs are also listed on Firefox View. To access Firefox View, select the file folder icon at the top left of your tab strip. * We’ve integrated search into Firefox View. You can now search through all of the tabs on each of the section subpages - Recent Browsing, Open Tabs, Recently Closed Tabs, Tabs from other devices, or History. * In Firefox View, open tabs can now be sorted by either recent activity or tab order. Recent activity is the default setting. * Firefox View now displays pinned tabs in the Open tabs section. Tab indicators have also been added to Open tabs, so users can do things like see which tabs are playing media and quickly mute or unmute across windows. Indicators were also added for bookmarks, tabs with notifications, and more! * It is now possible to close all duplicate tabs in a window with the `Close duplicate tabs` command available from the `List all tabs` widget in the tab bar or a tab context menu. * ### Security & Privacy * For added protection on macOS and Windows, a device sign in (e.g. operating system password, fingerprint, face or voice login if enabled) can be required when accessing and filling stored passwords in the Firefox Password Manager about:logins page. * Firefox now supports creating and using passkeys stored in the iCloud Keychain on macOS. * Firefox now imports user-added TLS trust anchors (e.g., certificates) from the operating system root store. This will be enabled by default on Windows, macOS, and Android, and if needed, can be turned off in settings (Settings → Privacy & Security → Certificates). * The Storage Access API web standard was updated to improve security while mitigating website breakages and further enabling the phase out of third-party cookies in Firefox. * Encrypted Client Hello (ECH) is now available to Firefox users, delivering a more private browsing experience. ECH extends the encryption used in TLS connections to cover more of the handshake and better protect sensitive fields. Read more about the launch of ECH on Mozilla Distilled. * Firefox supports a new “Copy Link Without Site Tracking” feature in the context menu which ensures that copied links no longer contain tracking information. * Firefox now supports a setting (in Preferences → Privacy & Security) to enable Global Privacy Control. With this opt-in feature, Firefox informs the websites that the user doesn’t want their data to be shared or sold. This feature is enabled in private browsing mode by default. * Firefox now more proactively blocks downloads from URLs that are considered to be potentially untrustworthy. * ### Anti-Fingerprinting * Web Audio in Firefox now uses the FDLIBM math library on all systems to improve anonymity with Fingerprint Protection. * As part of Total Cookie Protection, Firefox now supports the partitioning of Blob URLs, this mitigates a potential tracking vector that third-party agents could use to track an individual. * To mitigate font fingerprinting, the visibility of fonts to websites has been restricted to system fonts and language pack fonts when in Private Browsing Mode or with Enhanced Tracking Protection set to strict mode. * Firefox’s private windows and ETP-Strict privacy configuration now enhance the Canvas APIs with Fingerprinting Protection. * To reduce user fingerprinting information and the risk of some website compatibility issues, the CPU architecture for 32-bit x86 Linux will now be reported as x86_64 in Firefox's User-Agent string and `navigator.platform` and `navigator.oscpu` Web APIs. * ### Windows * Firefox can now be set to automatically launch whenever the computer starts up. (Learn more) * The background updater now updates properly when there are multiple user accounts on a system. * Firefox now populates the Windows taskbar jump list more efficiently, which should allow for a smoother overall browsing experience. * ### macOS * Firefox now supports Voice Control commands on macOS systems. * Links and other focusable elements are now tab-navigable by default on macOS, instead of following macOS' "Keyboard navigation" setting. This is a more accessible default and matches the default in all other platforms. A checkbox in the settings page still allows users to restore the old behavior. * Firefox on Mac now uses the macOS fullscreen API for all types of fullscreen windows. This should better match the expected macOS user experience for fullscreen spaces, menubar and the Dock. * ### Linux * Firefox now defaults to the Wayland compositor when available instead of XWayland. This brings support for touchpad & touchscreen gestures, swipe-to-nav, per-monitor DPI settings, better graphics performance, and more. * Firefox now ships with a new .deb package for Linux users on Ubuntu, Debian, and Linux Mint. * ### Video Playback * Enabled AV1 hardware decode acceleration on macOS for M3 Macs. * Firefox now supports the AV1 codec for Encrypted Media Extensions (EME), enabling higher-quality playback from video streaming providers. * NVIDIA RTX Video Super Resolution (“VSR”) is now available in Firefox. RTX VSR enhances and sharpens lower resolution video when upscaled to higher resolutions and also removes blocky artifacts commonly visible on low bitrate streamed video. VSR requires at least a 20-series or higher NVIDIA RTX GPU, Microsoft Windows 10/11 64-bit, and NVIDIA driver version R530 or higher. The feature can be enabled in the NVIDIA control panel. * NVIDIA RTX Video HDR is now available in Firefox. RTX Video HDR automatically converts SDR video to vibrant HDR10 in real time, letting you enjoy video with improved clarity on your HDR10 panel. It requires at least a 20-series NVIDIA RTX GPU, Microsoft Windows 10/11 64-bit, and NVIDIA driver version 550 or higher. The feature can be enabled in the NVIDIA control panel. * Developer: * Firefox now supports DNS prefetching for HTTPS documents via the `rel="dns-prefetch"` link hint. This standard allows web developers to specify domain names for important assets that should be resolved preemptively. * Firefox will now automatically try to upgrade <img>, <audio>, and <video> elements from HTTP to HTTPS if they are embedded within an HTTPS page. If these so-called mixed content elements do not support HTTPS, they will no longer load. * Firefox now supports Content-encoding: zstd (zstandard compression). This is an alternative to brotli and gzip compression for web content, and can provide higher compression levels for the same CPU used, or conversely lower server CPU use to get the same compression. [2]: http://facebook.github.io/zstd/ * Enterprise: * The FirefoxHome policy has been updated to reflect that the Snippets option is now deprecated. * The DNSOverHTTPS policy has been updated to support setting a `Fallback` value to prevent falling back to your default DNS Provider. * The AllowFileSelectionDialogs policy has been added for controlling file selection dialogs. * The TranslateEnabled policy has been added. * The DisableEncryptedClientHello policy has been added to control Encrypted Client Hello. * The PostQuantumKeyAgreementEnabled policy has been added to control post-quantum key agreement for TLS. * The HttpsOnlyMode policy has been added to control HTTPS- Only Mode. * The HttpAllowlist policy has been added to add exceptions to HTTPS-Only Mode. * The Preferences policy has been updated to allow setting the preferences `security.mixed_content.block_display_content` and `security.mixed_content.upgrade_display_content`. * The UserMessaging policy has been updated to remove the WhatsNew option. * The ExtensionSettings policy has been updated to add `temporarily_allow_weak_signatures` to allow installing extensions signed using deprecated signature algorithms. * Fixed: Various security fixes. MFSA 2024-29 (bsc#1226316) * CVE-2024-6605 (bmo#1836786) Firefox Android missed activation delay to prevent tapjacking * CVE-2024-6606 (bmo#1902305) Out-of-bounds read in clipboard component * CVE-2024-6607 (bmo#1694513) Leaving pointerlock by pressing the escape key could be prevented * CVE-2024-6608 (bmo#1743329) Cursor could be moved out of the viewport using pointerlock. * CVE-2024-6609 (bmo#1839258) Memory corruption in NSS * CVE-2024-6610 (bmo#1883396) Form validation popups could block exiting full-screen mode * CVE-2024-6600 (bmo#1888340) Memory corruption in WebGL API * CVE-2024-6601 (bmo#1890748) Race condition in permission assignment * CVE-2024-6602 (bmo#1895032) Memory corruption in NSS * CVE-2024-6603 (bmo#1895081) Memory corruption in thread creation * CVE-2024-6611 (bmo#1844827) Incorrect handling of SameSite cookies * CVE-2024-6612 (bmo#1880374) CSP violation leakage when using devtools * CVE-2024-6613 (bmo#1900523) Incorrect listing of stack frames * CVE-2024-6614 (bmo#1902983) Incorrect listing of stack frames * CVE-2024-6604 (bmo#1748105, bmo#1837550, bmo#1884266) Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 * CVE-2024-6615 (bmo#1892875, bmo#1894428, bmo#1898364) Memory safety bugs fixed in Firefox 128 - remove unneeded patches mozilla-fix-aarch64-libopus.patch mozilla-bmo1504834-part3.patch mozilla-bmo1512162.patch mozilla-fix-top-level-asm.patch mozilla-bmo531915.patch mozilla-partial-revert-1768632.patch - added patches mozilla-rust-disable-future-incompat.patch fix-sle12-build-errors.patch - added patches mozilla-bmo1898476.patch and mozilla-bmo1907511.patch to fix Wayland-crashes ------------------------------------------------------------------- Wed Jul 3 07:12:36 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.13.0 ESR * Changed: The root certificate used to verify add-ons and signed content has been renewed to avoid upcoming expiration. * Fixed: Various security fixes and other quality improvements. MFSA 2024-30 (bsc#1226316) * CVE-2024-6600 (bmo#1888340) Memory corruption in WebGL API * CVE-2024-6601 (bmo#1890748) Race condition in permission assignment * CVE-2024-6602 (bmo#1895032) Memory corruption in NSS * CVE-2024-6603 (bmo#1895081) Memory corruption in thread creation * CVE-2024-6604 (bmo#1748105, bmo#1837550, bmo#1884266) Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 ------------------------------------------------------------------- Mon Jul 1 14:01:17 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Fix GNOME search provider (boo#1225278) ------------------------------------------------------------------- Thu Jun 6 07:52:51 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.12.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2024-26 (bsc#1226027) * CVE-2024-5702 (bmo#1193389) Use-after-free in networking * CVE-2024-5688 (bmo#1895086) Use-after-free in JavaScript object transplant * CVE-2024-5690 (bmo#1883693) External protocol handlers leaked by timing attack * CVE-2024-5691 (bmo#1888695) Sandboxed iframes were able to bypass sandbox restrictions to open a new window * CVE-2024-5692 (bmo#1891234) Bypass of file name restrictions during saving * CVE-2024-5693 (bmo#1891319) Cross-Origin Image leak via Offscreen Canvas * CVE-2024-5696 (bmo#1896555) Memory Corruption in Text Fragments * CVE-2024-5700 (bmo#1862809, bmo#1889355, bmo#1893388, bmo#1895123) Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 ------------------------------------------------------------------- Wed May 8 13:34:00 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.11.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2024-22 (bsc#1224056) * CVE-2024-4367 (bmo#1893645) Arbitrary JavaScript execution in PDF.js * CVE-2024-4767 (bmo#1878577) IndexedDB files retained in private browsing mode * CVE-2024-4768 (bmo#1886082) Potential permissions request bypass via clickjacking * CVE-2024-4769 (bmo#1886108) Cross-origin responses could be distinguished between script and non-script content-types * CVE-2024-4770 (bmo#1893270) Use-after-free could occur when printing to PDF * CVE-2024-4777 (bmo#1878199, bmo#1893340) Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 ------------------------------------------------------------------- Tue Apr 9 10:34:07 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.10.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2024-19 (bsc#1222535) * CVE-2024-3852 (bmo#1883542) GetBoundName in the JIT returned the wrong object * CVE-2024-3854 (bmo#1884552) Out-of-bounds-read after mis-optimized switch statement * CVE-2024-3857 (bmo#1886683) Incorrect JITting of arguments led to use-after-free during garbage collection * CVE-2024-2609 (bmo#1866100) Permission prompt input delay could expire when not in focus * CVE-2024-3859 (bmo#1874489) Integer-overflow led to out-of-bounds-read in the OpenType sanitizer * CVE-2024-3861 (bmo#1883158) Potential use-after-free due to AlignedBuffer self-move * CVE-2024-3863 (bmo#1885855) Download Protections were bypassed by .xrm-ms files on Windows * CVE-2024-3302 (bmo#1881183, https://kb.cert.org/vuls/id/421644) Denial of Service using HTTP/2 CONTINUATION frames * CVE-2024-3864 (bmo#1888333) Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 ------------------------------------------------------------------- Fri Mar 22 08:11:15 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.9.1esr ESR * Fixed: Security fix. MFSA 2024-16 (bsc#1221850) * CVE-2024-29944 (bmo#1886852) Privileged JavaScript Execution via Event Handlers ------------------------------------------------------------------- Wed Mar 13 08:25:10 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.9.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2024-13 (bsc#1221327) * CVE-2024-0743 (bmo#1867408) Crash in NSS TLS method * CVE-2024-2605 (bmo#1872920) Windows Error Reporter could be used as a Sandbox escape vector * CVE-2024-2607 (bmo#1879939) JIT code failed to save return registers on Armv7-A * CVE-2024-2608 (bmo#1880692) Integer overflow could have led to out of bounds write * CVE-2024-2616 (bmo#1846197) Improve handling of out-of-memory conditions in ICU * CVE-2023-5388 (bmo#1780432) NSS susceptible to timing attack against RSA decryption * CVE-2024-2610 (bmo#1871112) Improper handling of html and body tags enabled CSP nonce leakage * CVE-2024-2611 (bmo#1876675) Clickjacking vulnerability could have led to a user accidentally granting permissions * CVE-2024-2612 (bmo#1879444) Self referencing object could have potentially led to a use- after-free * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093) Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 ------------------------------------------------------------------- Mon Feb 19 07:18:16 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.8.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2024-06 (bsc#1220048) * CVE-2024-1546 (bmo#1843752) Out-of-bounds memory read in networking channels * CVE-2024-1547 (bmo#1877879) Alert dialog could have been spoofed on another site * CVE-2024-1548 (bmo#1832627) Fullscreen Notification could have been hidden by select element * CVE-2024-1549 (bmo#1833814) Custom cursor could obscure the permission dialog * CVE-2024-1550 (bmo#1860065) Mouse cursor re-positioned unexpectedly could have led to unintended permission grants * CVE-2024-1551 (bmo#1864385) Multipart HTTP Responses would accept the Set-Cookie header in response parts * CVE-2024-1552 (bmo#1874502) Incorrect code generation on 32-bit ARM devices * CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498, bmo#1872296, bmo#1873521, bmo#1873577, bmo#1873597, bmo#1873866, bmo#1874080, bmo#1874740, bmo#1875795, bmo#1875906, bmo#1876425, bmo#1878211, bmo#1878286) Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 ------------------------------------------------------------------- Tue Jan 30 13:51:25 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Recommend libfido2-udev on codestreams that exist, in order to try to get security keys (e.g. Yubikeys) work out of the box. (bsc#1184272) ------------------------------------------------------------------- Thu Jan 18 15:24:40 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.7.0 ESR * Fixed: Various security fixes and other quality improvements. - Mozilla Firefox ESR 115.7 MFSA 2024-02 (bsc#1218955) * CVE-2024-0741 (bmo#1864587) Out of bounds write in ANGLE * CVE-2024-0742 (bmo#1867152) Failure to update user input timestamp * CVE-2024-0746 (bmo#1660223) Crash when listing printers on Linux * CVE-2024-0747 (bmo#1764343) Bypass of Content Security Policy when directive unsafe- inline was set * CVE-2024-0749 (bmo#1813463) Phishing site popup could show local origin in address bar * CVE-2024-0750 (bmo#1863083) Potential permissions request bypass via clickjacking * CVE-2024-0751 (bmo#1865689) Privilege escalation through devtools * CVE-2024-0753 (bmo#1870262) HSTS policy on subdomain could bypass policy of upper domain * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701) Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7 ------------------------------------------------------------------- Tue Dec 12 08:05:10 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.6.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2023-54 (bsc#1217974) * CVE-2023-6856 (bmo#1843782) Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver * CVE-2023-6865 (bmo#1864123) Potential exposure of uninitialized data in EncryptingOutputStream * CVE-2023-6857 (bmo#1796023) Symlinks may resolve to smaller than expected buffers * CVE-2023-6858 (bmo#1826791) Heap buffer overflow in nsTextFragment * CVE-2023-6859 (bmo#1840144) Use-after-free in PR_GetIdentitiesLayer * CVE-2023-6860 (bmo#1854669) Potential sandbox escape due to VideoBridge lack of texture validation * CVE-2023-6867 (bmo#1863863) Clickjacking permission prompts using the popup transition * CVE-2023-6861 (bmo#1864118) Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode * CVE-2023-6862 (bmo#1868042) Use-after-free in nsDNSService * CVE-2023-6863 (bmo#1868901) Undefined behavior in ShutdownObserver() * CVE-2023-6864 (bmo#1736385, bmo#1810805, bmo#1846328, bmo#1856090, bmo#1858033, bmo#1858509, bmo#1862089, bmo#1862777, bmo#1864015) Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 ------------------------------------------------------------------- Thu Nov 16 12:37:04 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.5.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2023-50 (bsc#1217230) * CVE-2023-6204 (bmo#1841050) Out-of-bound memory access in WebGL2 blitFramebuffer * CVE-2023-6205 (bmo#1854076) Use-after-free in MessagePort::Entangled * CVE-2023-6206 (bmo#1857430) Clickjacking permission prompts using the fullscreen transition * CVE-2023-6207 (bmo#1861344) Use-after-free in ReadableByteStreamQueueEntry::Buffer * CVE-2023-6208 (bmo#1855345) Using Selection API would copy contents into X11 primary selection. * CVE-2023-6209 (bmo#1858570) Incorrect parsing of relative URLs starting with "///" * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252, bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943, bmo#1862782) Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 ------------------------------------------------------------------- Tue Oct 17 12:16:23 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.4.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2023-46 (bsc#1216338) * CVE-2023-5721 (bmo#1830820) Queued up rendering could have allowed websites to clickjack * CVE-2023-5732 (bmo#1690979, bmo#1836962) Address bar spoofing via bidirectional characters * CVE-2023-5724 (bmo#1836705) Large WebGL draw could have led to a crash * CVE-2023-5725 (bmo#1845739) WebExtensions could open arbitrary URLs * CVE-2023-5726 (bmo#1846205) Full screen notification obscured by file open dialog on macOS * CVE-2023-5727 (bmo#1847180) Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows * CVE-2023-5728 (bmo#1852729) Improper object tracking during GC in the JavaScript engine could have led to a crash. * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833, bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002, bmo#1855306, bmo#1855640, bmo#1856695) Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1 - Removed upstreamed patch mozilla-fix-broken-ffmpeg.patch ------------------------------------------------------------------- Fri Sep 29 13:02:44 UTC 2023 - Marcus Meissner <meissner@suse.com> - Firefox Extended Support Release 115.3.1 ESR * Fixed: Security fix. MFSA 2023-44 (bsc#1215814) * CVE-2023-5217 (bmo#1855550) Heap buffer overflow in libvpx ------------------------------------------------------------------- Thu Sep 21 12:57:28 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.3.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2023-42 (bsc#1215575) * CVE-2023-5168 (bmo#1846683) Out-of-bounds write in FilterNodeD2D1 * CVE-2023-5169 (bmo#1846685) Out-of-bounds write in PathOps * CVE-2023-5171 (bmo#1851599) Use-after-free in Ion Compiler * CVE-2023-5174 (bmo#1848454) Double-free in process spawning on Windows * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195) Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 - Add patch mozilla-fix-broken-ffmpeg.patch to fix broken build with newer binutils (bsc#1215309) ------------------------------------------------------------------- Tue Sep 12 21:46:41 UTC 2023 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 115.2.1 ESR * Fixed: Security fix MFSA 2023-40 (bsc#1215245) * CVE-2023-4863 (bmo#1852649) Heap buffer overflow in libwebp ------------------------------------------------------------------- Fri Sep 8 09:31:41 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Fix i586 build by reducing debug info to -g1. (boo#1210168) ------------------------------------------------------------------- Fri Aug 25 09:36:23 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.2.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2023-36 (bsc#1214606) * CVE-2023-4574: (bmo#1846688) Memory corruption in IPC ColorPickerShownCallback * CVE-2023-4575: (bmo#1846689) Memory corruption in IPC FilePickerShownCallback * CVE-2023-4576: (bmo#1846694) Integer Overflow in RecordedSourceSurfaceCreation * CVE-2023-4577: (bmo#1847397) Memory corruption in JIT UpdateRegExpStatics * CVE-2023-4051: (bmo#1821884) Full screen notification obscured by file open dialog * CVE-2023-4578: (bmo#1839007) Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception * CVE-2023-4053: (bmo#1839079) Full screen notification obscured by external program * CVE-2023-4580: (bmo#1843046) Push notifications saved to disk unencrypted * CVE-2023-4581: (bmo#1843758) XLL file extensions were downloadable without warnings * CVE-2023-4582: (bmo#1773874) Buffer Overflow in WebGL glGetProgramiv * CVE-2023-4583: (bmo#1842030) Browsing Context potentially not cleared when closing Private Window * CVE-2023-4584: (bmo#1843968, bmo#1845205, bmo#1846080, bmo#1846526, bmo#1847529) Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 * CVE-2023-4585: (bmo#1751583, bmo#1833504, bmo#1841082, bmo#1847904, bmo#1848999) Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 ------------------------------------------------------------------- Thu Jul 27 10:18:01 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.1.0 ESR * Fixed: Various security fixes. MFSA 2023-30 (bsc#1213746) * CVE-2023-4045 (bmo#1833876) Offscreen Canvas could have bypassed cross-origin restrictions * CVE-2023-4046 (bmo#1837686) Incorrect value used during WASM compilation * CVE-2023-4047 (bmo#1839073) Potential permissions request bypass via clickjacking * CVE-2023-4048 (bmo#1841368) Crash in DOMParser due to out-of-memory conditions * CVE-2023-4049 (bmo#1842658) Fix potential race conditions when releasing platform objects * CVE-2023-4050 (bmo#1843038) Stack buffer overflow in StorageManager * CVE-2023-4054 (bmo#1840777) Lack of warning when opening appref-ms files * CVE-2023-4055 (bmo#1782561) Cookie jar overflow caused unexpected cookie jar state * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235, bmo#1842325, bmo#1843847) Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 - Remove now upstreamed patch mozilla-bmo1838323.patch and mozilla-bmo1775202.patch ------------------------------------------------------------------- Wed Jul 26 11:50:51 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Remove bashisms from startup-script (bsc#1213657) ------------------------------------------------------------------- Tue Jul 11 22:15:57 UTC 2023 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 115.0.2 ESR MFSA 2023-26 (bsc#1213230) * CVE-2023-3600 (bmo#1839703) Use-after-free in workers - * Fixed: Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL (bmo#1841751) * Fixed: Fixed a bug with displaying a caret in the text editor on some websites (bmo#1840804) * Fixed: Fixed a bug with broken audio rendering on some websites (bmo#1841982) * Fixed: Fixed a bug with patternTransform translate using the wrong units (bmo#1840746) * Fixed: A security fix. * Fixed: Fixed a crash affecting Windows 7 users related to the DLL blocklist. - Firefox Extended Support Release 115.0.1 ESR * Fixed: Fixed a startup crash for Windows users with Kingsoft Antivirus software installed (bmo#1837242) ------------------------------------------------------------------- Wed Jun 27 08:06:01 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 115.0 ESR * New: - Required fields are now highlighted in PDF forms. - Improved performance on high-refresh rate monitors (120Hz+). - Buttons in the Tabs toolbar can now be reached with Tab, Shift+Tab, and Arrow keys. View this article for additional details. - Windows' "Make text bigger" accessibility setting now affects all the UI and content pages, rather than only applying to system font sizes. - Non-breaking spaces are now preserved—preventing automatic line breaks—when copying text from a form control. - Fixed WebGL performance issues on NVIDIA binary drivers via DMA-Buf on Linux. - Fixed an issue in which Firefox startup could be significantly slowed down by the processing of Web content local storage. This had the greatest impact on users with platter hard drives and significant local storage. - Removed a configuration option to allow SHA-1 signatures in certificates: SHA-1 signatures in certificates—long since determined to no longer be secure enough—are now not supported. - Highlight color is preserved correctly after typing `Enter` in the mail composer of Yahoo Mail and Outlook. After bypassing the https only error page navigating back would take you to the error page that was previously dismissed. Back now takes you to the previous site that was visited. - Paste unformatted shortcut (shift+ctrl/cmd+v) now works in plain text contexts, such as input and text area. - Added an option to print only the current page from the print preview dialog. - Swipe to navigate (two fingers on a touchpad swiped left or right to perform history back or forward) on Windows is now enabled. - Stability on Windows is significantly improved as Firefox handles low-memory situations much better. - Touchpad scrolling on macOS was made more accessible by reducing unintended diagonal scrolling opposite of the intended scroll axis. - Firefox is less likely to run out of memory on Linux and performs more efficiently for the rest of the system when memory runs low. - It is now possible to edit PDFs: including writing text, drawing, and adding signatures. - Setting Firefox as your default browser now also makes it the default PDF application on Windows systems. - Swipe-to-navigate (two fingers on a touchpad swiped left or right to perform history back or forward) now works for Linux users on Wayland. - Text Recognition in images allows users on macOS 10.15 and higher to extract text from the selected image (such as a meme or screenshot). - Firefox View helps you get back to content you previously discovered. A pinned tab allows you to find and open recently closed tabs on your current device and access tabs from other devices (via our “Tab Pickup” feature). - Import maps, which allow web pages to control the behavior of JavaScript imports, are now enabled by default. - Processes used for background tabs now use efficiency mode on Windows 11 to limit resource use. - The shift+esc keyboard shortcut now opens the Process Manager, offering a way to quickly identify processes that are using too many resources. - Firefox now supports properly color correcting images tagged with ICCv4 profiles. - Support for non-English characters when saving and printing PDF forms. - The bookmarks toolbar's default "Only show on New Tab" state works correctly for blank new tabs. As before, you can change the bookmark toolbar's behavior using the toolbar context menu. - Manifest Version 3 (MV3) extension support is now enabled by default (MV2 remains enabled/supported). This major update also ushers an exciting user interface change in the form of the new extensions button. - The Arbitrary Code Guard exploit protection has been enabled in the media playback utility processes, improving security for Windows users. - The native HTML date picker for date and datetime inputs can now be used with a keyboard alone, improving its accessibility for screen reader users. Users with limited mobility can also now use common keyboard shortcuts to navigate the calendar grid and month selection spinners. - Firefox builds in the Spanish from Spain (es-ES) and Spanish from Argentina (es-AR) locales now come with a built- in dictionary for the Firefox spellchecker. - On macOS, Ctrl or Cmd + trackpad or mouse wheel now scrolls the page instead of zooming. This avoids accidental zooming and matches the behavior of other web browsers on macOS. - It's now possible to import bookmarks, history and passwords not only from Edge, Chrome or Safari but also from Opera, Opera GX, and Vivaldi. - GPU sandboxing has been enabled on Windows. - On Windows, third-party modules can now be blocked from injecting themselves into Firefox, which can be helpful if they are causing crashes or other undesirable behavior. - Date, time, and datetime-local input fields can now be cleared with `Cmd+Backspace` and `Cmd+Delete` shortcut on macOS and `Ctrl+Backspace` and `Ctrl+Delete` on Windows and Linux. - GPU-accelerated Canvas2D is enabled by default on macOS and Linux. - WebGL performance improvement on Windows, MacOS and Linux. - Enables overlay of hardware-decoded video with non-Intel GPUs on Windows 10/11, improving video playback performance and video scaling quality. - Windows native notifications are now enabled. - Firefox Relay users can now opt-in to create Relay email masks directly from the Firefox credential manager. You must be signed in with your Firefox Account. - We’ve added two new locales: Silhe Friulian (fur) and Sardinian (sc). - Right-clicking on password fields now shows an option to reveal the password. - Private windows and ETP set to strict will now include email tracking protection. This will make it harder for email trackers to learn the browsing habits of Firefox users. You can check the Tracking Content in the sub-panel on the shield icon panel. - The deprecated U2F Javascript API is now disabled by default. The U2F protocol remains usable through the WebAuthn API. The U2F API can be re-enabled using the `security.webauth.u2f` preference. - Say hello to enhanced Picture-in-Picture! Rewind, check video duration, and effortlessly switch to full-screen mode on the web's most popular video websites. - Firefox's address bar is already a great place to search for what you're looking for. Now you'll always be able to see your web search terms and refine them while viewing your search's results - no additional scrolling needed! Also, a new result menu has been added making it easier to remove history results and dismiss sponsored Firefox Suggest entries. - Private windows now protect users even better by blocking third-party cookies and storage of content trackers. - Passwords automatically generated by Firefox now include special characters, giving users more secure passwords by default. - Firefox 115 introduces a redesigned accessibility engine which significantly improves the speed, responsiveness, and stability of Firefox when used with: - Screen readers, as well as certain other accessibility software; - East Asian input methods; - Enterprise single sign-on software; and - Other applications which use accessibility frameworks to access information. - Firefox 115 now supports AV1 Image Format files containing animations (AVIS), improving support for AVIF images across the web. - The Windows GPU sandbox first shipped in the Firefox 110 release has been tightened to enhance the security benefits it provides. - A 13-year-old feature request was fulfilled and Firefox now supports files being drag-and-dropped directly from Microsoft Outlook. A special thanks to volunteer contributor Marco Spiess for helping to get this across the finish line! - Users on macOS can now access the Services sub-menu directly from Firefox context menus. - On Windows, the elastic overscroll effect has been enabled by default. When two-finger scrolling on the touchpad or scrolling on the touchscreen, you will now see a bouncing animation when scrolling past the edge of a scroll container. - Firefox is now available in the Tajik (tg) language. - Added UI to manage the DNS over HTTPS exception list. - Bookmarks can now be searched from the Bookmarks menu. The Bookmarks menu is accessible by adding the Bookmarks menu button to the toolbar. - Restrict searches to your local browsing history by selecting Search history from the History, Library or Application menu buttons. - Mac users can now capture video from their cameras in all supported native resolutions. This enables resolutions higher than 1280x720. - It is now possible to reorder the extensions listed in the extensions panel. - Users on macOS, Linux, and Windows 7 can now use FIDO2 / WebAuthn authenticators over USB. Some advanced features, such as fully passwordless logins, require a PIN to be set on the authenticator. - Pocket Recommended content can now be seen in France, Italy, and Spain. - DNS over HTTPS settings are now part of the Privacy & Security section of the Settings page and allow the user to choose from all the supported modes. - Migrating from another browser? Now you can bring over payment methods you've saved in Chrome-based browsers to Firefox. - Hardware video decoding enabled for Intel GPUs on Linux. - The Tab Manager dropdown now features close buttons, so you can close tabs more quickly. - Windows Magnifier now follows the text cursor correctly when the Firefox title bar is visible. - Undo and redo are now available in Password fields. [1]:https://support.mozilla.org/kb/access-toolbar-functions- using-keyboard?_gl=1*16it7nj*_ga*MTEzNjg4MjY5NC4xNjQ1MjAxMDU3 *_ga_MQ7767QQQW*MTY1Njk2MzExMS43LjEuMTY1Njk2MzIzMy4w [2]:https://support.mozilla.org/kb/how-set-tab-pickup- firefox-view [3]:https://support.mozilla.org/kb/task-manager-tabs-or- extensions-are-slowing-firefox [4]:https://blog.mozilla.org/addons/2022/11/17/manifest-v3- signing-available-november-21-on-firefox-nightly/ [5]:https://blog.mozilla.org/addons/2022/05/18/manifest-v3- in-firefox-recap-next-steps/ [6]:https://support.mozilla.org/kb/unified-extensions [7]:https://support.mozilla.org/kb/import-data-another- browser [8]:https://support.mozilla.org/kb/identify-problems-third- party-modules-firefox-windows [9]:https://support.mozilla.org/kb/how-generate-secure- password-firefox [10]:https://blog.mozilla.org/accessibility/firefox-113- accessibility-performance/ * Fixed: Various security fixes. MFSA 2023-22 (bsc#1212438) * CVE-2023-3482 (bmo#1839464) Block all cookies bypass for localstorage * CVE-2023-37201 (bmo#1826002) Use-after-free in WebRTC certificate generation * CVE-2023-37202 (bmo#1834711) Potential use-after-free from compartment mismatch in SpiderMonkey * CVE-2023-37203 (bmo#291640) Drag and Drop API may provide access to local system files * CVE-2023-37204 (bmo#1832195) Fullscreen notification obscured via option element * CVE-2023-37205 (bmo#1704420) URL spoofing in address bar using RTL characters * CVE-2023-37206 (bmo#1813299) Insufficient validation of symlinks in the FileSystem API * CVE-2023-37207 (bmo#1816287) Fullscreen notification obscured * CVE-2023-37208 (bmo#1837675) Lack of warning when opening Diagcab files * CVE-2023-37209 (bmo#1837993) Use-after-free in `NotifyOnHistoryReload` * CVE-2023-37210 (bmo#1821886) Full-screen mode exit prevention * CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886, bmo#1836550, bmo#1837450) Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 * CVE-2023-37212 (bmo#1750870, bmo#1825552, bmo#1826206, bmo#1827076, bmo#1828690, bmo#1833503, bmo#1835710, bmo#1838587) Memory safety bugs fixed in Firefox 115 - Remove obsolete patches mozilla-bmo1568145.patch, mozilla-bmo1005535.patch, mozilla-s390x-skia-gradient.patch - Add mozilla-bmo1838323.patch to fix potential SIGILL on old CPUs (bsc#1212101) ------------------------------------------------------------------- Thu Jun 1 14:17:20 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.12.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2023-19 (bsc#1211922) * CVE-2023-34414 (bmo#1695986) Click-jacking certificate exceptions through rendering lag * CVE-2023-34416 (bmo#1752703, bmo#1818394, bmo#1826875, bmo#1827340, bmo#1827655, bmo#1828065, bmo#1830190, bmo#1830206, bmo#1830795, bmo#1833339) Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 - update keyring ------------------------------------------------------------------- Mon May 8 06:47:28 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.11.0 ESR * Fixed: Various security fixes and other quality improvements. MFSA 2023-17 (bsc#1211175) * CVE-2023-32205 (bmo#1753339, bmo#1753341) Browser prompts could have been obscured by popups * CVE-2023-32206 (bmo#1824892) Crash in RLBox Expat driver * CVE-2023-32207 (bmo#1826116) Potential permissions request bypass via clickjacking * CVE-2023-32211 (bmo#1823379) Content process crash due to invalid wasm code * CVE-2023-32212 (bmo#1826622) Potential spoof due to obscured address bar * CVE-2023-32213 (bmo#1826666) Potential memory corruption in FileReader::DoReadData() * CVE-2023-32214 (bmo#1828716) Potential DoS via exposed protocol handlers * CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856, bmo#1820210, bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144, bmo#1827359, bmo#1830186) Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 ------------------------------------------------------------------- Thu Apr 6 09:43:24 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.10.0 ESR * Fixed: Various security fixes. MFSA 2023-14 (bsc#1210212) * CVE-2023-29531 (bmo#1794292) Out-of-bound memory access in WebGL on macOS * CVE-2023-29532 (bmo#1806394) Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533 (bmo#1798219, bmo#1814597) Fullscreen notification obscured * CVE-2023-1999 (bmo#1819244) Double-free in libwebp * CVE-2023-29535 (bmo#1820543) Potential Memory Corruption following Garbage Collector compaction * CVE-2023-29536 (bmo#1821959) Invalid free from JavaScript code * CVE-2023-29539 (bmo#1784348) Content-Disposition filename truncation leads to Reflected File Download * CVE-2023-29541 (bmo#1810191) Files with malicious extensions could have been downloaded unsafely on Linux * CVE-2023-29542 (bmo#1810793, bmo#1815062) Bypass of file download extension restrictions * CVE-2023-29545 (bmo#1823077) Windows Save As dialog resolved environment variables * CVE-2023-1945 (bmo#1777588) Memory Corruption in Safe Browsing Code * CVE-2023-29548 (bmo#1822754) Incorrect optimization result on ARM64 * CVE-2023-29550 (bmo#1720594, bmo#1751945, bmo#1812498, bmo#1814217, bmo#1818357, bmo#1818762, bmo#1819493, bmo#1820389, bmo#1820602, bmo#1821448, bmo#1822413, bmo#1824828) Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 ------------------------------------------------------------------- Sun Mar 12 09:53:24 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.9.0 ESR * Fixed: Various security fixes. MFSA 2023-10 (bsc#1209173) * CVE-2023-25751 (bmo#1814899) Incorrect code generation during JIT compilation * CVE-2023-28164 (bmo#1809122) URL being dragged from a removed cross-origin iframe into the same tab triggered navigation * CVE-2023-28162 (bmo#1811327) Invalid downcast in Worklets * CVE-2023-25752 (bmo#1811627) Potential out-of-bounds when accessing throttled streams * CVE-2023-28163 (bmo#1817768) Windows Save As dialog resolved environment variables * CVE-2023-28176 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442, bmo#1818674) Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 ------------------------------------------------------------------- Fri Feb 10 13:25:10 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.8.0 ESR * Fixed: Various security fixes. MFSA 2023-06 (bsc#1208144) * CVE-2023-25728 (bmo#1790345) Content security policy leak in violation reports using iframes * CVE-2023-25730 (bmo#1794622) Screen hijack via browser fullscreen mode * CVE-2023-25743 (bmo#1800203) Fullscreen notification not shown in Firefox Focus * CVE-2023-0767 (bmo#1804640) Arbitrary memory write via PKCS 12 in NSS * CVE-2023-25735 (bmo#1810711) Potential use-after-free from compartment mismatch in SpiderMonkey * CVE-2023-25737 (bmo#1811464) Invalid downcast in SVGUtils::SetupStrokeGeometry * CVE-2023-25738 (bmo#1811852) Printing on Windows could potentially crash Firefox with some device drivers * CVE-2023-25739 (bmo#1811939) Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext * CVE-2023-25729 (bmo#1792138) Extensions could have opened external schemes without user knowledge * CVE-2023-25732 (bmo#1804564) Out of bounds memory write from EncodeInputStream * CVE-2023-25734 (bmo#1784451, bmo#1809923, bmo#1810143, bmo#1812338) Opening local .url files could cause unexpected network loads * CVE-2023-25742 (bmo#1813424) Web Crypto ImportKey crashes tab * CVE-2023-25744 (bmo#1789449, bmo#1803628, bmo#1810536) Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8 * CVE-2023-25746 (bmo#1544127, bmo#1762368) Memory safety bugs fixed in Firefox ESR 102.8 ------------------------------------------------------------------- Fri Jan 13 08:16:03 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.7.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2023-02 (bsc#1207119) * CVE-2022-46871 (bmo#1795697) libusrsctp library out of date * CVE-2023-23598 (bmo#1800425) Arbitrary file read from GTK drag and drop on Linux * CVE-2023-23599 (bmo#1777800) Malicious command could be hidden in devtools output on Windows * CVE-2023-23601 (bmo#1794268) URL being dragged from cross-origin iframe into same tab triggers navigation * CVE-2023-23602 (bmo#1800890) Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers * CVE-2022-46877 (bmo#1795139) Fullscreen notification bypass * CVE-2023-23603 (bmo#1800832) Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974) Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 ------------------------------------------------------------------- Thu Dec 8 15:54:04 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.6.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-52 (bsc#1206242) * CVE-2022-46880 (bmo#1749292) Use-after-free in WebGL * CVE-2022-46872 (bmo#1799156) Arbitrary file read from a compromised content process * CVE-2022-46881 (bmo#1770930) Memory corruption in WebGL * CVE-2022-46874 (bmo#1746139) Drag and Dropped Filenames could have been truncated to malicious extensions * CVE-2022-46875 (bmo#1786188) Download Protections were bypassed by .atloc and .ftploc files on Mac OS * CVE-2022-46882 (bmo#1789371) Use-after-free in WebGL * CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685, bmo#1801102, bmo#1801315, bmo#1802395) Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6 ------------------------------------------------------------------- Thu Nov 10 07:30:37 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.5.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-48 (bsc#1205270) * CVE-2022-45403 (bmo#1762078) Service Workers might have learned size of cross-origin media files * CVE-2022-45404 (bmo#1790815) Fullscreen notification bypass * CVE-2022-45405 (bmo#1791314) Use-after-free in InputStream implementation * CVE-2022-45406 (bmo#1791975) Use-after-free of a JavaScript Realm * CVE-2022-45408 (bmo#1793829) Fullscreen notification bypass via windowName * CVE-2022-45409 (bmo#1796901) Use-after-free in Garbage Collection * CVE-2022-45410 (bmo#1658869) ServiceWorker-intercepted requests bypassed SameSite cookie policy * CVE-2022-45411 (bmo#1790311) Cross-Site Tracing was possible via non-standard override headers * CVE-2022-45412 (bmo#1791029) Symlinks may resolve to partially uninitialized buffers * CVE-2022-45416 (bmo#1793676) Keystroke Side-Channel Leakage * CVE-2022-45418 (bmo#1795815) Custom mouse cursor could have been drawn over browser UI * CVE-2022-45420 (bmo#1792643) Iframe contents could be rendered outside the iframe * CVE-2022-45421 (bmo#1767920, bmo#1789808, bmo#1794061) Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 ------------------------------------------------------------------- Tue Oct 18 09:00:08 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.4.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-45 (bsc#1204421) * CVE-2022-42927 (bmo#1789128) Same-origin policy violation could have leaked cross-origin URLs * CVE-2022-42928 (bmo#1791520) Memory Corruption in JS Engine * CVE-2022-42929 (bmo#1789439) Denial of Service via window.print * CVE-2022-42932 (bmo#1789729, bmo#1791363, bmo#1792041) Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4 - Added mozilla-partial-revert-1768632.patch to fix build on i586 ------------------------------------------------------------------- Fri Sep 16 07:47:11 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 102.3.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-40 (bsc#1203477) * CVE-2022-3266 (bmo#1767360) Out of bounds read when decoding H264 * CVE-2022-40959 (bmo#1782211) Bypassing FeaturePolicy restrictions on transient pages * CVE-2022-40960 (bmo#1787633) Data-race when parsing non-UTF-8 URLs in threads * CVE-2022-40958 (bmo#1779993) Bypassing Secure Context restriction for cookies with __Host and __Secure prefix * CVE-2022-40956 (bmo#1770094) Content-Security-Policy base-uri bypass * CVE-2022-40957 (bmo#1777604) Incoherent instruction cache when building WASM on ARM64 * CVE-2022-40962 (bmo#1776655, bmo#1777574, bmo#1784835, bmo#1785109, bmo#1786502, bmo#1789440) Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3 - Rebase mozilla-silence-no-return-type.patch to apply with fuzz=0 ------------------------------------------------------------------- Wed Aug 24 11:52:13 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox 102.2.0esr ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-34 (bsc#1202645) * CVE-2022-38472 (bmo#1769155) Address bar spoofing via XSLT error handling * CVE-2022-38473 (bmo#1771685) Cross-origin XSLT Documents would have inherited the parent's permissions * CVE-2022-38476 (bmo#1760998) Data race and potential use-after-free in PK11_ChangePW * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363) Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 * CVE-2022-38478 (bmo#1770630, bmo#1776658) Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 - Add mozilla-bmo1775202.patch to fix build on ppc64le - Firefox Extended Support Release 102.1 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-30 (bsc#1201758) * CVE-2022-36319 (bmo#1737722) Mouse Position spoofing with CSS transforms * CVE-2022-36318 (bmo#1771774) Directory indexes for bundled resources reflected URL parameters * CVE-2022-36314 (bmo#1773894) Opening local <code>.lnk</code> files could cause unexpected network loads * CVE-2022-2505 (bmo#1769739, bmo#1772824) Memory safety bugs fixed in Firefox 103 and 102.1 - Firefox Extended Support Release 102.0.1 ESR * Fixed: Fixed bookmark shortcut creation by dragging to Windows File Explorer and dropping partially broken (bmo#1774683) * Fixed: Fixed bookmarks sidebar flashing white when opened in dark mode (bmo#1776157) * Fixed: Fixed multilingual spell checking not working with content in both English and a non-Latin alphabet (bmo#1773802) * Fixed: Developer tools: Fixed an issue where the console output keep getting scrolled to the bottom when the last visible message is an evaluation result (bmo#1776262) * Fixed: Fixed *Delete cookies and site data when Firefox is closed* checkbox getting disabled on startup (bmo#1777419) * Fixed: Various stability fixes - Firefox 102.0 ESR * New: - We now provide more secure connections: Firefox can now automatically upgrade to HTTPS using HTTPS RR as Alt-Svc headers. - For added viewing pleasure, full-range color levels are now supported for video playback on many systems. - Find it easier now! Mac users can now access the macOS share options from the Firefox File menu. - Voilà! Support for images containing ICC v4 profiles is enabled on macOS. - Firefox now supports the new AVIF image format, which is based on the modern and royalty-free AV1 video codec. It offers significant bandwidth savings for sites compared to existing image formats. It also supports transparency and other advanced features. - Firefox PDF viewer now supports filling more forms (e.g., XFA-based forms, used by multiple governments and banks). Learn more. - When available system memory is critically low, Firefox on Windows will automatically unload tabs based on their last access time, memory usage, and other attributes. This helps to reduce Firefox out-of-memory crashes. Forgot something? Switching to an unloaded tab automatically reloads it. - To prevent session loss for macOS users who are running Firefox from a mounted .dmg file, they’ll now be prompted to finish installation. Bear in mind, this permission prompt only appears the first time these users run Firefox on their computer. - For your safety, Firefox now blocks downloads that rely on insecure connections, protecting against potentially malicious or unsafe downloads. Learn more and see where to find downloads in Firefox. - Improved web compatibility for privacy protections with SmartBlock 3.0: In Private Browsing and Strict Tracking Protection, Firefox goes to great lengths to protect your web browsing activity from trackers. As part of this, the built- in content blocking will automatically block third-party scripts, images, and other content from being loaded from cross-site tracking companies reported by Disconnect. Learn more. - Introducing a new referrer tracking protection in Strict Tracking Protection and Private Browsing. This feature prevents sites from unknowingly leaking private information to trackers. Learn more. - Introducing Firefox Suggest, a feature that provides website suggestions as you type into the address bar. Learn more about this faster way to navigate the web and locale- specific features. - Firefox macOS now uses Apple's low-power mode for fullscreen video on sites such as YouTube and Twitch. This meaningfully extends battery life in long viewing sessions. Now your kids can find out what the fox says on a loop without you ever missing a beat… - With this release, power users can use about:unloads to release system resources by manually unloading tabs without closing them. - On Windows, there will now be fewer interruptions because Firefox won’t prompt you for updates. Instead, a background agent will download and install updates even if Firefox is closed. - On Linux, we’ve improved WebGL performance and reduced power consumption for many users. - To better protect all Firefox users against side-channel attacks, such as Spectre, we introduced Site Isolation. - Firefox no longer warns you by default when you exit the browser or close a window using a menu, button, or three-key command. This should cut back on unwelcome notifications, which is always nice—however, if you prefer a bit of notice, you’ll still have full control over the quit/close modal behavior. All warnings can be managed within Firefox Settings. No worries! More details here. - Firefox supports the new Snap Layouts menus when running on Windows 11. - RLBox—a new technology that hardens Firefox against potential security vulnerabilities in third-party libraries—is now enabled on all platforms. - We’ve reduced CPU usage on macOS in Firefox and WindowServer during event processing. - We’ve also reduced the power usage of software decoded video on macOS, especially in fullscreen. This includes streaming sites such as Netflix and Amazon Prime Video. - You can now move the Picture-in-Picture toggle button to the opposite side of the video. Simply look for the new context menu option Move Picture-in-Picture Toggle to Left (Right) Side. - We’ve made significant improvements in noise suppression and auto-gain-control, as well as slight improvements in echo-cancellation to provide you with a better overall experience. - We’ve also significantly reduced main-thread load. - When printing, you can now choose to print only the odd/even pages. - Firefox now supports and displays the new style of scrollbars on Windows 11. - Firefox has a new optimized download flow. Instead of prompting every time, files will download automatically. However, they can still be opened from the downloads panel with just one click. Easy! More information - Firefox no longer asks what to do for each file by default. You won’t be prompted to choose a helper application or save to disk before downloading a file unless you have changed your download action setting for that type of file. - Any files you download will be immediately saved on your disk. Depending on the current configuration, they’ll be saved in your preferred download folder, or you’ll be asked to select a location for each download. Windows and Linux users will find their downloaded files in the destination folder. They’ll no longer be put in the Temp folder. - Firefox allows users to choose from a number of built-in search engines to set as their default. In this release, some users who had previously configured a default engine might notice their default search engine has changed since Mozilla was unable to secure formal permission to continue including certain search engines in Firefox. - You can now toggle Narrate in ReaderMode with the keyboard shortcut "n." - You can find added support for search—with or without diacritics—in the PDF viewer. - The Linux sandbox has been strengthened: processes exposed to web content no longer have access to the X Window system (X11). - Firefox now supports credit card autofill and capture in Germany, France, and the United Kingdom. - We now support captions/subtitles display on YouTube, Prime Video, and Netflix videos you watch in Picture-in-Picture. Just turn on the subtitles on the in-page video player, and they will appear in PiP. - Picture-in-Picture now also supports video captions on websites that use Web Video Text Track (WebVTT) format (e.g., Coursera.org, Canadian Broadcasting Corporation, and many more). - On the first run after install, Firefox detects when its language does not match the operating system language and offers the user a choice between the two languages. - Firefox spell checking now checks spelling in multiple languages. To enable additional languages, select them in the text field’s context menu. - HDR video is now supported in Firefox on Mac—starting with YouTube! Firefox users on macOS 11+ (with HDR-compatible screens) can enjoy higher-fidelity video content. No need to manually flip any preferences to turn HDR video support on—just make sure battery preferences are NOT set to “optimize video streaming while on battery”. - Hardware-accelerated AV1 video decoding is enabled on Windows with supported GPUs (Intel Gen 11+, AMD RDNA 2 Excluding Navi 24, GeForce 30). Installing the AV1 Video Extension from the Microsoft Store may also be required. - Video overlay is enabled on Windows for Intel GPUs, reducing power usage during video playback. - Improved fairness between painting and handling other events. This noticeably improves the performance of the volume slider on Twitch. - Scrollbars on Linux and Windows 11 won't take space by default. On Linux, users can change this in Settings. On Windows, Firefox follows the system setting (System Settings > Accessibility > Visual Effects > Always show scrollbars). - Firefox now ignores less restricted referrer policies—including unsafe-url, no-referrer-when-downgrade, and origin-when-cross-origin—for cross-site subresource/iframe requests to prevent privacy leaks from the referrer. - Reading is now easier with the prefers-contrast media query, which allows sites to detect if the user has requested that web content is presented with a higher (or lower) contrast. - All non-configured MIME types can now be assigned a custom action upon download completion. - Firefox now allows users to use as many microphones as they want, at the same time, during video conferencing. The most exciting benefit is that you can easily switch your microphones at any time (if your conferencing service provider enables this flexibility). - Print preview has been updated. * Fixed: Various security fixes. MFSA 2022-24 (bsc#1200793) * CVE-2022-34479 (bmo#1745595) A popup window could be resized in a way to overlay the address bar with web content * CVE-2022-34470 (bmo#1765951) Use-after-free in nsSHistory * CVE-2022-34468 (bmo#1768537) CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * CVE-2022-34482 (bmo#845880) Drag and drop of malicious image could have led to malicious executable and potential code execution * CVE-2022-34483 (bmo#1335845) Drag and drop of malicious image could have led to malicious executable and potential code execution * CVE-2022-34476 (bmo#1387919) ASN.1 parser could have been tricked into accepting malformed ASN.1 * CVE-2022-34481 (bmo#1483699, bmo#1497246) Potential integer overflow in ReplaceElementsAt * CVE-2022-34474 (bmo#1677138) Sandboxed iframes could redirect to external schemes * CVE-2022-34469 (bmo#1721220) TLS certificate errors on HSTS-protected domains could be bypassed by the user on Firefox for Android * CVE-2022-34471 (bmo#1766047) Compromised server could trick a browser into an addon downgrade * CVE-2022-34472 (bmo#1770123) Unavailable PAC file resulted in OCSP requests being blocked * CVE-2022-34478 (bmo#1773717) Microsoft protocols can be attacked if a user accepts a prompt * CVE-2022-2200 (bmo#1771381) Undesired attributes could be set as part of prototype pollution * CVE-2022-34480 (bmo#1454072) Free of uninitialized pointer in lg_init * CVE-2022-34477 (bmo#1731614) MediaError message property leaked information on cross- origin same-site pages * CVE-2022-34475 (bmo#1757210) HTML Sanitizer could have been bypassed via same-origin script via use tags * CVE-2022-34473 (bmo#1770888) HTML Sanitizer could have been bypassed via use tags * CVE-2022-34484 (bmo#1763634, bmo#1772651) Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 * CVE-2022-34485 (bmo#1768409, bmo#1768578) Memory safety bugs fixed in Firefox 102 - Add patch one_swizzle_to_rule_them_all.patch to fix big endian platforms and remove old patches for this: mozilla-bmo1626236.patch, mozilla-bmo1602730.patch, mozilla-bmo1504834-part2.patch, mozilla-bmo1504834-part4.patch - Rename and rebase firefox-i586-conflict-typedef-error.patch to mozilla-bmo531915.patch - Remove upstreamed mozilla-sandbox-fips.patch ------------------------------------------------------------------- Tue Aug 23 17:58:50 UTC 2022 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 91.13.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-35 (bsc#1202645) * CVE-2022-38472 (bmo#1769155) Address bar spoofing via XSLT error handling * CVE-2022-38473 (bmo#1771685) Cross-origin XSLT Documents would have inherited the parent's permissions * CVE-2022-38478 (bmo#1770630, bmo#1776658) Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 ------------------------------------------------------------------- Thu Jul 21 12:01:56 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.12.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-29 (bsc#1201758) * CVE-2022-36319 (bmo#1737722) Mouse Position spoofing with CSS transforms * CVE-2022-36318 (bmo#1771774) Directory indexes for bundled resources reflected URL parameters ------------------------------------------------------------------- Wed Jun 22 08:37:51 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.11.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-25 (bsc#1200793) * CVE-2022-34479 (bmo#1745595) A popup window could be resized in a way to overlay the address bar with web content * CVE-2022-34470 (bmo#1765951) Use-after-free in nsSHistory * CVE-2022-34468 (bmo#1768537) CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI * CVE-2022-34481 (bmo#1497246) Potential integer overflow in ReplaceElementsAt * CVE-2022-31744 (bmo#1757604) CSP bypass enabling stylesheet injection * CVE-2022-34472 (bmo#1770123) Unavailable PAC file resulted in OCSP requests being blocked * CVE-2022-34478 (bmo#1773717) Microsoft protocols can be attacked if a user accepts a prompt * CVE-2022-2200 (bmo#1771381) Undesired attributes could be set as part of prototype pollution * CVE-2022-34484 (bmo#1763634, bmo#1772651) Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 ------------------------------------------------------------------- Mon May 30 12:04:13 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.10.0 ESR * Fixed: Various stability, functionality, and security fixes. MFSA 2022-21 (bsc#1200027) * CVE-2022-31736 (bmo#1735923) Cross-Origin resource's length leaked * CVE-2022-31737 (bmo#1743767) Heap buffer overflow in WebGL * CVE-2022-31738 (bmo#1756388) Browser window spoof using fullscreen mode * CVE-2022-31739 (bmo#1765049) Attacker-influenced path traversal when saving downloaded files * CVE-2022-31740 (bmo#1766806) Register allocation problem in WASM on arm64 * CVE-2022-31741 (bmo#1767590) Uninitialized variable leads to invalid memory read * CVE-2022-31742 (bmo#1730434) Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information * CVE-2022-31747 (bmo#1760765, bmo#1765610, bmo#1766283, bmo#1767365, bmo#1768559, bmo#1768734) Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10 ------------------------------------------------------------------- Fri May 20 11:38:20 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.9.1 ESR * Fixed: Security fix MFSA 2022-19 (bsc#1199768) * CVE-2022-1802 (bmo#1770137) Prototype pollution in Top-Level Await implementation * CVE-2022-1529 (bmo#1770048) Untrusted input used in JavaScript object indexing, leading to prototype pollution ------------------------------------------------------------------- Wed Apr 27 14:58:19 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.9.0 ESR MFSA 2022-17 (bsc#1198970) * CVE-2022-29914 (bmo#1746448) Fullscreen notification bypass using popups * CVE-2022-29909 (bmo#1755081) Bypassing permission prompt in nested browsing contexts * CVE-2022-29916 (bmo#1760674) Leaking browser history with CSS variables * CVE-2022-29911 (bmo#1761981) iframe Sandbox bypass * CVE-2022-29912 (bmo#1692655) Reader mode bypassed SameSite cookies * CVE-2022-29917 (bmo#1684739, bmo#1706441, bmo#1753298, bmo#1762614, bmo#1762620, bmo#1764778) Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9 ------------------------------------------------------------------- Tue Apr 5 14:00:59 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.8.0 ESR MFSA 2022-14 (bsc#1197903) * CVE-2022-1097 (bmo#1745667) Use-after-free in NSSToken objects * CVE-2022-28281 (bmo#1755621) Out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-1196 (bmo#1750679) Use-after-free after VR Process destruction * CVE-2022-28282 (bmo#1751609) Use-after-free in DocumentL10n::TranslateDocument * CVE-2022-28285 (bmo#1756957) Incorrect AliasSet used in JIT Codegen * CVE-2022-28286 (bmo#1735265) iframe contents could be rendered outside the border * CVE-2022-24713 (bmo#1758509) Denial of Service via complex regular expressions * CVE-2022-28289 (bmo#1663508, bmo#1744525, bmo#1753508, bmo#1757476, bmo#1757805, bmo#1758549, bmo#1758776) Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8 ------------------------------------------------------------------- Thu Mar 17 09:18:01 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Add cpu-flag `asimdrdm` to aarch64 constraints, to select newer, faster buildhosts, as the others struggle to build FF. ------------------------------------------------------------------- Tue Mar 15 10:23:40 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.7.1 ESR * Changed: Yandex and Mail.ru have been removed as optional search providers in the drop-down search menu in Firefox. If you previously installed a customized version of Firefox with Yandex or Mail.ru, offered through partner distribution channels, this release removes those customizations, including add-ons and default bookmarks. Where applicable, your browser will revert back to default settings, as offered by Mozilla. All other releases of Firefox remain unaffected by the change. ------------------------------------------------------------------- Wed Mar 9 11:35:23 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.7.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2022-10 (bsc#1196900) * CVE-2022-26383 (bmo#1742421) Browser window spoof using fullscreen mode * CVE-2022-26384 (bmo#1744352) iframe allow-scripts sandbox bypass * CVE-2022-26387 (bmo#1752979) Time-of-check time-of-use bug when verifying add-on signatures * CVE-2022-26381 (bmo#1736243) Use-after-free in text reflows * CVE-2022-26386 (bmo#1752396) Temporary files downloaded to /tmp and accessible by other local users ------------------------------------------------------------------- Mon Mar 7 16:27:46 UTC 2022 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 91.6.1 ESR * Fixed: Security fix - Mozilla Firefox ESR 91.6.1 MFSA 2022-09 (bsc#1196809) * CVE-2022-26485 (bmo#1758062) Use-after-free in XSLT parameter processing * CVE-2022-26486 (bmo#1758070) Use-after-free in WebGPU IPC Framework ------------------------------------------------------------------- Tue Feb 8 14:23:12 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.6.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2022-05 (bsc#1195682) * CVE-2022-22753 (bmo#1732435) Privilege Escalation to SYSTEM on Windows via Maintenance Service * CVE-2022-22754 (bmo#1750565) Extensions could have bypassed permission confirmation during update * CVE-2022-22756 (bmo#1317873) Drag and dropping an image could have resulted in the dropped object being an executable * CVE-2022-22759 (bmo#1739957) Sandboxed iframes could have executed script if the parent appended elements * CVE-2022-22760 (bmo#1740985, bmo#1748503) Cross-Origin responses could be distinguished between script and non-script content-types * CVE-2022-22761 (bmo#1745566) frame-ancestors Content Security Policy directive was not enforced for framed extension pages * CVE-2022-22763 (bmo#1740534) Script Execution during invalid object state * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545, bmo#1748210, bmo#1748279) Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 ------------------------------------------------------------------- Thu Jan 27 15:04:55 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.5.1 ESR (bsc#1195230) * Fixed: Fixed an issue that allowed unexpected data to be submitted in some of our search telemetry (bmo#1752317) ------------------------------------------------------------------- Tue Jan 11 14:46:37 UTC 2022 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.5.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2022-03 (bsc#1194547) * CVE-2022-22746 (bmo#1735071) Calling into reportValidity could have lead to fullscreen window spoof * CVE-2022-22743 (bmo#1739220) Browser window spoof using fullscreen mode * CVE-2022-22742 (bmo#1739923) Out-of-bounds memory access when inserting text in edit mode * CVE-2022-22741 (bmo#1740389) Browser window spoof using fullscreen mode * CVE-2022-22740 (bmo#1742334) Use-after-free of ChannelEventQueue::mOwner * CVE-2022-22738 (bmo#1742382) Heap-buffer-overflow in blendGaussianBlur * CVE-2022-22737 (bmo#1745874) Race condition when playing audio files * CVE-2021-4140 (bmo#1746720) Iframe sandbox bypass with XSLT * CVE-2022-22748 (bmo#1705211) Spoofed origin on external protocol launch dialog * CVE-2022-22745 (bmo#1735856) Leaking cross-origin URLs through securitypolicyviolation event * CVE-2022-22744 (bmo#1737252) The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection * CVE-2022-22747 (bmo#1735028) Crash when handling empty pkcs7 sequence * CVE-2022-22739 (bmo#1744158) Missing throttling on external protocol launch dialog * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366, bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869, bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011) Memory safety bugs fixed in Thunderbird 91.5 ------------------------------------------------------------------- Thu Dec 16 21:55:21 UTC 2021 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 91.4.1 ESR (bsc#1193845) * Fixed frequent MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING error messages when trying to connect to various microsoft.com domains (bmo#1745600) ------------------------------------------------------------------- Tue Dec 7 13:37:45 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.4.0 ESR * Fixed: Various security fixes - Mozilla Firefox ESR 91.4.0 MFSA 2021-53 (bsc#1193485) * CVE-2021-43536 (bmo#1730120) URL leakage when navigating while executing asynchronous function * CVE-2021-43537 (bmo#1738237) Heap buffer overflow when using structured clone * CVE-2021-43538 (bmo#1739091) Missing fullscreen and pointer lock notification when requesting both * CVE-2021-43539 (bmo#1739683) GC rooting failure when calling wasm instance methods * CVE-2021-43541 (bmo#1696685) External protocol handler parameters were unescaped * CVE-2021-43542 (bmo#1723281) XMLHttpRequest error codes could have leaked the existence of an external protocol handler * CVE-2021-43543 (bmo#1738418) Bypass of CSP sandbox directive when embedding * CVE-2021-43545 (bmo#1720926) Denial of Service when using the Location API in a loop * CVE-2021-43546 (bmo#1737751) Cursor spoofing could overlay user interface when native cursor is zoomed * MOZ-2021-0009 (bmo#1393362, bmo#1736046, bmo#1736751, bmo#1737009, bmo#1739372, bmo#1739421) Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 ------------------------------------------------------------------- Thu Dec 2 20:32:42 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de> - remove x-scheme-handler/ftp from MozillaFirefox.desktop boo#1193321 ------------------------------------------------------------------- Tue Nov 2 11:48:18 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 (bsc#1192250) * CVE-2021-38503 (bmo#1729517) iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504 (bmo#1730156) Use-after-free in file picker dialog * CVE-2021-38505 (bmo#1730194) Windows 10 Cloud Clipboard may have recorded sensitive user data * CVE-2021-38506 (bmo#1730750) Firefox could be coaxed into going into fullscreen mode without notification or warning * CVE-2021-38507 (bmo#1730935) Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports * MOZ-2021-0008 (bmo#1667102) Use-after-free in HTTP2 Session object * CVE-2021-38508 (bmo#1366818) Permission Prompt could be overlaid, resulting in user confusion and potential spoofing * CVE-2021-38509 (bmo#1718571) Javascript alert box could have been spoofed onto an arbitrary domain * CVE-2021-38510 (bmo#1731779) Download Protections were bypassed by .inetloc files on Mac OS * MOZ-2021-0007 (bmo#1606864, bmo#1712671, bmo#1730048, bmo#1735152) Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 - Removed mozilla-bmo1735309.patch which is now upstream ------------------------------------------------------------------- Wed Oct 20 06:59:40 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Rebase mozilla-sandbox-fips.patch to punch another hole in the sandbox containment, to be able to open /proc/sys/crypto/fips_enabled from within the newly introduced socket process sandbox. This fixes bsc#1191815 and bsc#1190141 - Add a way to let users overwrite MOZ_ENABLE_WAYLAND - Rename mozilla-neqo-fix-fips-crash.patch to mozilla-bmo1735309.patch and rebase to the official upstream patch ------------------------------------------------------------------- Tue Oct 5 12:47:06 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 91.2.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-45 (bsc#1191332) * CVE-2021-38496 (bmo#1725335) Use-after-free in MessageTask * CVE-2021-38497 (bmo#1726621) Validation message could have been overlaid on another origin * CVE-2021-38498 (bmo#1729642) Use-after-free of nsLanguageAtomService object * CVE-2021-32810 (bmo#1729813, https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw) Data race in crossbeam-deque * CVE-2021-38500 (bmo#1725854, bmo#1728321) Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 * CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176) Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 ------------------------------------------------------------------- Fri Oct 1 09:28:03 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Add mozilla-neqo-fix-fips-crash.patch to fix crash in FIPS mode (bsc#1190710) ------------------------------------------------------------------- Thu Sep 9 23:33:28 UTC 2021 - Charles Robertson <cgrobertson@suse.com> - Added firefox-i586-conflict-typedef-error.patch to fix 32bit i586 compile error ------------------------------------------------------------------- Wed Sep 8 17:24:43 UTC 2021 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 91.1.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-40 (bsc#1190269, bsc#1190274) * CVE-2021-38492 (bmo#1721107) Navigating to `mk:` URL scheme could load Internet Explorer * CVE-2021-38495 (bmo#1723391, bmo#1723920, bmo#1724101, bmo#1724107) Memory safety bugs fixed in Firefox 92 and Firefox ESR 91.1 - Removed mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch made obsolete by upstream changes. - Rebased patches: firefox-branded-icons.patch firefox-kde.patch mozilla-aarch64-startup-crash.patch mozilla-bmo1504834-part1.patch mozilla-bmo1504834-part4.patch mozilla-bmo1512162.patch mozilla-bmo1626236.patch mozilla-bmo849632.patch mozilla-kde.patch mozilla-ntlm-full-path.patch mozilla-s390-context.patch mozilla-sandbox-fips.patch ------------------------------------------------------------------- Wed Aug 18 06:47:31 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox 91.0.1esr ESR * Fixed: Fixed an issue causing buttons on the tab bar to be resized when loading certain websites (bug 1704404) (bmo#1704404) * Fixed: Fixed an issue which caused tabs from private windows to be visible in non-private windows when viewing switch-to- tab results in the address bar panel (bug 1720369) (bmo#1720369) * Fixed: Various stability fixes * Fixed: Security fix MFSA 2021-37 (bsc#1189547) * CVE-2021-29991 (bmo#1724896) Header Splitting possible with HTTP/3 Responses - Re-add mozilla-silence-no-return-type.patch ------------------------------------------------------------------- Wed Aug 11 02:31:55 UTC 2021 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 91.0 ESR * New: Some of the highlights of the new Extended Support Release are: - A number of user interface changes. For more information, see the Firefox 89 release notes. - Firefox now supports logging into Microsoft, work, and school accounts using Windows single sign-on. Learn more - On Windows, updates can now be applied in the background while Firefox is not running. - Firefox for Windows now offers a new page about:third-party to help identify compatibility issues caused by third-party applications - Version 2 of Firefox's SmartBlock feature further improves private browsing. Third party Facebook scripts are blocked to prevent you from being tracked, but are now automatically loaded "just in time" if you decide to "Log in with Facebook" on any website. - Enhanced the privacy of the Firefox Browser's Private Browsing mode with Total Cookie Protection, which confines cookies to the site where they were created, preventing companis from using cookies to track your browsing across sites. This feature was originally launched in Firefox's ETP Strict mode. - PDF forms now support JavaScript embedded in PDF files. Some PDF forms use JavaScript for validation and other interactive features. - You'll encounter less website breakage in Private Browsing and Strict Enhanced Tracking Protection with SmartBlock, which provides stand-in scripts so that websites load properly. - Improved Print functionality with a cleaner design and better integration with your computer's printer settings. - Firefox now protects you from supercookies, a type of tracker that can stay hidden in your browser and track you online, even after you clear cookies. By isolating supercookies, Firefox prevents them from tracking your web browsing from one site to the next. - Firefox now remembers your preferred location for saved bookmarks, displays the bookmarks toolbar by default on new tabs, and gives you easy access to all of your bookmarks via a toolbar folder. - Native support for macOS devices built with Apple Silicon CPUs brings dramatic performance improvements over the non- native build that was shipped in Firefox 83: Firefox launches over 2.5 times faster and web apps are now twice as responsive (per the SpeedoMeter 2.0 test). If you are on a new Apple device, follow these steps to upgrade to the latest Firefox. - Pinch zooming will now be supported for our users with Windows touchscreen devices and touchpads on Mac devices. Firefox users may now use pinch to zoom on touch-capable devices to zoom in and out of webpages. - We’ve improved functionality and design for a number of Firefox search features: * Selecting a search engine at the bottom of the search panel now enters search mode for that engine, allowing you to see suggestions (if available) for your search terms. The old behavior (immediately performing a search) is available with a shift-click. * When Firefox autocompletes the URL of one of your search engines, you can now search with that engine directly in the address bar by selecting the shortcut in the address bar results. * We’ve added buttons at the bottom of the search panel to allow you to search your bookmarks, open tabs, and history. - Firefox supports AcroForm, which will allow you to fill in, print, and save supported PDF forms and the PDF viewer also has a new fresh look. - For our users in the US and Canada, Firefox can now save, manage, and auto-fill credit card information for you, making shopping on Firefox ever more convenient. - In addition to our default, dark and light themes, with this release, Firefox introduces the Alpenglow theme: a colorful appearance for buttons, menus, and windows. You can update your Firefox themes under settings or preferences. * Changed: Firefox no longer supports Adobe Flash. There is no setting available to re-enable Flash support. * Enterprise: Various bug fixes and new policies have been implemented in the latest version of Firefox. See more details in the Firefox for Enterprise 91 Release Notes. MFSA 2021-33 (bsc#1188891) * CVE-2021-29986 (bmo#1696138) Race condition when resolving DNS names could have led to memory corruption * CVE-2021-29981 (bmo#1707774) Live range splitting could have led to conflicting assignments in the JIT * CVE-2021-29988 (bmo#1717922) Memory corruption as a result of incorrect style treatment * CVE-2021-29983 (bmo#1719088) Firefox for Android could get stuck in fullscreen mode * CVE-2021-29984 (bmo#1720031) Incorrect instruction reordering during JIT optimization * CVE-2021-29980 (bmo#1722204) Uninitialized memory in a canvas object could have led to memory corruption * CVE-2021-29987 (bmo#1716129) Users could have been tricked into accepting unwanted permissions on Linux * CVE-2021-29985 (bmo#1722083) Use-after-free media channels * CVE-2021-29982 (bmo#1715318) Single bit data leak due to incorrect JIT optimization and type confusion * CVE-2021-29989 (bmo#1662676, bmo#1666184, bmo#1719178, bmo#1719998, bmo#1720568) Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13 * CVE-2021-29990 (bmo#1544190, bmo#1716481, bmo#1717778, bmo#1719319, bmo#1722073) Memory safety bugs fixed in Firefox 91 ------------------------------------------------------------------- Tue Aug 10 12:51:02 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.13.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-34 (bsc#1188891) * CVE-2021-29986 (bmo#1696138) Race condition when resolving DNS names could have led to memory corruption * CVE-2021-29988 (bmo#1717922) Memory corruption as a result of incorrect style treatment * CVE-2021-29984 (bmo#1720031) Incorrect instruction reordering during JIT optimization * CVE-2021-29980 (bmo#1722204) Uninitialized memory in a canvas object could have led to memory corruption * CVE-2021-29985 (bmo#1722083) Use-after-free media channels * CVE-2021-29989 (bmo#1662676, bmo#1666184, bmo#1719178, bmo#1719998, bmo#1720568) Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13 ------------------------------------------------------------------- Thu Jul 15 00:39:52 UTC 2021 - William Brown <william.brown@suse.com> - jsc#SLE-18626 - Migrate rust to parallel versioned packages allowing more flexible build requirements to be expressed. - Update Firefox to use the 1.43 version of Rust. ------------------------------------------------------------------- Tue Jul 13 13:47:45 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 (bsc#1188275) * CVE-2021-29970 (bmo#1709976) Use-after-free in accessibility features of a document * CVE-2021-30547 (bmo#1715766) Out of bounds write in ANGLE * CVE-2021-29976 (bmo#1700895, bmo#1703334, bmo#1706910, bmo#1711576, bmo#1714391) Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12 ------------------------------------------------------------------- Tue Jun 1 12:56:04 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.11.0 ESR * Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.11 MFSA 2021-24 (bsc#1186696) * CVE-2021-29964 (bmo#1706501) Out of bounds-read when parsing a `WM_COPYDATA` message * CVE-2021-29967 (bmo#1602862, bmo#1703191, bmo#1703760, bmo#1704722, bmo#1706041) Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 - Added the new Mozilla's GPG key, expiring on 2023-05-17 to the mozilla.keyring file ------------------------------------------------------------------- Wed May 5 07:27:47 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.10.1 ESR * Fixed: Resolved an issue caused by a recent Widevine plugin update which prevented some purchased video content from playing correctly (bmo#1705138) * Fixed: Security fix MFSA 2021-18 (bsc#1185633) * CVE-2021-29951 (bmo#1690062) Mozilla Maintenance Service could have been started or stopped by domain users ------------------------------------------------------------------- Mon Apr 19 13:16:14 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.10.0 ESR * Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.10 MFSA 2021-15 (bsc#1184960) * CVE-2021-23994 (bmo#1699077) Out of bound write due to lazy initialization * CVE-2021-23995 (bmo#1699835) Use-after-free in Responsive Design Mode * CVE-2021-23998 (bmo#1667456) Secure Lock icon could have been spoofed * CVE-2021-23961 (bmo#1677940) More internal network hosts could have been probed by a malicious webpage * CVE-2021-23999 (bmo#1691153) Blob URLs may have been granted additional privileges * CVE-2021-24002 (bmo#1702374) Arbitrary FTP command execution on FTP servers using an encoded URL * CVE-2021-29945 (bmo#1700690) Incorrect size computation in WebAssembly JIT could lead to null-reads * CVE-2021-29946 (bmo#1698503) Port blocking could be bypassed ------------------------------------------------------------------- Wed Mar 24 07:07:10 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.9.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-11 (bsc#1183942) * CVE-2021-23981 (bmo#1692832) Texture upload into an unbound backing buffer resulted in an out-of-bound read * CVE-2021-23982 (bmo#1677046) Internal network hosts could have been probed by a malicious webpage * CVE-2021-23984 (bmo#1693664) Malicious extensions could have spoofed popup information * CVE-2021-23987 (bmo#1513519, bmo#1683439, bmo#1690169, bmo#1690718) Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 ------------------------------------------------------------------- Tue Feb 23 13:34:35 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.8.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-08 (bsc#1182614) * CVE-2021-23969 (bmo#1542194) Content Security Policy violation report could have contained the destination of a redirect * CVE-2021-23968 (bmo#1687342) Content Security Policy violation report could have contained the destination of a redirect * CVE-2021-23973 (bmo#1690976) MediaError message property could have leaked information about cross-origin resources * CVE-2021-23978 (bmo#1682928, bmo#1687391, bmo#1687597, bmo#786797) Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 - Update create-tar.sh to use https instead of http (bsc#1182357) ------------------------------------------------------------------- Mon Feb 8 08:01:54 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.7.1 ESR * Fixed: Prevent access to NTFS special paths that could lead to filesystem corruption. (bmo#1689598) * Fixed: Security fix MFSA 2021-06 (bsc#1181848) * MOZ-2021-0001 (bmo#1676636) Buffer overflow in depth pitch calculations for compressed textures ------------------------------------------------------------------- Tue Jan 26 14:43:01 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.7.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-04 (bsc#1181414) * CVE-2021-23953 (bmo#1683940) Cross-origin information leakage via redirected PDF requests * CVE-2021-23954 (bmo#1684020) Type confusion when using logical assignment operators in JavaScript switch statements * CVE-2020-26976 (bmo#1674343) HTTPS pages could have been intercepted by a registered service worker when they should not have been * CVE-2021-23960 (bmo#1675755) Use-after-poison for incorrectly redeclared JavaScript variables during GC * CVE-2021-23964 (bmo#1662507, bmo#1666285, bmo#1673526, bmo#1674278, bmo#1674835, bmo#1675097, bmo#1675844, bmo#1675868, bmo#1677590, bmo#1677888, bmo#1680410, bmo#1681268, bmo#1682068, bmo#1682938, bmo#1683736, bmo#1685260, bmo#1685925) Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 ------------------------------------------------------------------- Thu Jan 7 06:45:39 UTC 2021 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.6.1 ESR * Fixed: Security fix * Fixed: Fixed a crash during video playback on Apple Silicon devices (bmo#1683579) MFSA 2021-01 (bsc#1180623) * CVE-2020-16044 (bmo#1683964) Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk ------------------------------------------------------------------- Tue Dec 15 13:41:58 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.6.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-55 (bsc#1180039) * CVE-2020-16042 (bmo#1679003) Operations on a BigInt could have caused uninitialized memory to be exposed * CVE-2020-26971 (bmo#1663466) Heap buffer overflow in WebGL * CVE-2020-26973 (bmo#1680084) CSS Sanitizer performed incorrect sanitization * CVE-2020-26974 (bmo#1681022) Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free * CVE-2020-26978 (bmo#1677047) Internal network hosts could have been probed by a malicious webpage * CVE-2020-35111 (bmo#1657916) The proxy.onRequest API did not catch view-source URLs * CVE-2020-35112 (bmo#1661365) Opening an extension-less download may have inadvertently launched an executable instead * CVE-2020-35113 (bmo#1664831, bmo#1673589) Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 ------------------------------------------------------------------- Tue Nov 17 14:10:17 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.5.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-51 (bsc#1178824) * CVE-2020-26951 (bmo#1667113) Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012 (bmo#1642028) Variable time processing of cross-origin images during drawImage calls * CVE-2020-26953 (bmo#1656741) Fullscreen could be enabled without displaying the security UI * CVE-2020-26956 (bmo#1666300) XSS through paste (manual and clipboard API) * CVE-2020-26958 (bmo#1669355) Requests intercepted through ServiceWorkers lacked MIME type restrictions * CVE-2020-26959 (bmo#1669466) Use-after-free in WebRequestService * CVE-2020-26960 (bmo#1670358) Potential use-after-free in uses of nsTArray * CVE-2020-15999 (bmo#1672223) Heap buffer overflow in freetype * CVE-2020-26961 (bmo#1672528) DoH did not filter IPv4 mapped IP Addresses * CVE-2020-26965 (bmo#1661617) Software keyboards may have remembered typed passwords * CVE-2020-26966 (bmo#1663571) Single-word search queries were also broadcast to local network * CVE-2020-26968 (bmo#1551615, bmo#1607762, bmo#1656697, bmo#1657739, bmo#1660236, bmo#1667912, bmo#1671479, bmo#1671923) Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 ------------------------------------------------------------------- Mon Nov 9 17:11:30 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 78.4.1 ESR * Fixed: Security fix MFSA 2020-49 (bsc#1178588) * CVE-2020-26950 (bmo#1675905) Write side effects in MCallGetProperty opcode not accounted for ------------------------------------------------------------------- Tue Oct 20 15:48:43 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 78.4.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-46 (bsc#1177872) * CVE-2020-15969 (bmo#1666570, bmo#https://github.com/sctplab/u srsctp/commit/ffed0925f27d404173c1e3e750d818f432d2c019) Use-after-free in usersctp * CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954, bmo#1662760, bmo#1663439, bmo#1666140) Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 ------------------------------------------------------------------- Thu Oct 1 17:40:29 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 78.3.1 ESR (bsc#1176756) * Fixed: Fixed legacy preferences not being properly applied when set via GPO (bmo#1666836) ------------------------------------------------------------------- Tue Sep 22 13:35:26 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-43 (bsc#1176756) * CVE-2020-15677 (bmo#1641487) Download origin spoofing via redirect * CVE-2020-15676 (bmo#1646140) XSS when pasting attacker-controlled data into a contenteditable element * CVE-2020-15678 (bmo#1660211) When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after- free scenario * CVE-2020-15673 (bmo#1648493, bmo#1660800) Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 ------------------------------------------------------------------- Wed Sep 16 13:55:06 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Enhance fix for wayland-detection (bsc#1174420) ------------------------------------------------------------------- Wed Sep 16 10:47:33 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Try to fix langpack-parallelization by introducing separate obj-dirs for each lang (boo#1173986, boo#1167976) ------------------------------------------------------------------- Tue Aug 25 17:10:30 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 78.2.0 ESR * Fixed: Various stability, functionality, and security fixes - Mozilla Firefox ESR 78.2 MFSA 2020-38 (bsc#1175686) * CVE-2020-15663 (bmo#1643199) Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege * CVE-2020-15664 (bmo#1658214) Attacker-induced prompt for extension installation * CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626, bmo#1656957) Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2 ------------------------------------------------------------------- Mon Aug 24 23:19:31 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Added patch: firefox-dev-random-sandbox.patch (bsc#1174284) * Firefox tab crash in FIPS mode ------------------------------------------------------------------- Wed Aug 5 11:49:05 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Activate ccache - Parallelize langpack build ------------------------------------------------------------------- Mon Aug 3 11:06:17 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Fix broken translation-loading (boo#1173991) * allow addon sideloading * mark signatures for langpacks non-mandatory * do not autodisable user profile scopes - Google API key is not usable for geolocation service any more ------------------------------------------------------------------- Tue Jul 28 13:33:39 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-32 (bsc#1174538) * CVE-2020-15652 (bmo#1634872) Potential leak of redirect targets when loading scripts in a worker * CVE-2020-6514 (bmo#1642792) WebRTC data channel leaks internal address to peer * CVE-2020-15655 (bmo#1645204) Extension APIs could be used to bypass Same-Origin Policy * CVE-2020-15653 (bmo#1521542) Bypassing iframe sandbox when allowing popups * CVE-2020-6463 (bmo#1635293) Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture * CVE-2020-15656 (bmo#1647293) Type confusion for special arguments in IonMonkey * CVE-2020-15658 (bmo#1637745) Overriding file type when saving to disk * CVE-2020-15657 (bmo#1644954) DLL hijacking due to incorrect loading path * CVE-2020-15654 (bmo#1648333) Custom cursor can overlay user interface * CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1643613, bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646787, bmo#1649347, bmo#1650811, bmo#1651678) Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1 ------------------------------------------------------------------- Thu Jul 9 17:16:05 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Mozilla Firefox 78.0.2 MFSA 2020-28 (bsc#1173948) * MFSA-2020-0003 (bmo#1644076) X-Frame-Options bypass using object or embed tags - Firefox Extended Support Release 78.0.2esr ESR * Fixed: Security fix * Fixed: Fixed an accessibility regression in reader mode (bmo#1650922) * Fixed: Made the address bar more resilient to data corruption in the user profile (bmo#1649981) * Fixed: Fixed a regression opening certain external applications (bmo#1650162) ------------------------------------------------------------------- Thu Jul 2 09:04:19 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Add specific requirement for libfreetype6 (bsc#1173613) ------------------------------------------------------------------- Wed Jul 1 18:23:42 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 78.0.1 ESR * Fixed: Fixed an issue which could cause installed search engines to not be visible when upgrading from a previous release. (bmo#1649558) - Mozilla Firefox 78 MFSA 2020-24 (bsc#1173576) * CVE-2020-12415 (bmo#1586630) AppCache manifest poisoning due to url encoded character processing * CVE-2020-12416 (bmo#1639734) Use-after-free in WebRTC VideoBroadcaster * CVE-2020-12417 (bmo#1640737) Memory corruption due to missing sign-extension for ValueTags on ARM64 * CVE-2020-12418 (bmo#1641303) Information disclosure due to manipulated URL object * CVE-2020-12419 (bmo#1643874) Use-after-free in nsGlobalWindowInner * CVE-2020-12420 (bmo#1643437) Use-After-Free when trying to connect to a STUN server * CVE-2020-12402 (bmo#1631597) RSA Key Generation vulnerable to side-channel attack * CVE-2020-12421 (bmo#1308251) Add-On updates did not respect the same certificate trust rules as software updates * CVE-2020-12422 (bmo#1450353) Integer overflow in nsJPEGEncoder::emptyOutputBuffer * CVE-2020-12423 (bmo#1642400) DLL Hijacking due to searching %PATH% for a library * CVE-2020-12424 (bmo#1562600) WebRTC permission prompt could have been bypassed by a compromised content process * CVE-2020-12425 (bmo#1634738) Out of bound read in Date.parse() * CVE-2020-12426 (bmo#1608068, bmo#1609951, bmo#1631187, bmo#1637682) Memory safety bugs fixed in Firefox 78 ------------------------------------------------------------------- Tue Jun 30 22:58:31 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 78.0esr ESR * New: Some of the highlights of the new Extended Support Release are: - Kiosk mode - Client certificates - Service Worker and Push APIs are now enabled - The Block Autoplay feature is enabled - Picture-in-picture support - View and manage web certificates in about:certificate For more information about what's new in the Firefox 78 ESR release, see the more detailed release notes at support.mozilla.org. - Add patches to fix big endian problems: * mozilla-s390x-skia-gradient.patch * mozilla-bmo998749.patch * mozilla-bmo1626236.patch - Add patch to fix broken build on ppc64le * mozilla-bmo1512162.patch - Add patch to add screensharing capability on wayland * mozilla-pipewire-0-3.patch - Rename firefox-fips.patch to mozilla-sandbox-fips.patch - Removed upstreamed patches: * mozilla-cubeb-noreturn.patch * mozilla-nestegg-big-endian.patch * mozilla-openaes-decl.patch * mozilla-s390x-bigendian.patch * mozilla-sle12-lower-python-requirement.patch ------------------------------------------------------------------- Tue Jun 2 13:18:48 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.9.0 ESR * Fixed: Various stability and security fixes MFSA 2020-21 (bsc#1172402) * CVE-2020-12405 (bmo#1619305, bmo#1632717) * CVE-2020-12406 (bmo#1639590) * CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ------------------------------------------------------------------- Wed May 27 15:24:12 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Removed %is_opensuse macro from spec file to align builds with openSUSE Leap. ------------------------------------------------------------------- Tue May 5 13:18:35 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.8.0 ESR MFSA 2020-17 (bsc#1171186) * CVE-2020-12387 (bmo#1545345) Use-after-free during worker shutdown * CVE-2020-12388 (bmo#1618911) Sandbox escape with improperly guarded Access Tokens * CVE-2020-12389 (bmo#1554110) Sandbox escape with improperly separated process types * CVE-2020-6831 (bmo#1632241) Buffer overflow in SCTP chunk input validation * CVE-2020-12392 (bmo#1614468) Arbitrary local file access with 'Copy as cURL' * CVE-2020-12393 (bmo#1615471) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508) Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 ------------------------------------------------------------------- Tue Apr 7 13:42:27 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.7.0 ESR MFSA 2020-13 (bsc#1168874) * CVE-2020-6828 (bmo#1617928) Preference overwrite via crafted Intent from malicious Android application * CVE-2020-6827 (bmo#1622278) Custom Tabs in Firefox for Android could have the URI spoofed * CVE-2020-6821 (bmo#1625404) Uninitialized memory could be read when using the WebGL copyTexSubImage method * CVE-2020-6822 (bmo#1544181) Out of bounds write in GMPDecodeData when processing large images * CVE-2020-6825 (bmo#1572541, bmo#1620193, bmo#1620203) Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 ------------------------------------------------------------------- Sun Apr 5 12:47:39 UTC 2020 - Vítězslav Čížek <vcizek@suse.com> - Mozilla Firefox 68.6.1esr MFSA 2020-11 (boo#1168630) * CVE-2020-6819 (bmo#1620818) Use-after-free while running the nsDocShell destructor * CVE-2020-6820 (bmo#1626728) Use-after-free when handling a ReadableStream ------------------------------------------------------------------- Fri Mar 20 18:20:58 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Added patch: firefox-fips.patch (bsc#1167231) * FIPS: MozillaFirefox: allow /proc/sys/crypto/fips_enabled ------------------------------------------------------------------- Tue Mar 10 12:36:01 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.6.0 ESR (bsc#1166238) * Fixed: Various stability and security fixes MFSA 2020-09 (bsc#1132665) * CVE-2020-6805 (bmo#1610880) Use-after-free when removing data about origins * CVE-2020-6806 (bmo#1612308) BodyStream::OnInputStreamReady was missing protections against state confusion * CVE-2020-6807 (bmo#1614971) Use-after-free in cubeb during stream destruction * CVE-2020-6811 (bmo#1607742) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2019-20503 (bmo#1613765) Out of bounds reads in sctp_load_addresses_from_init * CVE-2020-6812 (bmo#1616661) The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission * CVE-2020-6814 (bmo#1592078, bmo#1604847, bmo#1608256, bmo#1612636, bmo#1614339) Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 ------------------------------------------------------------------- Tue Feb 11 18:43:44 UTC 2020 - Charles Robertson <cgrobertson@suse.com> - Firefox Extended Support Release 68.5.0 ESR * Fixed: Various stability and security fixes - Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368) * CVE-2020-6796 (bmo#1610426) Missing bounds check on shared memory read in the parent process * CVE-2020-6797 (bmo#1596668) Extensions granted downloads.open permission could open arbitrary applications on Mac OSX * CVE-2020-6798 (bmo#1602944) Incorrect parsing of template tag could result in JavaScript injection * CVE-2020-6799 (bmo#1606596) Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader * CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543, bmo#1604851, bmo#1605777, bmo#1608580, bmo#1608785) Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 ------------------------------------------------------------------- Tue Jan 21 11:49:52 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.4.2 ESR * Fixed: Fixed various issues opening files with spaces in their path (bmo#1601905, bmo#1602726) ------------------------------------------------------------------- Thu Jan 9 06:37:13 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.4.1 ESR * Fixed: Security fix MFSA 2020-03 (bsc#1160498) * CVE-2019-17026 (bmo#1607443) IonMonkey type confusion with StoreElementHole and FallibleStoreElement ------------------------------------------------------------------- Tue Jan 7 14:28:41 UTC 2020 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.4.0 ESR * Fixed: Various security fixes MFSA 2020-02 (bsc#1160305) * CVE-2019-17015 (bmo#1599005) Memory corruption in parent process during new content process initialization on Windows * CVE-2019-17016 (bmo#1599181) Bypass of @namespace CSS sanitization during pasting * CVE-2019-17017 (bmo#1603055) Type Confusion in XPCVariant.cpp * CVE-2019-17021 (bmo#1599008) Heap address disclosure in parent process during content process initialization on Windows * CVE-2019-17022 (bmo#1602843) CSS sanitization does not escape HTML tags * CVE-2019-17024 (bmo#1507180, bmo#1595470, bmo#1598605, bmo#1601826) Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 - Removed patch that is now upstream: mozilla-bmo1511604.patch - Added patch to fix broken URL-bar on s390x: mozilla-bmo1602730.patch ------------------------------------------------------------------- Tue Dec 3 14:00:28 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.3.0 ESR * Changed: Updates to improve performance and stability MFSA 2019-37 (bsc#1158328) * CVE-2019-17008 (bmo#1546331) Use-after-free in worker destruction * CVE-2019-13722 (bmo#1580156) Stack corruption due to incorrect number of arguments in WebRTC code * CVE-2019-11745 (bmo#1586176) Out of bounds write in NSS when encrypting with a block cipher * CVE-2019-17009 (bmo#1510494) Updater temporary files accessible to unprivileged processes * CVE-2019-17010 (bmo#1581084) Use-after-free when performing device orientation checks * CVE-2019-17005 (bmo#1584170) Buffer overflow in plain text serializer * CVE-2019-17011 (bmo#1591334) Use-after-free when retrieving a document in antitracking * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209, bmo#1580288, bmo#1585760, bmo#1592502) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 ------------------------------------------------------------------- Tue Nov 19 12:41:44 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Add patch mozilla-bmo849632.patch to partially fix broken webGL sites on big endian machines (wrong colors) - Replace source-stamp.txt with tar_stamps - Reference create-tar.sh by direct commit-hash in the spec-file ------------------------------------------------------------------- Tue Nov 5 14:37:37 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Reactivate webRTC for all architectures ------------------------------------------------------------------- Thu Oct 31 11:10:35 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Add patch mozilla-bmo1504834-part4.patch to fix broken tab-titles on s390x ------------------------------------------------------------------- Thu Oct 24 22:28:26 UTC 2019 - Charles Robertson <cgrobertson@suse.com> - Issues resolved in earlier updates: * [bsc#1137990] Firefox 60.7 ESR changed the user interface language * [bsc#1120374] SLED12SP3 - Wrong Firefox GUI Language (Firefox ESR 60.4.0) * [bsc#1092611] VUL-0: MozillaFirefox: 52.8/60 (MFSA-2018-11 MFSA-2018-12) * [bsc#1074235] MozillaFirefox: background tab crash reports sent inadvertently without user opt-in * [bsc#1047281] VUL-0: CVE-2017-7789: MozillaFirefox: Firefox ignores Strict-Transport-Security when two more STS headers aresent from server * [bsc#1043008] Firefox hangs randomly when browsing and scrolling * [bsc#1025108] Firefox stops loading page until mouse is moved * [bsc#1010426] VUL-0: CVE-2016-5289: MozillaFirefox: Memory safety bugs fixed in Firefox 50 * [bsc#1010425] VUL-0: CVE-2016-9071: MozillaFirefox: Probe browser history via HSTS/301 redirect + CSP * [bsc#1010424] VUL-0: CVE-2016-9063: MozillaFirefox: Possible integer overflow to fix inside XML_Parse in Expat * [bsc#1010423] VUL-0: CVE-2016-9076: MozillaFirefox: select dropdown menu can be used for URL bar spoofing on e10s * [bsc#1010421] VUL-0: CVE-2016-9073: MozillaFirefox: windows.create schema doesn't specify "format" "relativeUrl" * [bsc#1010409] VUL-0: CVE-2016-9077: MozillaFirefox: Canvas filters allow feDisplacementMaps to be applied to cross-origin images, allowing timing attacks on them * [bsc#1010408] VUL-0: CVE-2016-9075: MozillaFirefox: WebExtensions can access the mozAddonManager API and use it to gain elevated privileges * [bsc#1010406] VUL-0: CVE-2016-9068: MozillaFirefox: heap-use-after-free in nsRefreshDriver * [bsc#1010405] VUL-0: CVE-2016-9067,CVE-2016-9069: MozillaFirefox: heap-use-after-free in nsINode::ReplaceOrInsertBefore * [bsc#1010399] VUL-0: CVE-2016-5292: MozillaFirefox: URL parsing causes crash * [bsc#983922] VUL-0: CVE-2016-2830: MozillaFirefox: Favicon network connection persists when page is closed * [bsc#959933] Firefox 38 can't play website mp3 sounds ------------------------------------------------------------------- Mon Oct 21 12:34:34 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Firefox Extended Support Release 68.2.0 ESR * Enterprise: New administrative policies were added. More information and templates are available at the Policy Templates page. * Fixed: Various security fixes MFSA 2019-33 (bsc#1154738) * CVE-2019-15903 (bmo#1584907) Heap overflow in expat library in XML_GetCurrentLineNumber * CVE-2019-11757 (bmo#1577107) Use-after-free when creating index updates in IndexedDB * CVE-2019-11758 (bmo#1536227) Potentially exploitable crash due to 360 Total Security * CVE-2019-11759 (bmo#1577953) Stack buffer overflow in HKDF output * CVE-2019-11760 (bmo#1577719) Stack buffer overflow in WebRTC networking * CVE-2019-11761 (bmo#1561502) Unintended access to a privileged JSONView object * CVE-2019-11762 (bmo#1582857) document.domain-based origin isolation has same-origin- property violation * CVE-2019-11763 (bmo#1584216) Incorrect HTML parsing results in XSS bypass technique * CVE-2019-11764 (bmo#1548044, bmo#1558522, bmo#1571223, bmo#1573048, bmo#1575217, bmo#1577061, bmo#1578933, bmo#1581950, bmo#1583463, bmo#1583684, bmo#1586599, bmo#1586845) Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 - removed now upstream patches: * mozilla-bmo1573381.patch * mozilla-bmo1512162.patch * mozilla-bmo1585099.patch ------------------------------------------------------------------- Fri Oct 11 12:18:38 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Add patch to lower python requirement to 3.4 in order to build on SLE-12: * mozilla-sle12-lower-python-requirement.patch ------------------------------------------------------------------- Thu Oct 10 11:44:21 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Add Provides-line for translations-common (bsc#1153423) ------------------------------------------------------------------- Tue Oct 8 12:26:41 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Moved some settings from branding-package here (bsc#1153869) - Added patch to build with rust 1.38: * mozilla-bmo1585099.patch - add patch to fix LTO build (w/o PGO): * mozilla-fix-top-level-asm.patch - remove obsolete kde.js setting (boo#1151186) and related patch: * firefox-add-kde.js-in-order-to-survive-PGO-build.patch * modified firefox-kde.patch for the removal of kde.js ------------------------------------------------------------------- Tue Sep 24 13:07:00 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Update mozilla-bmo1512162.patch to the patch now commited upstream * No more -O1 builds for ppc64le necessary - Disable DoH by default * Not yet officially active in ESR, but just to make sure ------------------------------------------------------------------- Mon Sep 19 22:06:54 UTC 2019 - Charles Robertson <cgrobertson@suse.com> - Mozilla Firefox ESR 68.1 Resolves the following bigendian s390x issues: * [bsc#1109465] Latest Firefox update not released for s390x * [bsc#1117473] Firefox segmentation fault on s390vsl082 * [bsc#1123482] openQA test fails in firefox - firefox doesn't start * [bsc#1124525] Firefox is core dumping on SLES15 s390x * [bsc#1133810] Firefox: Segmentation fault (core dumped) MFSA 2019-26 (bsc#1149323) * CVE-2019-11751 (bmo#1572838) Malicious code execution through command line parameters * CVE-2019-11746 (bmo#1564449) Use-after-free while manipulating video * CVE-2019-11744 (bmo#1562033) XSS by breaking out of title and textarea elements using innerHTML * CVE-2019-11742 (bmo#1559715) Same-origin policy violation with SVG filters and canvas to steal cross-origin images * CVE-2019-11736 (bmo#1551913, bmo#1552206) File manipulation and privilege escalation in Mozilla Maintenance Service * CVE-2019-11753 (bmo#1574980) Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location * CVE-2019-11752 (bmo#1501152) Use-after-free while extracting a key value in IndexedDB * CVE-2019-9812 (bmo#1538008, bmo#1538015) Sandbox escape through Firefox Sync * CVE-2019-11743 (bmo#1560495, bmo#https://w3c.github.io/navigation-timing) Cross-origin access to unload event attributes * CVE-2019-11748 (bmo#1564588) Persistence of WebRTC permissions in a third party context * CVE-2019-11749 (bmo#1565374) Camera information available without prompting using getUserMedia * CVE-2019-11750 (bmo#1568397) Type confusion in Spidermonkey * CVE-2019-11738 (bmo#1452037) Content security policy bypass through hash-based sources in directives * CVE-2019-11747 (bmo#1564481) 'Forget about this site' removes sites from pre-loaded HSTS list * CVE-2019-11735 (bmo#1561404, bmo#1561484, bmo#1561912, bmo#1565744, bmo#1568047, bmo#1568858, bmo#1570358) Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1 * CVE-2019-11740 (bmo#1563133, bmo#1573160) Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 - Mozilla Firefox ESR 68.0.2 * Fixed: Fixed a bug causing some special characters to be cut off from the end of the search terms when searching from the URL bar (bmo#1560228) * Fixed: Allow fonts to be loaded via file:// URLs when opening a page locally (bmo#1565942) * Fixed: Printing emails from the Outlook web app no longer prints only the header and footer (bmo#1567105) * Fixed: Fixed a bug causing some images not to be displayed on reload, including on Google Maps (bmo#1565542) * Fixed: Fixed an error when starting external applications configured as URI handlers (bmo#1567614) * Fixed: Security fixes - MFSA 2019-24 (bsc#1145665) * CVE-2019-11733 (bmo#1565780) Stored passwords in 'Saved Logins' can be copied without master password entry - Mozilla Firefox ESR 68.0.1 * macOS releases are now signed by the Apple notary service, allowing Firefox to properly run on macOS 10.15 Beta releases * Fixed missing Full Screen button when watching videos in full screen mode on HBO GO (bmo#1562837) * Fixed a bug causing incorrect messages to appear for some locales when sites try to request the use of the Storage Access API (bmo#1558503) * Users in Russian regions may have their default search engine changed (bmo#1565315) * Built-in search engines in some locales do not function correctly (bmo#1565779) * SupportMenu policy doesn't always work (bmo#1553290) * Allow the new ExtensionSettings policy to work with GPO on Windows (bmo#1553586) * Allow the privacy.file_unique_origin pref to be controlled by policy (bmo#1563759) - Mozilla Firefox ESR 68.0 * Dark mode in reader view * Improved extension security and discovery * Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences * Camera and microphone access now require an HTTPS connection MFSA 2019-21 (bsc#1140868) * CVE-2019-9811 (bmo#1523741, bmo#1538007, bmo#1539598, bmo#1539759, bmo#1563327) Sandbox escape via installation of malicious language pack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11714 (bmo#1542593) NeckoChild can trigger crash when accessed off of main thread * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11716 (bmo#1552632) globalThis not enumerable until accessed * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11718 (bmo#1408349) Activity Stream writes unsanitized content to innerHTML * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key * CVE-2019-11720 (bmo#1556230) Character encoding XSS vulnerability * CVE-2019-11721 (bmo#1256009) Domain spoofing through unicode latin 'kra' character * CVE-2019-11730 (bmo#1558299) Same-origin policy treats all files in a directory as having the same-origin * CVE-2019-11723 (bmo#1528335) Cookie leakage during add-on fetching across private browsing boundaries * CVE-2019-11724 (bmo#1512511) Retired site input.mozilla.org has remote troubleshooting permissions * CVE-2019-11725 (bmo#1483510) Websocket resources bypass safebrowsing protections * CVE-2019-11727 (bmo#1552208) PKCS#1 v1.5 signatures can be used for TLS 1.3 * CVE-2019-11728 (bmo#1552993) Port scanning through Alt-Svc header * CVE-2019-11710 (bmo#1507696, bmo#1510345, bmo#1533842, bmo#1535482, bmo#1535848, bmo#1537692, bmo#1540590, bmo#1544180, bmo#1547472, bmo#1547760, bmo#1548611, bmo#1549768, bmo#1551907) Memory safety bugs fixed in Firefox 68 * CVE-2019-11709 (bmo#1515052, bmo#1533522, bmo#1539219, bmo#1540759, bmo#1547266, bmo#1547757, bmo#1548822, bmo#1550498, bmo#1550498) Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 - removed patches that are now upstream * mozilla-bmo1375074.patch * mozilla-bmo1436242.patch * mozilla-bmo256180.patch * mozilla-i586-DecoderDoctorLogger.patch * mozilla-i586-domPrefs.patch * mozilla-bmo1464766.patch * mozilla-bigendian_bit_flags_alias.patch * mozilla-break_hanging_glxtest.patch * mozilla-glibc-getrandom.patch - removed workaround-patch for build memory consumption on i586; other mitigations meanwhile introduced (mainly parallelity) will be sufficient * mozilla-reduce-files-per-UnifiedBindings.patch - added patch to make builds reproducible * mozilla-bmo1568145.patch - added a bunch of patches mainly for big endian platforms * mozilla-bmo1504834-part1.patch * mozilla-bmo1504834-part2.patch * mozilla-bmo1504834-part3.patch * mozilla-bmo1511604.patch * mozilla-bmo1512162.patch * mozilla-bmo1554971.patch * mozilla-bmo1573381.patch * mozilla-nestegg-big-endian.patch - added patches to fix build on armv7: * mozilla-bmo1463035.patch * mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch - added patch to fix non-return function * mozilla-cubeb-noreturn.patch - added patch to fix aarch64 build: * mozilla-fix-aarch64-libopus.patch (bmo#1539737) - added patch to enable PGO for x86_64. * firefox-add-kde.js-in-order-to-survive-PGO-build.patch - added patch to reduce build-load * mozilla-reduce-rust-debuginfo.patch ------------------------------------------------------------------- Thu Sep 12 12:16:49 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Mozilla Firefox Firefox ESR 60.9 MFSA 2019-27 (bsc#1149324) * CVE-2019-11746 (bmo#1564449, bsc#1149297) Use-after-free while manipulating video * CVE-2019-11744 (bmo#1562033, bsc#1149304) XSS by breaking out of title and textarea elements using innerHTML * CVE-2019-11742 (bmo#1559715, bsc#1149303) Same-origin policy violation with SVG filters and canvas to steal cross-origin images * CVE-2019-11753 (bmo#1574980, bsc#1149295) Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location * CVE-2019-11752 (bmo#1501152, bsc#1149296) Use-after-free while extracting a key value in IndexedDB * CVE-2019-9812 (bmo#1538008, bmo#1538015, bsc#1149294) Sandbox escape through Firefox Sync * CVE-2019-11743 (bmo#1560495, bsc#1149298, https://w3c.github.io/navigation-timing) Cross-origin access to unload event attributes * CVE-2019-11740 (bmo#1563133, bmo#1573160, bsc#1149299) Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 ------------------------------------------------------------------- Tue Jul 9 22:09:02 UTC 2019 - Charles Robertson <cgrobertson@suse.com> - Mozilla Firefox Firefox ESR 60.8 MFSA 2019-22 (bsc#1140868) * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) Sandbox escape via installation of malicious language pack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key * CVE-2019-11730 (bmo#1558299) Same-origin policy treats all files in a directory as having the same-origin * CVE-2019-11709 (bmo#1515052, bmo#1533522, bmo#1539219, bmo#1540759, bmo#1547266, bmo#1547757, bmo#1548822, bmo#1550498, bmo#1550498) Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 ------------------------------------------------------------------- Fri Jun 21 06:29:56 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 (bsc#1138872) * CVE-2019-11708 (bmo#1559858) sandbox escape using Prompt:Open ------------------------------------------------------------------- Wed Jun 19 06:39:58 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Mozilla Firefox Firefox 60.7.1 MFSA 2019-18 (bsc#1138614) * CVE-2019-11707 (bmo#1544386) Type confusion in Array.pop ------------------------------------------------------------------- Tue Jun 11 11:55:58 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - Fix broken language plugins (bsc#1137792) ------------------------------------------------------------------- Thu May 23 10:19:23 UTC 2019 - Martin Sirringhaus <martin.sirringhaus@suse.com> - update to Firefox ESR 60.7 (bsc#1135824) * Font and date adjustments to accommodate the new Reiwa era in Japan * MFSA 2019-14/CVE-2019-9817 (bmo#1540221) Stealing of cross-domain images using canvas * MFSA 2019-14/CVE-2019-9800 (bmo#1499108, bmo#1499719, bmo#1516325, bmo#1532465, bmo#1533554, bmo#1534593, bmo#1535194, bmo#1535612, bmo#1538042, bmo#1538619, bmo#1538736, bmo#1540136, bmo#1540166, bmo#1541580, bmo#1542097, bmo#1542324, bmo#1546327) Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 * MFSA 2019-14/CVE-2019-9816 (bmo#1536768) Type confusion with object groups and UnboxedObjects * MFSA 2019-14/CVE-2019-9815 (bmo#1546544, bmo#https://mdsattacks.com/) Disable hyperthreading on content JavaScript threads on macOS * MFSA 2019-14/CVE-2019-11698 (bmo#1543191) Theft of user history data through drag and drop of hyperlinks to and from bookmarks * MFSA 2019-14/CVE-2019-11692 (bmo#1544670) Use-after-free removing listeners in the event listener manager * MFSA 2019-14/CVE-2019-11693 (bmo#1532525) Buffer overflow in WebGL bufferdata on Linux * MFSA 2019-14/CVE-2019-7317 (bmo#1542829) Use-after-free in png_image_free of libpng library * MFSA 2019-14/CVE-2019-9820 (bmo#1536405) Use-after-free of ChromeEventHandler by DocShell * MFSA 2019-14/CVE-2019-9818 (bmo#1542581) Use-after-free in crash generation server * MFSA 2019-14/CVE-2019-11691 (bmo#1542465) Use-after-free in XMLHttpRequest * MFSA 2019-14/CVE-2019-9819 (bmo#1532553) Compartment mismatch with fetch API * MFSA 2019-14/CVE-2019-11694 (bmo#1534196) Uninitialized memory memory leakage in Windows sandbox ------------------------------------------------------------------- Wed May 8 22:46:26 UTC 2019 - Charles Robertson <cgrobertson@suse.com> - update to 60.6.3 (bmo#1549249) * Further improvements to re-enable web extensions which had been disabled for users with a master password set. ------------------------------------------------------------------- Wed May 8 21:36:33 UTC 2019 - Charles Robertson <cgrobertson@suse.com> - update to 60.6.2 (bsc#1134126) * Repaired certificate chain to re-enable web extensions that had been disabled. ------------------------------------------------------------------- Wed Mar 27 11:35:23 UTC 2019 - cgrobertson@suse.com - Fixed translations provides ------------------------------------------------------------------- Fri Mar 22 16:58:16 UTC 2019 - cgrobertson@suse.com - update to Firefox ESR 60.6.1 (bsc#1130262) * MFSA 2019-10/CVE-2019-9813 (bmo#1538006) Ionmonkey type confusion with __proto__ mutations * MFSA 2019-10/CVE-2019-9810 (bmo#1537924) IonMonkey MArraySlice has incorrect alias information ------------------------------------------------------------------- Tue Mar 19 13:08:50 UTC 2019 - cgrobertson@suse.com - update to Firefox ESR 60.6 (bsc#1129821) * MFSA 2019-08/CVE-2018-18506 (bmo#1503393) Proxy Auto-Configuration file can define localhost access to be proxied * MFSA 2019-08/CVE-2019-9801 (bmo#1527717) Windows programs that are not 'URL Handlers' are exposed to web content * MFSA 2019-08/CVE-2019-9788 (bmo#1506665, bmo#1516834, bmo#1518001, bmo#1518774, bmo#1521214, bmo#1521304, bmo#1523362, bmo#1524214, bmo#1524755, bmo#1529203) Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 * MFSA 2019-08/CVE-2019-9790 (bmo#1525145) Use-after-free when removing in-use DOM elements * MFSA 2019-08/CVE-2019-9791 (bmo#1530958) Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey * MFSA 2019-08/CVE-2019-9792 (bmo#1532599) IonMonkey leaks JS_OPTIMIZED_OUT magic value to script * MFSA 2019-08/CVE-2019-9793 (bmo#1528829) Improper bounds checks when Spectre mitigations are disabled * MFSA 2019-08/CVE-2019-9794 (bmo#1530103) Command line arguments not discarded during execution * MFSA 2019-08/CVE-2019-9795 (bmo#1514682) Type-confusion in IonMonkey JIT compiler * MFSA 2019-08/CVE-2019-9796 (bmo#1531277) Use-after-free with SMIL animation controller - Fix for [bsc#1127987] MozillaFirefox-translations-common causing error on update ------------------------------------------------------------------- Tue Feb 26 17:49:18 UTC 2019 - cgrobertson@suse.com - Mozilla Firefox 60.5.2esr: * Fix a frequent crash when reading various Reuters news articles (bmo#1505844) ------------------------------------------------------------------- Fri Feb 15 18:39:58 UTC 2019 - cgrobertson@suse.com - Update to Firefox ESR 60.5.1 MFSA-2019-05 (bsc#1125330) * CVE-2018-18356 (bmo#1525817) A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash. * CVE-2019-5785 (bmo#1525433) An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash. * CVE-2018-18335 (bmo#1525815) A buffer overflow vulnerability in the Skia library can occur with Canvas 2D acceleration on macOS. This issue was addressed by disabling Canvas 2D acceleration in Firefox ESR. Note: this does not affect other versions and platforms where Canvas 2D acceleration is already disabled by default. ------------------------------------------------------------------- Wed Jan 30 11:59:12 UTC 2019 - cgrobertson@suse.com - Update to Firefox ESR 60.5 MFSA 2019-02 (bsc#1122983) * CVE-2018-18501 (bmo#1460619, bmo#1502871, bmo#1512450, bmo#1513201, bmo#1516514, bmo#1516738, bmo#1517542) Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5 * CVE-2018-18500 (bmo#1510114) Use-after-free parsing HTML5 stream * CVE-2018-18505 (bmo#1087565, bmo#1497749) Privilege escalation through IPC channel messages - Removed obsolete patches: [mozilla-no-stdcxx-check.patch] Applied upstream [mozilla-s390-nojit.patch] Applied upstream ------------------------------------------------------------------- Wed Jan 23 17:24:35 UTC 2019 - cgrobertson@suse.com - Revert dependency for branding package back to >= 60 due to dependency issues. ------------------------------------------------------------------- Fri Jan 18 11:12:03 UTC 2019 - cgrobertson@suse.com - Fix for language pack build error (bsc#1120374) ------------------------------------------------------------------- Fri Dec 14 19:09:16 UTC 2018 - cgrobertson@suse.com - Depend on branding package version >= 60.0 ------------------------------------------------------------------- Wed Dec 12 22:15:26 UTC 2018 - cgrobertson@suse.com - Mozilla Firefox 60.4.0esr: * Updated list of currency codes to include Unidad Previsional (UYW) (bmo#1499028) MFSA 2018-30 (bsc#1119105) * CVE-2018-17466 bmo#1488295 Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 * CVE-2018-18492 bmo#1499861 Use-after-free with select element * CVE-2018-18493 bmo#1504452 Buffer overflow in accelerated 2D canvas with Skia * CVE-2018-18494 bmo#1487964 Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs * CVE-2018-18498 bmo#1500011 Integer overflow when calculating buffer sizes for images * CVE-2018-12405 bmo#1494752 bmo#1503326 bmo#1505181 bmo#1500759 bmo#1504365 bmo#1506640 bmo#1503082 bmo#1502013 bmo#1510471 Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 - requires NSS >= 3.36.6 - Removed obsolete patch: [mozilla-update-cc-crate.patch] Applied upstream ------------------------------------------------------------------- Tue Nov 13 09:50:02 UTC 2018 - Antonio Larrosa <alarrosa@suse.com> - Keep esr in the package version suffix in order to not confuse users who might expect it. ------------------------------------------------------------------- Tue Oct 23 20:35:31 UTC 2018 - alarrosa@suse.com - Mozilla Firefox 60.3.0esr: * Various stability and regression fixes MFSA 2018-27 bsc#1112852 * CVE-2018-12392 bmo#1492823 Crash with nested event loops * CVE-2018-12393 bmo#1495011 Integer overflow during Unicode conversion while loading JavaScript * CVE-2018-12395 bmo#1467523 WebExtension bypass of domain restrictions through header rewriting * CVE-2018-12396 bmo#1483602 WebExtension content scripts can execute in disallowed contexts * CVE-2018-12397 bmo#1487478 WebExtension local file access vulnerability * CVE-2018-12389 bmo#1498460, bmo#1499198 Memory safety bugs fixed in Firefox ESR 60.3 * CVE-2018-12390 bmo#1487098 bmo#1487660 bmo#1490234 bmo#1496159 bmo#1443748 bmo#1496340 bmo#1483905 bmo#1493347 bmo#1488803 bmo#1498701 bmo#1498482 bmo#1442010 bmo#1495245 bmo#1483699 bmo#1469486 bmo#1484905 bmo#1490561 bmo#1492524 bmo#1481844 Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 - Drop mozilla-bmo1472538-update-bindgen.patch which was already merged upstream - Update mozilla-update-cc-crate.patch, since cc was updated to 1.0.9 upstream, but this patch still updates it to a newer version ------------------------------------------------------------------- Thu Oct 11 15:42:40 UTC 2018 - alarrosa@suse.com - Update create-tar.sh and source-stamp.txt as should be done with every version update. ------------------------------------------------------------------- Tue Oct 9 08:00:29 UTC 2018 - alarrosa@suse.com - Mozilla Firefox 60.2.2esr: MFSA 2018-24 * CVE-2018-12386 (bsc#1110506, bmo#1493900) Type confusion in JavaScript allowed remote code execution * CVE-2018-12387 (bsc#1110507, bmo#1493903) Array.prototype.push stack pointer vulnerability may enable exploits in the sandboxed content process - Avoid undefined behavior in IPC fd-passing code with mozilla-bmo1436242.patch (boo#1094767, bmo#1436242) - Mozilla Firefox 60.2.1esr: MFSA 2018-23 * CVE-2018-12385 (boo#1109363, bmo#1490585) Crash in TransportSecurityInfo due to cached data * CVE-2018-12383 (boo#1107343, bmo#1475775) Setting a master password did not delete unencrypted previously stored passwords * Fixed a startup crash affecting users migrating from older ESR releases * Clean up old NSS DB files after upgrading - Fix typo in README.SUSE ------------------------------------------------------------------- Tue Oct 2 16:47:17 UTC 2018 - federico@suse.com - bsc#1109465 - Add mozilla-bmo1472538-update-bindgen.patch and mozilla-update-cc-crate.patch. This fixes an endianness problem in bindgen's handling of bitfields, which was causing Firefox to crash on startup on big-endian machines. Also, updates the cc crate, which was buggy in the version that was originally vendored in. ------------------------------------------------------------------- Wed Sep 26 14:30:37 UTC 2018 - Antonio Larrosa <alarrosa@suse.com> - Apply s390 patches (mozilla-s390-nojit.patch, mozilla-s390-bigendian.patch and mozilla-s390-context.patch) only on s390x and ppc64 archs. Specially mozilla-s390-bigendian.patch should only be applied on bigendian archs, since it makes libicu use a big-endian data file. Fixes bsc#1108986 on x86_64 and other little-endian archs. ------------------------------------------------------------------- Fri Sep 7 01:01:19 UTC 2018 - pcerny@suse.com - update to Firefox ESR 60.2 (bsc#1107343, bsc#1066489) * MFSA 2018-20/CVE-2018-12381 (bmo#1435319) Dragging and dropping Outlook email message results in page navigation * MFSA 2018-20/CVE-2017-16541 (bmo#1412081) Proxy bypass using automount and autofs * MFSA 2018-20/CVE-2018-12376 (bmo#1450989, bmo#1466577, bmo#1466991, bmo#1467363, bmo#1467889, bmo#1468738, bmo#1469309, bmo#1469914, bmo#1471953, bmo#1472925, bmo#1473161, bmo#1478575, bmo#1478849, bmo#1480092, bmo#1480517, bmo#1480521, bmo#1481093, bmo#1483120) Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2 * MFSA 2018-20/CVE-2018-12377 (bmo#1470260) Use-after-free in refresh driver timers * MFSA 2018-20/CVE-2018-12378 (bmo#1459383) Use-after-free in IndexedDB * MFSA 2018-20/CVE-2018-12379 (bmo#1473113) Out-of-bounds write with malicious MAR file - removed obsolete patches: [firefox-glibc-getrandom.patch] [firefox-no-default-ualocale.patch] [mozilla-arm-disable-edsp.patch] [mozilla-language.patch] [mozilla-sle11.aptch] [mozilla-shared-nss-db.patch] [toolkit-download-folder.patch] - added patches sync with openSUSE: rename [mozilla-aarch64_register_usage.patch] to [mozilla-bmo1375074.patch] [mozilla-bmo1005535.patch] [mozilla-bmo1464766.patch] [mozilla-bmo256180.patch] [mozilla-i586-DecoderDoctorLogger.patch] [mozilla-i586-domPrefs.patch] [mozilla-glibc-getrandom.patch] additional architecture enablement: [mozilla-ppc-altivec_static_inline.patch] [mozilla-s390-context.patch] ------------------------------------------------------------------- Wed Jun 27 13:26:39 UTC 2018 - pcerny@suse.com - update to Firefox ESR 52.9 (bsc#1098998) * MFSA 2018-17/CVE-2018-5188 (bmo#1392739, bmo#1437842, bmo#1442722, bmo#1450688, bmo#1451297, bmo#1452576, bmo#1456189, bmo#1456975, bmo#1458048, bmo#1458264, bmo#1458270, bmo#1463494, bmo#1464063, bmo#1464079, bmo#1464829, bmo#1465108, bmo#1465898) Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9 * MFSA 2018-17/CVE-2018-12368 (bmo#1468217, bmo#https://posts.specterops.io/the-tale-of- settingcontent-ms-files-f1ea253e4d39) No warning when opening executable SettingContent-ms files * MFSA 2018-17/CVE-2018-12366 (bmo#1464039) Invalid data handling during QCMS transformations * MFSA 2018-17/CVE-2018-12365 (bmo#1459206) Compromised IPC child process can list local filenames * MFSA 2018-17/CVE-2018-12364 (bmo#1436241) CSRF attacks through 307 redirects and NPAPI plugins * MFSA 2018-17/CVE-2018-12363 (bmo#1464784) Use-after-free when appending DOM nodes * MFSA 2018-17/CVE-2018-12362 (bmo#1452375) Integer overflow in SSSE3 scaler * MFSA 2018-17/CVE-2018-12360 (bmo#1459693) Use-after-free when using focus() * MFSA 2018-17/CVE-2018-5156 (bmo#1453127) Media recorder segmentation fault when track type is changed during capture * MFSA 2018-17/CVE-2018-12359 (bmo#1459162) Buffer overflow using computed size of canvas element ------------------------------------------------------------------- Thu Jun 7 12:42:46 UTC 2018 - pcerny@suse.com - update to Firefox 52.8.1 (bsc#1096449) * MFSA 2018-14/CVE-2018-6126 (bmo#1462682) Heap buffer overflow rasterizing paths in SVG with Skia ------------------------------------------------------------------- Thu May 10 19:43:25 UTC 2018 - pcerny@suse.com - update to Firefox ESR 52.8 (bsc#1092548) * MFSA 2018-12/CVE-2018-5159 (bmo#1441941) Integer overflow and out-of-bounds write in Skia * MFSA 2018-12/CVE-2018-5158 (bmo#1452075) Malicious PDF can inject JavaScript into PDF Viewer * MFSA 2018-12/CVE-2018-5174 (bmo#1447080) Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update * MFSA 2018-12/CVE-2018-5168 (bmo#1449548) Lightweight themes can be installed without user interaction * MFSA 2018-12/CVE-2018-5150 (bmo#1388020, bmo#1393367, bmo#1409440, bmo#1411415, bmo#1426129, bmo#1433609, bmo#1444668, bmo#1448705, bmo#1451376, bmo#1452202) Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 * MFSA 2018-12/CVE-2018-5155 (bmo#1448774) Use-after-free with SVG animations and text paths * MFSA 2018-12/CVE-2018-5183 (bmo#1454692) Backport critical security fixes in Skia * MFSA 2018-12/CVE-2018-5157 (bmo#1449898) Same-origin bypass of PDF Viewer to view protected PDF files * MFSA 2018-12/CVE-2018-5154 (bmo#1443092) Use-after-free with SVG animations and clip paths * MFSA 2018-12/CVE-2018-5178 (bmo#1443891) Buffer overflow during UTF-8 to Unicode string conversion through legacy extension - speed up dependency genertation and locales packaging ------------------------------------------------------------------- Tue Mar 27 21:32:47 UTC 2018 - pcerny@suse.com - update to Firefox 59.0.2 (bsc#1087059) * MFSA 2018-10/CVE-2018-5148 (bmo#1440717) Use-after-free in compositor - remove obsolete [mozilla-libtremor_overflows.patch] ------------------------------------------------------------------- Fri Mar 16 21:48:42 UTC 2018 - pcerny@suse.com - update to Firefox 52.7.2 (bsc#1085671) * MFSA 2018-08/CVE-2018-5146 (bmo#1446062) Out of bounds memory write in libvorbis Extra patch for libtremor used on soft-float architectures [mozilla-libtremor_overflows.patch] * MFSA 2018-08/CVE-2018-5147 (bmo#1446365) Out of bounds memory write in libtremor ------------------------------------------------------------------- Wed Mar 14 17:00:02 UTC 2018 - pcerny@suse.com - update to Firefox ESR 52.7 (bsc#1085130) * MFSA 2018-07/CVE-2018-5131 (bmo#1440775) Fetch API improperly returns cached copies of no-store/no- cache resources * MFSA 2018-07/CVE-2018-5130 (bmo#1433005) Mismatched RTP payload type can trigger memory corruption * MFSA 2018-07/CVE-2018-5129 (bmo#1428947) Out-of-bounds write with malformed IPC messages * MFSA 2018-07/CVE-2018-5125 (bmo#1324042, bmo#1416529, bmo#1425520, bmo#1426988, bmo#1434384, bmo#1434580, bmo#1437087, bmo#1437450, bmo#1437507, bmo#1438425, bmo#1443865) Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 * MFSA 2018-07/CVE-2018-5127 (bmo#1430557) Buffer overflow manipulating SVG animatedPathSegList * MFSA 2018-07/CVE-2018-5144 (bmo#1440926) Integer overflow during Unicode conversion * MFSA 2018-07/CVE-2018-5145 (bmo#1261175, bmo#1348955) Memory safety bugs fixed in Firefox ESR 52.7 ------------------------------------------------------------------- Wed Jan 24 22:14:50 UTC 2018 - pcerny@suse.com - update to Firefox ESR 52.6 (bsc#1077291) * MFSA 2018-02/CVE-2018-5091 (bmo#1423086) Use-after-free with DTMF timers * MFSA 2018-02/CVE-2018-5095 (bmo#1418447) Integer overflow in Skia library during edge builder allocation * MFSA 2018-02/CVE-2018-5096 (bmo#1418922) Use-after-free while editing form elements * MFSA 2018-02/CVE-2018-5097 (bmo#1387427) Use-after-free when source document is manipulated during XSLT * MFSA 2018-02/CVE-2018-5098 (bmo#1399400) Use-after-free while manipulating form input elements * MFSA 2018-02/CVE-2018-5099 (bmo#1416878) Use-after-free with widget listener * MFSA 2018-02/CVE-2018-5104 (bmo#1425000) Use-after-free during font face manipulation * MFSA 2018-02/CVE-2018-5089 (bmo#1224396, bmo#1331209, bmo#1382366, bmo#1399520, bmo#1408017, bmo#1408276, bmo#1409951, bmo#1410134, bmo#1412145, bmo#1412420, bmo#1414452, bmo#1415582, bmo#1415598, bmo#1417797, bmo#1418854, bmo#1422389, bmo#1425612, bmo#1425780, bmo#1426783, bmo#1428589) Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6 * MFSA 2018-02/CVE-2018-5117 (bmo#1395508) URL spoofing with right-to-left text aligned left-to-right * MFSA 2018-02/CVE-2018-5102 (bmo#1419363) Use-after-free in HTML media elements * MFSA 2018-02/CVE-2018-5103 (bmo#1423159) Use-after-free during mouse event handling ------------------------------------------------------------------- Thu Nov 16 16:36:42 UTC 2017 - pcerny@suse.com - update to Firefox ESR 52.5 (bsc#1068101) * MFSA 2017-25/CVE-2017-7826 (bmo#1261175, bmo#1339259, bmo#1369561, bmo#1375146, bmo#1387799, bmo#1393840, bmo#1394265, bmo#1394530, bmo#1395138, bmo#1397811, bmo#1400003, bmo#1400554, bmo#1400763, bmo#1401804, bmo#1404636, bmo#1406398, bmo#1407740, bmo#1407751, bmo#1408005, bmo#1408412, bmo#1411458) Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5 * MFSA 2017-25/CVE-2017-7830 (bmo#1408990) Cross-origin URL information leak through Resource Timing API * MFSA 2017-25/CVE-2017-7828 (bmo#1406750, bmo#1412252) Use-after-free of PressShell while restyling layout ------------------------------------------------------------------- Fri Sep 29 07:50:37 UTC 2017 - pcerny@suse.com - update to Firefox ESR 52.4 (bsc#1060445) * MFSA 2017-22/CVE-2017-7825 (bmo#1390980, bmo#1393624) OS X fonts render some Tibetan and Arabic unicode characters as spaces * MFSA 2017-22/CVE-2017-7805 (bmo#1377618) Use-after-free in TLS 1.2 generating handshake hashes * MFSA 2017-22/CVE-2017-7819 (bmo#1380292) Use-after-free while resizing images in design mode * MFSA 2017-22/CVE-2017-7818 (bmo#1363723) Use-after-free during ARIA array manipulation * MFSA 2017-22/CVE-2017-7793 (bmo#1371889) Use-after-free with Fetch API * MFSA 2017-22/CVE-2017-7824 (bmo#1398381) Buffer overflow when drawing and validating elements with ANGLE * MFSA 2017-22/CVE-2017-7810 (bmo#1360334, bmo#1371657, bmo#1380824, bmo#1386787, bmo#1387918, bmo#1389974, bmo#1390550, bmo#1395598) Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 * MFSA 2017-22/CVE-2017-7823 (bmo#1396320) CSP sandbox directive did not create a unique origin * MFSA 2017-22/CVE-2017-7814 (bmo#1376036) Blob and data URLs bypass phishing and malware protection warnings ------------------------------------------------------------------- Tue Aug 8 18:20:15 UTC 2017 - pcerny@suse.com - update to Firefox ESR 52.3 (bsc#1052829) * MFSA 2017-19/CVE-2017-7807 (bmo#1376459) Domain hijacking through AppCache fallback * MFSA 2017-19/CVE-2017-7791 (bmo#1365875) Spoofing following page navigation with data: protocol and modal alerts * MFSA 2017-19/CVE-2017-7792 (bmo#1368652) Buffer overflow viewing certificates with an extremely long OID * MFSA 2017-19/CVE-2017-7782 (bmo#1344034) WindowsDllDetourPatcher allocates memory without DEP protections * MFSA 2017-19/CVE-2017-7787 (bmo#1322896) Same-origin policy bypass with iframes through page reloads * MFSA 2017-19/CVE-2017-7786 (bmo#1365189) Buffer overflow while painting non-displayable SVG * MFSA 2017-19/CVE-2017-7785 (bmo#1356985) Buffer overflow manipulating ARIA attributes in DOM * MFSA 2017-19/CVE-2017-7784 (bmo#1376087) Use-after-free with image observers * MFSA 2017-19/CVE-2017-7753 (bmo#1353312) Out-of-bounds read with cached style data and pseudo-elements * MFSA 2017-19/CVE-2017-7798 (bmo#1371586, bmo#1372112) XUL injection in the style editor in devtools * MFSA 2017-19/CVE-2017-7804 (bmo#1372849) Memory protection bypass through WindowsDllDetourPatcher * MFSA 2017-19/CVE-2017-7779 (bmo#1321384, bmo#1346590, bmo#1354443, bmo#1362924, bmo#1366903, bmo#1368030, bmo#1368105, bmo#1368362, bmo#1368576, bmo#1369913, bmo#1369994, bmo#1371283, bmo#1371424, bmo#1371890, bmo#1372985, bmo#1373220, bmo#1378826, bmo#1380426, bmo#1383002) Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3 * MFSA 2017-19/CVE-2017-7800 (bmo#1374047) Use-after-free in WebSockets during disconnection * MFSA 2017-19/CVE-2017-7801 (bmo#1371259) Use-after-free with marquee during window resizing * MFSA 2017-19/CVE-2017-7802 (bmo#1378147) Use-after-free resizing image elements * MFSA 2017-19/CVE-2017-7803 (bmo#1377426) CSP containing 'sandbox' improperly applied ------------------------------------------------------------------- Wed Jun 14 22:49:23 UTC 2017 - cgrobertson@suse.com - update to Firefox ESR 52.2 (bsc#1043960) * MFSA 2017-16/CVE-2017-7758 (bmo#1368490) Out-of-bounds read in Opus encoder * MFSA 2017-16/CVE-2017-7749 (bmo#1355039) Use-after-free during docshell reloading * MFSA 2017-16/CVE-2017-7751 (bmo#1363396) Use-after-free with content viewer listeners * MFSA 2017-16/CVE-2017-5472 (bmo#1365602) Use-after-free using destroyed node when regenerating trees * MFSA 2017-16/CVE-2017-5470 (bmo#1297111, bmo#1325513, bmo#1342552, bmo#1342567, bmo#1346012, bmo#1347748, bmo#1348424, bmo#1349266, bmo#1349595, bmo#1352093, bmo#1352295, bmo#1352556, bmo#1356025, bmo#1357462, bmo#1359639, bmo#1362590, bmo#1363280, bmo#1366140, bmo#1367692, bmo#1368732) Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2 * MFSA 2017-16/CVE-2017-7752 (bmo#1359547) Use-after-free with IME input * MFSA 2017-16/CVE-2017-7750 (bmo#1356558) Use-after-free with track elements * MFSA 2017-16/CVE-2017-7768 (bmo#1336979) 32 byte arbitrary file read through Mozilla Maintenance Service * MFSA 2017-16/CVE-2017-7778 (bmo#1349310, bmo#1350047, bmo#1352745, bmo#1352747, bmo#1355174, bmo#1355182, bmo#1356607, bmo#1358551) Vulnerabilities in the Graphite 2 library * MFSA 2017-16/CVE-2017-7754 (bmo#1357090) Out-of-bounds read in WebGL with ImageInfo object * MFSA 2017-16/CVE-2017-7755 (bmo#1361326) Privilege escalation through Firefox Installer with same directory DLL files * MFSA 2017-16/CVE-2017-7756 (bmo#1366595) Use-after-free and use-after-scope logging XHR header errors * MFSA 2017-16/CVE-2017-7757 (bmo#1356824) Use-after-free in IndexedDB * MFSA 2017-16/CVE-2017-7761 (bmo#1215648, bmo#https://sourceforge.net/p/nsis/bugs/1125/) File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application * MFSA 2017-16/CVE-2017-7763 (bmo#1360309) Mac fonts render some unicode characters as spaces * MFSA 2017-16/CVE-2017-7765 (bmo#1273265) Mark of the Web bypass when saving executable files * MFSA 2017-16/CVE-2017-7764 (bmo#1364283, bmo#http://www.unicode.org/reports/tr31/tr31-26 .html#Aspirational_Use_Scripts) Domain spoofing with combination of Canadian Syllabics and other unicode blocks ------------------------------------------------------------------- Thu May 25 17:26:36 UTC 2017 - cgrobertson@suse.com - update to Firefox ESR 52.1 (bsc#1035082) * MFSA 2017-12/CVE-2016-10196 (bmo#1343453) Vulnerabilities in Libevent library * MFSA 2017-12/CVE-2017-5443 (bmo#1342661) Out-of-bounds write during BinHex decoding * MFSA 2017-12/CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894, bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088,) Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 * MFSA 2017-12/CVE-2017-5464 (bmo#1347075) Memory corruption with accessibility and DOM manipulation * MFSA 2017-12/CVE-2017-5465 (bmo#1347617) Out-of-bounds read in ConvolvePixel * MFSA 2017-12/CVE-2017-5466 (bmo#1353975) Origin confusion when reloading isolated data:text/html URL * MFSA 2017-12/CVE-2017-5467 (bmo#1347262) Memory corruption when drawing Skia content * MFSA 2017-12/CVE-2017-5460 (bmo#1343642) Use-after-free in frame selection * MFSA 2017-12/CVE-2017-5461 (bmo#1344380) Out-of-bounds write in Base64 encoding in NSS * MFSA 2017-12/CVE-2017-5448 (bmo#1346648) Out-of-bounds write in ClearKeyDecryptor * MFSA 2017-12/CVE-2017-5449 (bmo#1340127) Crash during bidirectional unicode manipulation with animation * MFSA 2017-12/CVE-2017-5446 (bmo#1343505) Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data * MFSA 2017-12/CVE-2017-5447 (bmo#1343552) Out-of-bounds read during glyph processing * MFSA 2017-12/CVE-2017-5444 (bmo#1344461) Buffer overflow while parsing application/http-index-format content * MFSA 2017-12/CVE-2017-5445 (bmo#1344467) Uninitialized values used while parsing application/http- index-format content * MFSA 2017-12/CVE-2017-5442 (bmo#1347979) Use-after-free during style changes * MFSA 2017-12/CVE-2017-5469 (bmo#1292534) Potential Buffer overflow in flex-generated code * MFSA 2017-12/CVE-2017-5440 (bmo#1336832) Use-after-free in txExecutionState destructor during XSLT processing * MFSA 2017-12/CVE-2017-5441 (bmo#1343795) Use-after-free with selection during scroll events * MFSA 2017-12/CVE-2017-5439 (bmo#1336830) Use-after-free in nsTArray Length() during XSLT processing * MFSA 2017-12/CVE-2017-5438 (bmo#1336828) Use-after-free in nsAutoPtr during XSLT processing * MFSA 2017-12/CVE-2017-5436 (bmo#1345461) Out-of-bounds write with malicious font in Graphite 2 * MFSA 2017-12/CVE-2017-5435 (bmo#1350683) Use-after-free during transaction processing in the editor * MFSA 2017-12/CVE-2017-5434 (bmo#1349946) Use-after-free during focus handling * MFSA 2017-12/CVE-2017-5433 (bmo#1347168) Use-after-free in SMIL animation functions * MFSA 2017-12/CVE-2017-5432 (bmo#1346654) Use-after-free in text input selection * MFSA 2017-12/CVE-2017-5430 (bmo#1329796, bmo#1337418, bmo#1339722, bmo#1340482, bmo#1342101, bmo#1344081, bmo#1344305, bmo#1344686, bmo#1346140, bmo#1346419, bmo#1348143, bmo#1349621, bmo#1349719, bmo#1353476) Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1 * MFSA 2017-12/CVE-2017-5459 (bmo#1333858) Buffer overflow in WebGL * MFSA 2017-12/CVE-2017-5462 (bmo#1345089) DRBG flaw in NSS * MFSA 2017-12/CVE-2017-5455 (bmo#1341191) Sandbox escape through internal feed reader APIs * MFSA 2017-12/CVE-2017-5454 (bmo#1349276) Sandbox escape allowing file system read access through file picker * MFSA 2017-12/CVE-2017-5456 (bmo#1344415) Sandbox escape allowing local file system access * MFSA 2017-12/CVE-2017-5451 (bmo#1273537) Addressbar spoofing with onblur event - Removed obsolete patches fixed upstream: [mozilla-repo.patch, mozilla-skia-be-le.patch, mozilla-libproxy.patch, mozilla-aarch64-48bit-va.patch, mozilla-aarch64-4k-page-size.patch, mozilla-aarch64-nojit-1.patch, mozilla-aarch64-nojit-2.patch, mozilla-fullscreen_part_1.patch, mozilla-fullscreen_part_2.patch, mozilla-fullscreen_part_3.patch, mozilla-protected_symbols.patch, mozilla-flex_buffer_overrun.patch, mozilla-disable-webm-dependencies.patch, mozilla-disable-ogg.patch, firefox-kde-114.patch] - Added patches: [mozilla-aarch64_getrandom.patch] [mozilla-s390-bigendian.patch] (bmo#1322212 and bmo#1264836) - Added file [icudt58b.dat] ICU big-endian data file for big-endian builds ------------------------------------------------------------------- Thu Apr 20 09:59:07 UTC 2017 - pcerny@suse.com - update to Firefox ESR 45.9 (bsc#1035082) * MFSA 2017-11/CVE-2017-5469 (bmo#1292534) Potential Buffer overflow in flex-generated code * MFSA 2017-11/CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894, bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088,) Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 * MFSA 2017-11/CVE-2017-5439 (bmo#1336830) Use-after-free in nsTArray Length() during XSLT processing * MFSA 2017-11/CVE-2017-5438 (bmo#1336828) Use-after-free in nsAutoPtr during XSLT processing * MFSA 2017-11/CVE-2017-5437 (bmo#1343453) Vulnerabilities in Libevent library * MFSA 2017-11/CVE-2017-5436 (bmo#1345461) Out-of-bounds write with malicious font in Graphite 2 * MFSA 2017-11/CVE-2017-5435 (bmo#1350683) Use-after-free during transaction processing in the editor * MFSA 2017-11/CVE-2017-5434 (bmo#1349946) Use-after-free during focus handling * MFSA 2017-11/CVE-2017-5433 (bmo#1347168) Use-after-free in SMIL animation functions * MFSA 2017-11/CVE-2017-5432 (bmo#1346654) Use-after-free in text input selection * MFSA 2017-11/CVE-2017-5464 (bmo#1347075) Memory corruption with accessibility and DOM manipulation * MFSA 2017-11/CVE-2017-5465 (bmo#1347617) Out-of-bounds read in ConvolvePixel * MFSA 2017-11/CVE-2017-5460 (bmo#1343642) Use-after-free in frame selection * MFSA 2017-11/CVE-2017-5461 (bmo#1344380) Out-of-bounds write in Base64 encoding in NSS * MFSA 2017-11/CVE-2017-5448 (bmo#1346648) Out-of-bounds write in ClearKeyDecryptor * MFSA 2017-11/CVE-2017-5446 (bmo#1343505) Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data * MFSA 2017-11/CVE-2017-5447 (bmo#1343552) Out-of-bounds read during glyph processing * MFSA 2017-11/CVE-2017-5444 (bmo#1344461) Buffer overflow while parsing application/http-index-format content * MFSA 2017-11/CVE-2017-5445 (bmo#1344467) Uninitialized values used while parsing application/http- index-format content * MFSA 2017-11/CVE-2017-5442 (bmo#1347979) Use-after-free during style changes * MFSA 2017-11/CVE-2017-5443 (bmo#1342661) Out-of-bounds write during BinHex decoding * MFSA 2017-11/CVE-2017-5440 (bmo#1336832) Use-after-free in txExecutionState destructor during XSLT processing * MFSA 2017-11/CVE-2017-5441 (bmo#1343795) Use-after-free with selection during scroll events * MFSA 2017-11/CVE-2017-5462 (bmo#1345089) DRBG flaw in NSS * MFSA 2017-11/CVE-2017-5459 (bmo#1333858) Buffer overflow in WebGL ------------------------------------------------------------------- Wed Mar 8 00:01:39 UTC 2017 - pcerny@suse.com - update to Firefox ESR 45.8 (bsc#1028391) * MFSA 2017-06/CVE-2017-5402 (bmo#1334876) Use-after-free working with events in FontFace objects * MFSA 2017-06/CVE-2017-5410 (bmo#1330687) Memory corruption during JavaScript garbage collection incremental sweeping * MFSA 2017-06/CVE-2017-5400 (bmo#1334933) asm.js JIT-spray bypass of ASLR and DEP * MFSA 2017-06/CVE-2017-5401 (bmo#1328861) Memory Corruption when handling ErrorResult * MFSA 2017-06/CVE-2017-5407 (bmo#1336622) Pixel and history stealing via floating-point timing side channel with SVG filters * MFSA 2017-06/CVE-2017-5404 (bmo#1340138) Use-after-free working with ranges in selections * MFSA 2017-06/CVE-2017-5405 (bmo#1336699) FTP response codes can cause use of uninitialized values for ports * MFSA 2017-06/CVE-2017-5408 (bmo#1313711) Cross-origin reading of video captions in violation of CORS * MFSA 2017-06/CVE-2017-5409 (bmo#1321814) File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service * MFSA 2017-06/CVE-2017-5398 (bmo#1321612, bmo#1322971, bmo#1324379, bmo#1325052, bmo#1332550, bmo#1332597, bmo#1333568, bmo#1333887, bmo#1335450, bmo#1336510, bmo#1338383) Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8 ------------------------------------------------------------------- Wed Jan 25 22:09:27 UTC 2017 - pcerny@suse.com - update to Firefox ESR 45.7 (bsc#1021991) * MFSA 2017-02/CVE-2017-5378 (bsc#1021818) (bmo#1312001, bmo#1330769) Pointer and frame data leakage of Javascript objects * MFSA 2017-02/CVE-2017-5396 (bsc#1021821) (bmo#1329403) Use-after-free with Media Decoder * MFSA 2017-02/CVE-2017-5386 (bsc#1021823) (bmo#1319070) WebExtensions can use data: protocol to affect other extensions * MFSA 2017-02/CVE-2017-5380 (bsc#1021819) (bmo#1322107) Potential use-after-free during DOM manipulations * MFSA 2017-02/CVE-2017-5390 (bsc#1021820) (bmo#1297361) Insecure communication methods in Developer Tools JSON viewer * MFSA 2017-02/CVE-2017-5373 (bsc#1021824) (bmo#1285833, bmo#1285960, bmo#1322315, bmo#1322420, bmo#1325877, bmo#1325938, bmo#1328251, bmo#1328834, bmo#1331058) Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 * MFSA 2017-02/CVE-2017-5375 (bsc#1021814) (bmo#1325200) Excessive JIT code allocation allows bypass of ASLR and DEP * MFSA 2017-02/CVE-2017-5376 (bsc#1021817) (bmo#1311687) Use-after-free in XSL * MFSA 2017-02/CVE-2017-5383 (bsc#1021822) (bmo#1323338, bmo#1324716) Location bar spoofing with unicode characters ------------------------------------------------------------------- Wed Dec 14 16:00:03 UTC 2016 - pcerny@suse.com - update to Firefox ESR 45.6 (bsc#1015422) * MFSA 2016-95/CVE-2016-9897 (bmo#1301381) Memory corruption in libGLES * MFSA 2016-95/CVE-2016-9901 (bmo#1320057) Data from Pocket server improperly sanitized before execution * MFSA 2016-95/CVE-2016-9898 (bmo#1314442) Use-after-free in Editor while manipulating DOM subtrees * MFSA 2016-95/CVE-2016-9899 (bmo#1317409) Use-after-free while manipulating DOM events and audio elements * MFSA 2016-95/CVE-2016-9904 (bmo#1317936) Cross-origin information leak in shared atoms * MFSA 2016-95/CVE-2016-9905 (bmo#1293985) Crash in EnumerateSubDocuments * MFSA 2016-95/CVE-2016-9895 (bmo#1312272) CSP bypass using marquee tag * MFSA 2016-95/CVE-2016-9900 (bmo#1319122) Restricted external resources can be loaded by SVG images through data URLs * MFSA 2016-95/CVE-2016-9893 (bmo#1287912, bmo#1298773, bmo#1299098, bmo#1309834, bmo#1312548, bmo#1312609, bmo#1313212, bmo#1315631, bmo#1317805, bmo#1319524) Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6 * MFSA 2016-95/CVE-2016-9902 (bmo#1320039) Pocket extension does not validate the origin of events ------------------------------------------------------------------- Thu Dec 1 10:47:58 UTC 2016 - pcerny@suse.com - update to Firefox ESR 45.5.1 (bsc#1012964) * MFSA 2016-92/CVE-2016-9079 (bmo#1321066) Use-after-free in SVG Animation ------------------------------------------------------------------- Tue Nov 15 23:48:00 UTC 2016 - pcerny@suse.com - update to Firefox ESR 45.5 (bsc#1009026) * CVE-2016-5297: Incorrect argument length checking in Javascript (bsc#1010401) * CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (bsc#1010404) * CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1 (bsc#1010395) * CVE-2016-9064: Addons update must verify IDs match between current and new versions (bsc#1010402) * CVE-2016-5290: Memory safety bugs fixed in Firefox 50 and Firefox ESR 45.5 (bsc#1010427) * CVE-2016-5291: Same-origin policy violation using local HTML file and saved shortcut file (bsc#1010410) - fix fullscreen mode with some window managers (bsc#992549) [mozilla-fullscreen_part_1.patch, mozilla-fullscreen_part_2.patch, mozilla-fullscreen_part_3.patch] ------------------------------------------------------------------- Fri Oct 7 09:46:10 UTC 2016 - astieger@suse.com - document patched dropped in previous update: * removed mozilla-libproxy.patch, upstream * removed firefox-kde-114.patch, is not applied on SLE 12, functionality contained in firefox-kde.patch ------------------------------------------------------------------- Wed Sep 21 19:14:38 UTC 2016 - cgrobertson@novell.com - update to Firefox 45.4.0 ESR (bsc#999701) * MFSA 2016-86/CVE-2016-5270 (bmo#1291016) Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString * MFSA 2016-86/CVE-2016-5272 (bmo#1297934) Bad cast in nsImageGeometryMixin * MFSA 2016-86/CVE-2016-5276 (bmo#1287721) Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList * MFSA 2016-86/CVE-2016-5274 (bmo#1282076) use-after-free in nsFrameManager::CaptureFrameState * MFSA 2016-86/CVE-2016-5277 (bmo#1291665) Heap-use-after-free in nsRefreshDriver::Tick * MFSA 2016-86/CVE-2016-5278 (bmo#1294677) Heap-buffer-overflow in nsBMPEncoder::AddImageFrame * MFSA 2016-86/CVE-2016-5280 (bmo#1289970) Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap * MFSA 2016-86/CVE-2016-5281 (bmo#1284690) use-after-free in DOMSVGLength * MFSA 2016-86/CVE-2016-5284 (bmo#1303127) Add-on update site certificate pin expiration * MFSA 2016-86/CVE-2016-5250 (bmo#1254688) Resource Timing API is storing resources sent by the previous page * MFSA 2016-86/CVE-2016-5261 (bmo#1287266) Integer overflow and memory corruption in WebSocketChannel * MFSA 2016-86/CVE-2016-5257 (bmo#1277213, bmo#1287204, bmo#1288555, bmo#1288588, bmo#1288780, bmo#1289280, bmo#1293347, bmo#1294095, bmo#1294407) Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 ------------------------------------------------------------------- Wed Sep 14 20:39:11 UTC 2016 - cgrobertson@novell.com - Fix for aarch64 Firefox startup crash (bsc#991344) ------------------------------------------------------------------- Thu Aug 4 21:41:56 UTC 2016 - pcerny@suse.com - update to Firefox 45.3.0 ESR (bsc#991809) * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 (bmo#822081, bmo#1154923, bmo#1249578, bmo#1257765, bmo#1258079, bmo#1268626, bmo#1282502, bmo#1283823) Miscellaneous memory safety hazards (rv:48.0 / rv:45.3) * MFSA 2016-63/CVE-2016-2830 (bmo#1255270) Favicon network connection can persist when page is closed * MFSA 2016-64/CVE-2016-2838 (bmo#1279814) Buffer overflow rendering SVG with bidirectional content * MFSA 2016-65/CVE-2016-2839 (bmo#1275339) Cairo rendering crash due to memory allocation issue with FFmpeg 0.10 * MFSA 2016-67/CVE-2016-5252 (bmo#1268854) Stack underflow during 2D graphics rendering * MFSA 2016-70/CVE-2016-5254 (bmo#1266963) Use-after-free when using alt key and toplevel menus * MFSA 2016-72/CVE-2016-5258 (bmo#1279146) Use-after-free in DTLS during WebRTC session shutdown * MFSA 2016-73/CVE-2016-5259 (bmo#1282992) Use-after-free in service workers with nested sync events * MFSA 2016-76/CVE-2016-5262 (bmo#1277475) Scripts on marquee tag can execute in sandboxed iframes * MFSA 2016-77/CVE-2016-2837 (bmo#1274637) Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback * MFSA 2016-78/CVE-2016-5263 (bmo#1276897) Type confusion in display transformation * MFSA 2016-79/CVE-2016-5264 (bmo#1286183) Use-after-free when applying SVG effects * MFSA 2016-80/CVE-2016-5265 (bmo#1278013) Same-origin policy violation using local HTML file and saved shortcut file - Fix for possible buffer overrun (bsc#990856) CVE-2016-6354 (bmo#1292534) ------------------------------------------------------------------- Tue Jun 7 17:33:56 UTC 2016 - pcerny@suse.com - update to Firefox 45.2.0 ESR (bsc#983549) * MFSA 2016-49/CVE-2016-2815/CVE-2016-2818 (bsc#983638) (bmo#1234147, bmo#1256493, bmo#1256739, bmo#1256968, bmo#1261230, bmo#1261752, bmo#1263384, bmo#1264575, bmo#1265577, bmo#1267130, bmo#1269729, bmo#1273202, bmo#1273701) Miscellaneous memory safety hazards (rv:47.0 / rv:45.2) * MFSA 2016-50/CVE-2016-2819 (bsc#983655) (bmo#1270381) Buffer overflow parsing HTML5 fragments * MFSA 2016-51/CVE-2016-2821 (bsc#983653) (bmo#1271460) Use-after-free deleting tables from a contenteditable document * MFSA 2016-52/CVE-2016-2822 (bsc#983652) (bmo#1273129) Addressbar spoofing though the SELECT element * MFSA 2016-53/CVE-2016-2824 (bsc#983651) (bmo#1248580) Out-of-bounds write with WebGL shader * MFSA 2016-56/CVE-2016-2828 (bsc#983646) (bmo#1223810) Use-after-free when textures are used in WebGL operations after recycle pool destruction * MFSA 2016-58/CVE-2016-2831 (bsc#983643) (bmo#1261933) Entering fullscreen and persistent pointerlock without user permission - use system myspell directly (remove add-plugins.sh) - all extensions must now be signed by addons.mozilla.org; read README.SUSE for more details - Fix crashes on aarch64 * Determine page size at runtime (bsc#984006) * Allow aarch64 to work in safe mode (bsc#985659) [mozilla-aarch64-48bit-va.patch] (bmo#1143022) [mozilla-aarch64-4k-page-size.patch] (bmo#1091515) [mozilla-aarch64-nojit-1.patch] (bmo#1253216) [mozilla-aarch64-nojit-2.patch] (bmo#1257055) - fix crashes on mainframes [mozilla-s390-nojit.patch] ------------------------------------------------------------------- Wed Apr 27 18:57:49 UTC 2016 - pcerny@suse.com - update to Firefox 38.8.0 ESR (bsc#977333) * MFSA 2016-39/CVE-2016-2805/CVE-2016-2807 (bsc#977374, bsc#977376) (bmo#1241731, bmo#1187420, bmo#1252707, bmo#1254164, bmo#1254622, bmo#1254876) Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8) * MFSA 2016-44/CVE-2016-2814 (bsc#977381) (bmo#1254721) Buffer overflow in libstagefright with CENC offsets * MFSA 2016-47/CVE-2016-2808 (bsc#977386) (bmo#1246061) Write to invalid HashMap entry through JavaScript.watch() ------------------------------------------------------------------- Tue Mar 8 23:24:47 UTC 2016 - pcerny@suse.com - update to Firefox 38.7.0 ESR (bsc#969894) * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 (bmo#1199171, bmo#1205163, bmo#1207958, bmo#1224361, bmo#1224363, bmo#1224369, bmo#1225618, bmo#1234425, bmo#1236519, bmo#1238558, bmo#1238935, bmo#1241731, bmo#1243555, bmo#1243583, bmo#1245866, bmo#1247236, bmo#1248794, bmo#1123661, bmo#1221872, bmo#1224979, bmo#1234578, bmo#1241217, bmo#1242279, bmo#1244250, bmo#1244995, bmo#1249685) Miscellaneous memory safety hazards (rv:45.0 / rv:38.7) * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) Local file overwriting and potential privilege escalation through CSP reports * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) Memory leak in libstagefright when deleting an array during MP4 processing * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) Displayed page address can be overridden * MFSA 2016-23/CVE-2016-1960 (bmo#1246014) Use-after-free in HTML5 string parser * MFSA 2016-24/CVE-2016-1961 (bmo#1249377) Use-after-free in SetBody * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) Use-after-free when using multiple WebRTC data channels * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) Use-after-free during XML transformations * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) Addressbar spoofing though history navigation and Location protocol property * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) Memory corruption with malicious NPAPI plugin * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) Out-of-bounds read in HTML parser following a failed allocation * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) Buffer overflow during ASN.1 decoding in NSS * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 (bmo#1249920, bmo#1249338, bmo#1243816, bmo#1248805, bmo#1243482, bmo#1249081, bmo#1243513, bmo#1243526, bmo#1243473, bmo#1243464, bmo#1243597, bmo#1243823, bmo#1248804, bmo#1248876) Font vulnerabilities in the Graphite 2 library - remove obsolete mozilla-ppc.patch ------------------------------------------------------------------- Tue Feb 16 23:11:52 UTC 2016 - pcerny@suse.com - update to Firefox 38.6.1 ESR (bsc#967087) * MFSA 2016-14/CVE-2016-1523 (bmo#1246093) Vulnerabilities in Graphite 2 ------------------------------------------------------------------- Wed Jan 27 00:02:33 UTC 2016 - pcerny@suse.com - update to Firefox 38.5.0 ESR (bsc#963520) * MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 (bsc#963632) (bmo#1180064, bmo#1186973, bmo#1206675, bmo#1207298, bmo#1209358, bmo#1209365, bmo#1209366, bmo#1209368, bmo#1209546, bmo#1222015, bmo#1229825, bmo#1231121, bmo#1234576, bmo#1221385, bmo#1223670, bmo#1224200, bmo#1230483, bmo#1230639, bmo#1230668, bmo#1230686, bmo#1233152, bmo#1233346, bmo#1233925, bmo#1234280, bmo#1234571) Miscellaneous memory safety hazards (rv:44.0 / rv:38.6) * MFSA 2016-03/CVE-2016-1935 (bsc#963635) (bmo#1220450) Buffer overflow in WebGL after out of memory allocation - require NSS 3.20.2 ------------------------------------------------------------------- Wed Dec 16 16:05:33 UTC 2015 - pcerny@suse.com - update to Firefox 38.5.0 ESR (bsc#9959277) * MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 (bmo#1188105, bmo#1193757, bmo#1193999, bmo#1194002, bmo#1194006, bmo#1197012, bmo#1200580, bmo#1207571, bmo#1207571, bmo#1208059, bmo#1212305, bmo#1219330, bmo#1221421, bmo#1221904, bmo#1203135, bmo#1224100, bmo#1225250) Miscellaneous memory safety hazards (rv:43.0 / rv:38.5) * MFSA 2015-138/CVE-2015-7210 (bmo#1218326) Use-after-free in WebRTC when datachannel is used after being destroyed * MFSA 2015-139/CVE-2015-7212 (bmo#1222809) Integer overflow allocating extremely large textures * MFSA 2015-145/CVE-2015-7205 (bmo#1220493) Underflow through code inspection * MFSA 2015-146/CVE-2015-7213 (bmo#1206211) Integer overflow in MP4 playback in 64-bit versions * MFSA 2015-147/CVE-2015-7222 (bmo#1216748) Integer underflow and buffer overflow processing MP4 metadata in libstagefright * MFSA 2015-149/CVE-2015-7214 (bmo#1228950) Cross-site reading attack through data and view-source URIs ------------------------------------------------------------------- Tue Nov 3 23:02:43 UTC 2015 - pcerny@suse.com - update to Firefox 38.4.0 ESR (bsc#952810) * MFSA 2015-116/CVE-2015-4513 (bmo#1107011, bmo#1191942, bmo#1193038, bmo#1204580, bmo#1204669, bmo#1204700, bmo#1205707, bmo#1206564, bmo#1208665, bmo#1209471, bmo#1213979) Miscellaneous memory safety hazards (rv:42.0 / rv:38.4) * MFSA 2015-122/CVE-2015-7188 (bmo#1199430) Trailing whitespace in IP address hostnames can bypass same-origin policy * MFSA 2015-123/CVE-2015-7189 (bmo#1205900) Buffer overflow during image interactions in canvas * MFSA 2015-127/CVE-2015-7193 (bmo#1210302) CORS preflight is bypassed when non-standard Content-Type headers are received * MFSA 2015-128/CVE-2015-7194 (bmo#1211262) Memory corruption in libjar through zip files * MFSA 2015-130/CVE-2015-7196 (bmo#1140616) JavaScript garbage collection crash with Java applet * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200 (bmo#1204061, bmo#1188010, bmo#1204155) Vulnerabilities found through code inspection * MFSA 2015-132/CVE-2015-7197 (bmo#1204269) Mixed content WebSocket policy bypass through workers * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183 (bmo#1202868, bmo#1192028, bmo#1205157) NSS and NSPR memory corruption issues - fix printing on landscape media (bsc#908275) ------------------------------------------------------------------- Tue Sep 22 23:21:21 UTC 2015 - pcerny@suse.com - update to Firefox 38.3.0 ESR (bsc#947003) * MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 (bmo#1165706, bmo#1186657, bmo#1044077, bmo#1152026, bmo#1161063, bmo#1181651, bmo#1183153, bmo#1186962, bmo#1201793, bmo#1202844) Miscellaneous memory safety hazards (rv:41.0 / rv:38.3) * MFSA 2015-101/CVE-2015-4506 (bmo#1192226) Buffer overflow in libvpx while parsing vp9 format video * MFSA 2015-105/CVE-2015-4511 (bmo#1200148) Buffer overflow while decoding WebM video * MFSA 2015-106/CVE-2015-4509 (bmo#1198435) Use-after-free while manipulating HTML media content * MFSA 2015-110/CVE-2015-4519 (bmo#1189814) Dragging and dropping images exposes final URL after redirects * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869) Errors in the handling of CORS preflight request headers * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522 CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177 CVE-2015-7180 (bmo#1170246, bmo#1172055, bmo#1174479, bmo#1186725, bmo#1170794, bmo#1168959, bmo#1172189, bmo#1191463) Vulnerabilities found through code inspection ------------------------------------------------------------------- Fri Aug 28 10:41:39 UTC 2015 - pcerny@suse.com - update to Firefox 38.2.1 ESR (bsc#943608) * MFSA 2015-94/CVE-2015-4497 (bsc#943557) (bmo#1164766, bmo#1175278) Use-after-free when resizing canvas element during restyling * MFSA 2015-95/CVE-2015-4498 (bsc#943558) (bmo#1042699) Add-on notification bypass through data URLs ------------------------------------------------------------------- Tue Aug 11 17:21:59 UTC 2015 - pcerny@suse.com - update to Firefox 38.2.0 ESR (bsc#940806) * MFSA 2015-78/CVE-2015-4495 (bmo#1178058, bmo#1179262) Same origin violation and local file stealing via PDF reader * MFSA 2015-79/CVE-2015-4473/CVE-2015-4474 (bmo#1143130, bmo#1161719, bmo#1177501, bmo#1181204, bmo#1184068, bmo#1188590, bmo#1146213, bmo#1178890, bmo#1182711) Miscellaneous memory safety hazards (rv:40.0 / rv:38.2) * MFSA 2015-80/CVE-2015-4475 (bmo#1175396) Out-of-bounds read with malformed MP3 file * MFSA 2015-82/CVE-2015-4478 (bmo#1105914) Redefinition of non-configurable JavaScript object properties * MFSA 2015-83/CVE-2015-4479 (bmo#1185115, bmo#1144107, bmo#1170344, bmo#1186718) Overflow issues in libstagefright * MFSA 2015-87/CVE-2015-4484 (bmo#1171540) Crash when using shared memory in JavaScript * MFSA 2015-88/CVE-2015-4491 (bmo#1184009) Heap overflow in gdk-pixbuf when scaling bitmap images * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148) Buffer overflows on Libvpx when decoding WebM video * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489 (bmo#1176270, bmo#1182723, bmo#1171603) Vulnerabilities found through code inspection * MFSA 2015-92/CVE-2015-4492 (bmo#1185820) Use-after-free in XMLHttpRequest with shared workers ------------------------------------------------------------------- Mon Aug 10 18:25:05 UTC 2015 - pcerny@suse.com - hotfix update (bsc#940918) * MFSA 2015-78/CVE-2015-4495 (bmo#1178058) Same origin violation [-fix_expanded_principals] * Remove PlayPreview registration from PDF Viewer (bmo#1179262) [-fix_pdfjs_playpreview] ------------------------------------------------------------------- Mon Jul 6 17:33:57 UTC 2015 - cgrobertson@suse.com - update to Firefox 31.8.0 ESR (bsc#935979) * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725/CVE-2015-2726 (bmo#1059081, bmo#1132265, bmo#1145781, bmo#1146416, bmo#1155985, bmo#1056410, bmo#1151650, bmo#1156861, bmo#1159321, bmo#1159973, bmo#1163359, bmo#1163852, bmo#1172076, bmo#1172397, bmo#1143679, bmo#1154876, bmo#1160884, bmo#1164567) Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1) * MFSA 2015-61/CVE-2015-2728 (bmo#1142210) Type confusion in Indexed Database Manager * MFSA 2015-64/CVE-2015-2730 (bmo#1125025) ECDSA signature validation fails to handle some signatures correctly * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1169867, bmo#1166924) Use-after-free in workers while using XMLHttpRequest * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/ CVE-2015-2737/CVE-2015-2738/CVE-2015-2739/CVE-2015-2740 (bmo#1170809, bmo#1166900, bmo#1168207, bmo#1167888, bmo#1166082, bmo#1167356, bmo#1167332) Vulnerabilities found through code inspection * MFSA 2015-69/CVE-2015-2743 (bmo#1163109) Privilege escalation in PDF.js * MFSA 2015-70/CVE-2015-4000 (bmo#1138554) NSS accepts export-length DHE keys with regular DHE cipher suites * MFSA 2015-71/CVE-2015-2721 (bmo#1086145) NSS incorrectly permits skipping of ServerKeyExchange ------------------------------------------------------------------- Fri May 15 11:37:01 UTC 2015 - pcerny@suse.com - update to Firefox 31.7.0 ESR (bsc#930622) * MFSA 2015-46/CVE-2015-2708/CVE-2015-2709 (bmo#1120655, bmo#1143299, bmo#1151139, bmo#1152177, bmo#1111251, bmo#1117977, bmo#1128064, bmo#1135066, bmo#1143194, bmo#1146101, bmo#1149526, bmo#1153688, bmo#1155474) Miscellaneous memory safety hazards (rv:38.0 / rv:31.7) * MFSA 2015-47/CVE-2015-0797 (bmo#1080995) Buffer overflow parsing H.264 video with Linux Gstreamer * MFSA 2015-48/CVE-2015-2710 (bmo#1149542) Buffer overflow with SVG content and CSS * MFSA 2015-51/CVE-2015-2713 (bmo#1153478) Use-after-free during text processing with vertical text enabled * MFSA 2015-54/CVE-2015-2716 (bmo#1140537) Buffer overflow when parsing compressed XML ------------------------------------------------------------------- Wed Apr 1 18:19:20 UTC 2015 - pcerny@suse.com - update to Firefox 31.6.0 ESR (bsc#925368) * MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 (bmo#1005991, bmo#1111327, bmo#1116306, bmo#1127012, bmo#1130150, bmo#1132342, bmo#1133909, bmo#1136397, bmo#1137624, bmo#1138391, bmo#1036515, bmo#1137326, bmo#1138199) Miscellaneous memory safety hazards (rv:37.0 / rv:31.6) * MFSA 2015-31/CVE-2015-0813 (bmo#1106596) Use-after-free when using the Fluendo MP3 GStreamer plugin * MFSA 2015-33/CVE-2015-0816 (bmo#1144991) resource:// documents can load privileged pages * MFSA 2015-37/CVE-2015-0807 (bmo#1111834) CORS requests should not follow 30x redirections after preflight * MFSA 2015-40/CVE-2015-0801 (bmo#1146339) Same-origin bypass through anchor navigation ------------------------------------------------------------------- Mon Mar 23 12:16:49 UTC 2015 - pcerny@suse.com - update to Firefox 31.5.3 ESR (bsc#923534) * MFSA 2015-29/CVE-2015-0817 (bmo#1145255) Code execution through incorrect JavaScript bounds checking elimination * MFSA 2015-28/CVE-2015-0818 (bmo#1144988) Privilege escalation through SVG navigation ------------------------------------------------------------------- Tue Feb 24 23:49:33 UTC 2015 - pcerny@suse.com - update to Firefox 31.5.0 ESR (bsc#917597) * MFSA 2015-11/CVE-2015-0835/CVE-2015-0836 (bmo#1072760, bmo#1092947, bmo#1114058, bmo#1114569, bmo#1118894, bmo#1119019, bmo#1122387, bmo#1125734, bmo#1127206, bmo#1127246, bmo#1096138, bmo#1107009, bmo#1111243, bmo#1111248, bmo#1115776, bmo#1117406, bmo#1119579, bmo#1123882, bmo#1124018, bmo#1128196) Miscellaneous memory safety hazards (rv:36.0 / rv:31.5) * MFSA 2015-16/CVE-2015-0831 (bmo#1130541) Use-after-free in IndexedDB * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) Out-of-bounds read and write while rendering SVG content * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) Reading of local files through manipulation of form autocomplete ------------------------------------------------------------------- Wed Jan 14 10:57:41 UTC 2015 - pcerny@suse.com - update to Firefox 31.4.0 ESR (bsc#910669) * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 (bmo#1109889, bmo#1111737, bmo#1026774, bmo#1027300, bmo#1054538, bmo#1067473, bmo#1070962, bmo#1072130, bmo#1072871, bmo#1098583) Miscellaneous memory safety hazards (rv:35.0 / rv:31.4) * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) sendBeacon requests lack an Origin header * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) Cookie injection through Proxy Authenticate responses * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) Read-after-free in WebRTC - fix broken install scripts in some locales (bsc#909563) ------------------------------------------------------------------- Wed Dec 3 10:43:35 UTC 2014 - pcerny@suse.com - update to Firefox 31.3.0 ESR (bnc#908009) * MFSA 2014-83/CVE-2014-1587/CVE-2014-1588 (bmo#1042567, bmo#1072847, bmo#1079729, bmo#1080312, bmo#1089207, bmo#1013001, bmo#1023158, bmo#1026037, bmo#1037830, bmo#1048517, bmo#1064835, bmo#1073577, bmo#1075546, bmo#1077687, bmo#1086842, bmo#1096026) Miscellaneous memory safety hazards (rv:34.0 / rv:31.3) * MFSA 2014-85/CVE-2014-1590 (bmo#1087633) XMLHttpRequest crashes with some input streams * MFSA 2014-87/CVE-2014-1592 (bmo#1088635) Use-after-free during HTML5 parsing * MFSA 2014-88/CVE-2014-1593 (bmo#1085175) Buffer overflow while parsing media content * MFSA 2014-89/CVE-2014-1594 (bmo#1074280) Bad casting from the BasicThebesLayer to BasicContainerLayer - removing merged patch disabling SSLv3 by default ------------------------------------------------------------------- Wed Oct 15 17:18:10 UTC 2014 - pcerny@suse.com - update to Firefox 31.2.0 ESR (bnc#900941) * MFSA 2014-74/CVE-2014-1574/CVE-2014-1575 (bmo#1001994, bmo#1011354, bmo#1018916, bmo#1020034, bmo#1023035, bmo#1032208, bmo#1033020, bmo#1034230, bmo#1061214, bmo#1061600, bmo#1064346, bmo#1072044, bmo#1072174) Miscellaneous memory safety hazards (rv:33.0/rv:31.2) * MFSA 2014-75/CVE-2014-1576 (bmo#1041512) Buffer overflow during CSS manipulation * MFSA 2014-76/CVE-2014-1577 (bmo#1012609) Web Audio memory corruption issues with custom waveforms * MFSA 2014-77/CVE-2014-1578 (bmo#1063327) Out-of-bounds write with WebM video * MFSA 2014-79/CVE-2014-1581 (bmo#1068218) Use-after-free interacting with text directionality * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981) Inconsistent video sharing within iframe * MFSA 2014-82/CVE-2014-1583 (bmo#1015540) Accessing cross-origin objects via the Alarms API - SSLv3 is disabled by default. See README.POODLE for more detailed information. ------------------------------------------------------------------- Fri Sep 5 08:27:05 UTC 2014 - pcerny@suse.com - update to Firefox 31.1.0 (bnc#894370) * MFSA 2014-67/CVE-2014-1553/CVE-2014-1554/CVE-2014-1562 (bmo#990247,bmo#995075,bmo#995704,bmo#1004480,bmo#1016519, bmo#1022945,bmo#1027359,bmo#1033121,bmo#1035007,bmo#1037666, bmo#1041148,bmo#1054359) Miscellaneous memory safety hazards * MFSA 2014-68/CVE-2014-1563 (bmo#1018524) Use-after-free during DOM interactions with SVG * MFSA 2014-69/CVE-2014-1564 (bmo#1045977) Uninitialized memory use during GIF rendering * MFSA 2014-70/CVE-2014-1565 (bmo#1047831) Out-of-bounds read in Web Audio audio timeline * MFSA 2014-72/CVE-2014-1567 (bmo#1037641) Use-after-free setting text directionality - require NSPR 4.10.7/NSS 3.16.4 ------------------------------------------------------------------- Wed Aug 20 13:46:39 CEST 2014 - behlert@suse.de - adapted _constraints, used more than 3900MB on s390x during last build ------------------------------------------------------------------- Thu Jul 17 11:53:42 UTC 2014 - pcerny@suse.com - update to Firefox 31.0.0 ESR (bnc#887746) * MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards * MFSA 2014-61/CVE-2014-1555 (bmo#1023121) Use-after-free with FireOnStateChange event * MFSA 2014-62/CVE-2014-1556 (bmo#1028891) Exploitable WebGL crash with Cesium JavaScript library * MFSA 2014-63/CVE-2014-1544 (bmo#963150) Use-after-free while when manipulating certificates in the trusted cache (solved with NSS 3.16.3 requirement) * MFSA 2014-64/CVE-2014-1557 (bmo#913805) Crash in Skia library when scaling high quality images - require NSS 3.16.3 ----------------------------------------------------------------- Fri Jun 13 21:40:37 UTC 2014 - pcerny@suse.com - update to Firefox 31 beta 6 - require NSS 3.16.1 ------------------------------------------------------------------- Mon Apr 28 23:19:05 UTC 2014 - pcerny@suse.com - update to Firefox 30 beta 8 - requires NSS 3.16 - removed obsolete patches * firefox-browser-css.patch * mozilla-aarch64-599882cfb998.diff * mozilla-aarch64-bmo-963028.patch * mozilla-aarch64-bmo-963029.patch * mozilla-aarch64-bmo-963030.patch * mozilla-aarch64-bmo-963031.patch - added mozilla-icu-strncat.patch to fix post build checks ------------------------------------------------------------------- Mon Apr 7 15:34:31 UTC 2014 - dmueller@suse.com - add mozilla-aarch64-599882cfb998.patch, mozilla-aarch64-bmo-810631.patch, mozilla-aarch64-bmo-962488.patch, mozilla-aarch64-bmo-963030.patch, mozilla-aarch64-bmo-963027.patch, mozilla-aarch64-bmo-963028.patch, mozilla-aarch64-bmo-963029.patch, mozilla-aarch64-bmo-963023.patch, mozilla-aarch64-bmo-963024.patch, mozilla-aarch64-bmo-963031.patch: AArch64 porting ------------------------------------------------------------------- Mon Mar 31 18:20:22 UTC 2014 - dvaleev@suse.com - Fix MozillaFirefox builds for ppc64 and ppc64le - added patches: * mozilla-ppc64-xpcom.patch - modified patches: * mozilla-ppc64le-xpcom.patch ------------------------------------------------------------------- Sun Mar 16 23:49:34 UTC 2014 - pcerny@suse.com - update to Firefox 28.0 (bnc#868603) - requires NSPR 4.10.4 and NSS 3.15.5 - new build dependency: * libpulse - update of PowerPC 64 patches (bmo#976648) - rebased patches ------------------------------------------------------------------- Tue Mar 4 14:09:57 UTC 2014 - dvaleev@suse.com - Refresh patch to fit Firefox27 build system - modified patches: * mozilla-ppc64le-xpcom.patch ------------------------------------------------------------------- Fri Feb 28 13:17:49 UTC 2014 - pcerny@suse.com - update to Firefox 27.0.1 * Fixed stability issues with Greasemonkey and other JS that used ClearTimeoutOrInterval * JS math correctness issue (bnc#941381) - incorporate Google API key for geolocation (bnc#864170) - updated list of "other" locales in RPM requirements - update of PowerPC 64 patches (bmo#976648) ------------------------------------------------------------------- Tue Jan 28 15:45:41 UTC 2014 - wr@rosenauer.org - update to Firefox 27.0 (bnc#861847) * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) * MFSA 2014-02/CVE-2014-1479 (bmo#911864) Clone protected content with XBL scopes * MFSA 2014-03/CVE-2014-1480 (bmo#916726) UI selection timeout missing on download prompts * MFSA 2014-04/CVE-2014-1482 (bmo#943803) Incorrect use of discarded images by RasterImage * MFSA 2014-05/CVE-2014-1483 (bmo#950427) Information disclosure with *FromPoint on iframes * MFSA 2014-06/CVE-2014-1484 (bmo#953993) Profile path leaks to Android system log * MFSA 2014-07/CVE-2014-1485 (bmo#910139) XSLT stylesheets treated as styles in Content Security Policy * MFSA 2014-08/CVE-2014-1486 (bmo#942164) Use-after-free with imgRequestProxy and image proccessing * MFSA 2014-09/CVE-2014-1487 (bmo#947592) Cross-origin information leak through web workers * MFSA 2014-10/CVE-2014-1489 (bmo#959531) Firefox default start page UI content invokable by script * MFSA 2014-11/CVE-2014-1488 (bmo#950604) Crash when using web workers with asm.js * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 (bmo#934545, bmo#930874, bmo#930857) NSS ticket handling issues * MFSA 2014-13/CVE-2014-1481(bmo#936056) Inconsistent JavaScript handling of access to Window objects - requires NSS 3.15.4 or higher - rebased/reworked patches - removed obsolete mozilla-bug929439.patch ------------------------------------------------------------------- Thu Dec 12 21:19:54 UTC 2013 - uweigand@de.ibm.com - Add support for powerpc64le-linux. * mozilla-ppc64le.patch: general support * mozilla-libffi-ppc64le.patch: libffi backport * mozilla-xpcom-ppc64le.patch: port xpcom - Add build fix from mainline. * mozilla-bug929439.patch ------------------------------------------------------------------- Sun Dec 8 20:26:23 UTC 2013 - wr@rosenauer.org - update to Firefox 26.0 (bnc#854367, bnc#854370) * rebased patches * requires NSPR 4.10.2 and NSS 3.15.3.1 * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards * MFSA 2013-105/CVE-2013-5611 (bmo#771294) Application Installation doorhanger persists on navigation * MFSA 2013-106/CVE-2013-5612 (bmo#871161) Character encoding cross-origin XSS attack * MFSA 2013-107/CVE-2013-5614 (bmo#886262) Sandbox restrictions not applied to nested object elements * MFSA 2013-108/CVE-2013-5616 (bmo#938341) Use-after-free in event listeners * MFSA 2013-109/CVE-2013-5618 (bmo#926361) Use-after-free during Table Editing * MFSA 2013-110/CVE-2013-5619 (bmo#917841) Potential overflow in JavaScript binary search algorithms * MFSA 2013-111/CVE-2013-6671 (bmo#930281) Segmentation violation when replacing ordered list elements * MFSA 2013-112/CVE-2013-6672 (bmo#894736) Linux clipboard information disclosure though selection paste * MFSA 2013-113/CVE-2013-6673 (bmo#970380) Trust settings for built-in roots ignored during EV certificate validation * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) Use-after-free in synthetic mouse movement * MFSA 2013-115/CVE-2013-5615 (bmo#929261) GetElementIC typed array stubs can be generated outside observed typesets * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) JPEG information leak * MFSA 2013-117 (bmo#946351) Mis-issued ANSSI/DCSSI certificate (fixed via NSS 3.15.3.1) - removed gecko.js preference file as GStreamer is enabled by default now ------------------------------------------------------------------- Thu Oct 24 18:16:19 UTC 2013 - wr@rosenauer.org - update to Firefox 25.0 (bnc#847708) * rebased patches * requires NSS 3.15.2 or above * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards * MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing addressbar through SELECT element * MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access violation with XSLT and uninitialized data * MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly initialized memory and overflows in some JavaScript functions * MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to cycle collected object during image decoding * MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free when updating offline cache * MFSA 2013-99/CVE-2013-5598 (bmo#920515) Security bypass of PDF.js checks using iframes * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 (bmo#915210, bmo#915576, bmo#916685) Miscellaneous use-after-free issues found through ASAN fuzzing * MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory corruption in workers * MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free in HTML document templates ------------------------------------------------------------------- Tue Sep 24 07:31:30 UTC 2013 - wr@rosenauer.org - as GStreamer is not automatically required anymore but loaded dynamically if available, require it explicitely - recommend optional GStreamer plugins for comprehensive media support ------------------------------------------------------------------- Mon Sep 16 11:59:18 UTC 2013 - lnussel@suse.de - move greek to the translations-common package (bnc#840551) ------------------------------------------------------------------- Sat Sep 14 14:39:58 UTC 2013 - wr@rosenauer.org - update to Firefox 24.0 (bnc#840485) * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 Miscellaneous memory safety hazards * MFSA 2013-77/CVE-2013-1720 (bmo#888820) Improper state in HTML5 Tree Builder with templates * MFSA 2013-78/CVE-2013-1721 (bmo#890277) Integer overflow in ANGLE library * MFSA 2013-79/CVE-2013-1722 (bmo#893308) Use-after-free in Animation Manager during stylesheet cloning * MFSA 2013-80/CVE-2013-1723 (bmo#891292) NativeKey continues handling key messages after widget is destroyed * MFSA 2013-81/CVE-2013-1724 (bmo#894137) Use-after-free with select element * MFSA 2013-82/CVE-2013-1725 (bmo#876762) Calling scope for new Javascript objects can lead to memory corruption * MFSA 2013-85/CVE-2013-1728 (bmo#883686) Uninitialized data in IonMonkey * MFSA 2013-88/CVE-2013-1730 (bmo#851353) Compartment mismatch re-attaching XBL-backed nodes * MFSA 2013-89/CVE-2013-1732 (bmo#883514) Buffer overflow with multi-column, lists, and floats * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) Memory corruption involving scrolling * MFSA 2013-91/CVE-2013-1737 (bmo#907727) User-defined properties on DOM proxies get the wrong "this" object * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) GC hazard with default compartments and frame chain restoration - enable gstreamer explicitely via pref (gecko.js) - require NSS 3.15.1 ------------------------------------------------------------------- Mon Aug 26 07:35:36 UTC 2013 - wr@rosenauer.org - update to Firefox 23.0.1 * Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls (bmo#901527) ------------------------------------------------------------------- Sun Aug 4 18:30:11 UTC 2013 - wr@rosenauer.org - update to Firefox 23.0 (bnc#833389) * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards * MFSA 2013-64/CVE-2013-1704 (bmo#883313) Use after free mutating DOM during SetBody * MFSA 2013-65/CVE-2013-1705 (bmo#882865) Buffer underflow when generating CRMF requests * MFSA 2013-67/CVE-2013-1708 (bmo#879924) Crash during WAV audio file decoding * MFSA 2013-68/CVE-2013-1709 (bmo#838253) Document URI misrepresentation and masquerading * MFSA 2013-69/CVE-2013-1710 (bmo#871368) CRMF requests allow for code execution and XSS attacks * MFSA 2013-70/CVE-2013-1711 (bmo#843829) Bypass of XrayWrappers using XBL Scopes * MFSA 2013-72/CVE-2013-1713 (bmo#887098) Wrong principal used for validating URI for some Javascript components * MFSA 2013-73/CVE-2013-1714 (bmo#879787) Same-origin bypass with web workers and XMLHttpRequest * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) Local Java applets may read contents of local file system - requires NSPR 4.10 and NSS 3.15 ------------------------------------------------------------------- Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com - fix build on ARM (/-g/ matches /-grecord-switches/) ------------------------------------------------------------------- Sat Jun 22 17:48:06 UTC 2013 - wr@rosenauer.org - update to Firefox 22.0 (bnc#825935) * removed obsolete patches + mozilla-qcms-ppc.patch + mozilla-gstreamer-760140.patch * GStreamer support does not build on 12.1 anymore (build only on 12.2 and later) * MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) Privileged content access and execution via XBL * MFSA 2013-52/CVE-2013-1688 (bmo#873966) Arbitrary code execution within Profiler * MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of unmapped memory through onreadystatechange event * MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the body of XHR HEAD requests leads to CSRF attacks * MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can lead to information disclosure * MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper has inconsistent behavior * MFSA 2013-57/CVE-2013-1695 (bmo#849791) Sandbox restrictions not applied to nested frame elements * MFSA 2013-58/CVE-2013-1696 (bmo#761667) X-Frame-Options ignored when using server push with multi-part responses * MFSA 2013-59/CVE-2013-1697 (bmo#858101) XrayWrappers can be bypassed to run user defined methods in a privileged context * MFSA 2013-60/CVE-2013-1698 (bmo#876044) getUserMedia permission dialog incorrectly displays location * MFSA 2013-61/CVE-2013-1699 (bmo#840882) Homograph domain spoofing in .com, .net and .name ------------------------------------------------------------------- Tue Jun 11 21:06:58 UTC 2013 - dvaleev@suse.com - Fix qcms altivec include (mozilla-qcms-ppc.patch) ------------------------------------------------------------------- Fri May 10 05:25:39 UTC 2013 - wr@rosenauer.org - update to Firefox 21.0 (bnc#819204) * removed upstreamed patch firefox-712763.patch * removed disabled mozilla-disable-neon-option.patch * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards * MFSA 2013-42/CVE-2013-1670 (bmo#853709) Privileged access for content level constructor * MFSA 2013-43/CVE-2013-1671 (bmo#842255) File input control has access to full path * MFSA 2013-46/CVE-2013-1674 (bmo#860971) Use-after-free with video and onresize event * MFSA 2013-47/CVE-2013-1675 (bmo#866825) Uninitialized functions in DOMSVGZoomEvent * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 Memory corruption found using Address Sanitizer ------------------------------------------------------------------- Tue Apr 9 06:41:31 UTC 2013 - wr@rosenauer.org - revert to use GStreamer 0.10 on 12.3 (bnc#814101) (remove mozilla-gstreamer-1.patch) ------------------------------------------------------------------- Fri Apr 5 17:04:11 UTC 2013 - schwab@linux-m68k.org - Explicitly disable WebRTC support on non-x86, the configure script disables it only half-heartedly ------------------------------------------------------------------- Fri Mar 29 22:15:21 UTC 2013 - wr@rosenauer.org - update to Firefox 20.0 (bnc#813026) * requires NSPR 4.9.5 and NSS 3.14.3 * mozilla-webrtc-ppc.patch included upstream * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous memory safety hazards * MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds write in Cairo library * MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash with Mesa graphics driver on Linux * MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW protections allows cloning of protected nodes * MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of tab-modal dialog origin disclosure * MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site scripting (XSS) using timed history navigations * MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory corruption while rendering grayscale PNG images - use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch) ------------------------------------------------------------------- Tue Mar 12 23:08:15 UTC 2013 - dmueller@suse.com - build fixes for armv7hl: * disable debug build as armv7hl does not have enough memory * disable webrtc on armv7hl as it is non-compiling ------------------------------------------------------------------- Thu Mar 7 19:03:32 UTC 2013 - wr@rosenauer.org - update to Firefox 19.0.2 (bnc#808243) * MFSA 2013-29/CVE-2013-0787 (bmo#848644) Use-after-free in HTML Editor ------------------------------------------------------------------- Thu Feb 28 22:06:36 UTC 2013 - wr@rosenauer.org - update to Firefox 19.0.1 * blocklist updates ------------------------------------------------------------------- Sat Feb 16 07:08:55 UTC 2013 - wr@rosenauer.org - update to Firefox 19.0 (bnc#804248) * MFSA 2013-21/CVE-2013-0783/2013-0784 Miscellaneous memory safety hazards * MFSA 2013-22/CVE-2013-0772 (bmo#801366) Out-of-bounds read in image rendering * MFSA 2013-23/CVE-2013-0765 (bmo#830614) Wrapped WebIDL objects can be wrapped again * MFSA 2013-24/CVE-2013-0773 (bmo#809652) Web content bypass of COW and SOW security wrappers * MFSA 2013-25/CVE-2013-0774 (bmo#827193) Privacy leak in JavaScript Workers * MFSA 2013-26/CVE-2013-0775 (bmo#831095) Use-after-free in nsImageLoadingContent * MFSA 2013-27/CVE-2013-0776 (bmo#796475) Phishing on HTTPS connection through malicious proxy * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer - removed obsolete patches * mozilla-webrtc.patch * mozilla-gstreamer-803287.patch - added patch to fix session restore window order (bmo#712763) ------------------------------------------------------------------- Sat Feb 2 08:40:52 UTC 2013 - wr@rosenauer.org - update to Firefox 18.0.2 * blocklist and CTP updates * fixes in JS engine ------------------------------------------------------------------- Wed Jan 16 20:51:55 UTC 2013 - wr@rosenauer.org - update to Firefox 18.0.1 * blocklist updates * backed out bmo#677092 (removed patch) * fixed problems involving HTTP proxy transactions ------------------------------------------------------------------- Sat Jan 12 17:25:11 UTC 2013 - schwab@linux-m68k.org - Fix WebRTC to build on powerpc ------------------------------------------------------------------- Sun Jan 6 21:54:18 UTC 2013 - wr@rosenauer.org - update to Firefox 18.0 (bnc#796895) * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 Miscellaneous memory safety hazards * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2013-03/CVE-2013-0768 (bmo#815795) Buffer Overflow in Canvas * MFSA 2013-04/CVE-2012-0759 (bmo#802026) URL spoofing in addressbar during page loads * MFSA 2013-05/CVE-2013-0744 (bmo#814713) Use-after-free when displaying table with many columns and column groups * MFSA 2013-06/CVE-2013-0751 (bmo#790454) Touch events are shared across iframes * MFSA 2013-07/CVE-2013-0764 (bmo#804237) Crash due to handling of SSL on threads * MFSA 2013-08/CVE-2013-0745 (bmo#794158) AutoWrapperChanger fails to keep objects alive during garbage collection * MFSA 2013-09/CVE-2013-0746 (bmo#816842) Compartment mismatch with quickstubs returned values * MFSA 2013-10/CVE-2013-0747 (bmo#733305) Event manipulation in plugin handler to bypass same-origin policy * MFSA 2013-11/CVE-2013-0748 (bmo#806031) Address space layout leaked in XBL objects * MFSA 2013-12/CVE-2013-0750 (bmo#805121) Buffer overflow in Javascript string concatenation * MFSA 2013-13/CVE-2013-0752 (bmo#805024) Memory corruption in XBL with XML bindings containing SVG * MFSA 2013-14/CVE-2013-0757 (bmo#813901) Chrome Object Wrapper (COW) bypass through changing prototype * MFSA 2013-15/CVE-2013-0758 (bmo#813906) Privilege escalation through plugin objects * MFSA 2013-16/CVE-2013-0753 (bmo#814001) Use-after-free in serializeToStream * MFSA 2013-17/CVE-2013-0754 (bmo#814026) Use-after-free in ListenerManager * MFSA 2013-18/CVE-2013-0755 (bmo#814027) Use-after-free in Vibrate * MFSA 2013-19/CVE-2013-0756 (bmo#814029) Use-after-free in Javascript Proxy objects - requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743) - removed obsolete SLE11 patches (mozilla-gcc43*) - reenable WebRTC - added mozilla-libproxy-compat.patch for libproxy API compat on openSUSE 11.2 and earlier - backed out restartless language packs as it broke multi-locale setup (bmo#677092, bmo#818468) ------------------------------------------------------------------- Thu Nov 29 19:56:51 UTC 2012 - wr@rosenauer.org - update to Firefox 17.0.1 * revert some useragent changes introduced in 17.0 * leaving private browsing with social enabled doesn't reset all social components (bmo#815042) - fix KDE integration for file dialogs ------------------------------------------------------------------- Tue Nov 20 19:52:02 UTC 2012 - wr@rosenauer.org - update to Firefox 17.0 (bnc#790140) * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards * MFSA 2012-92/CVE-2012-4202 (bmo#758200) Buffer overflow while rendering GIF images * MFSA 2012-93/CVE-2012-4201 (bmo#747607) evalInSanbox location context incorrectly applied * MFSA 2012-94/CVE-2012-5836 (bmo#792857) Crash when combining SVG text on path with CSS * MFSA 2012-95/CVE-2012-4203 (bmo#765628) Javascript: URLs run in privileged context on New Tab page * MFSA 2012-96/CVE-2012-4204 (bmo#778603) Memory corruption in str_unescape * MFSA 2012-97/CVE-2012-4205 (bmo#779821) XMLHttpRequest inherits incorrect principal within sandbox * MFSA 2012-99/CVE-2012-4208 (bmo#798264) XrayWrappers exposes chrome-only properties when not in chrome compartment * MFSA 2012-100/CVE-2012-5841 (bmo#805807) Improper security filtering for cross-origin wrappers * MFSA 2012-101/CVE-2012-4207 (bmo#801681) Improper character decoding in HZ-GB-2312 charset * MFSA 2012-102/CVE-2012-5837 (bmo#800363) Script entered into Developer Toolbar runs with chrome privileges * MFSA 2012-103/CVE-2012-4209 (bmo#792405) Frames can shadow top.location * MFSA 2012-104/CVE-2012-4210 (bmo#796866) CSS and HTML injection through Style Inspector * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 Use-after-free and buffer overflow issues found using Address Sanitizer * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer - rebased patches - disabled WebRTC since build is broken (bmo#776877) ------------------------------------------------------------------- Tue Nov 20 15:42:55 UTC 2012 - pcerny@suse.com - build on SLE11 * mozilla-gcc43-enums.patch * mozilla-gcc43-template_hacks.patch * mozilla-gcc43-templates_instantiation.patch ------------------------------------------------------------------- Wed Oct 24 08:27:29 UTC 2012 - wr@rosenauer.org - update to Firefox 16.0.2 (bnc#786522) * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196 (bmo#800666, bmo#793121, bmo#802557) Fixes for Location object issues - bring back Obsoletes for libproxy's mozjs plugin for distributions before 12.2 to avoid crashes ------------------------------------------------------------------- Thu Oct 11 01:51:16 UTC 2012 - wr@rosenauer.org - update to Firefox 16.0.1 (bnc#783533) * MFSA 2012-88/CVE-2012-4191 (bmo#798045) Miscellaneous memory safety hazards * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) defaultValue security checks not applied ------------------------------------------------------------------- Sun Oct 7 21:40:14 UTC 2012 - wr@rosenauer.org - update to Firefox 16.0 (bnc#783533) * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 Miscellaneous memory safety hazards * MFSA 2012-75/CVE-2012-3984 (bmo#575294) select element persistance allows for attacks * MFSA 2012-76/CVE-2012-3985 (bmo#655649) Continued access to initial origin after setting document.domain * MFSA 2012-77/CVE-2012-3986 (bmo#775868) Some DOMWindowUtils methods bypass security checks * MFSA 2012-79/CVE-2012-3988 (bmo#725770) DOS and crash with full screen and history navigation * MFSA 2012-80/CVE-2012-3989 (bmo#783867) Crash with invalid cast when using instanceof operator * MFSA 2012-81/CVE-2012-3991 (bmo#783260) GetProperty function can bypass security checks * MFSA 2012-82/CVE-2012-3994 (bmo#765527) top object and location property accessible by plugins * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties * MFSA 2012-84/CVE-2012-3992 (bmo#775009) Spoofing and script injection through location.hash * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ CVE-2012-4188 Heap memory corruption issues found using Address Sanitizer * MFSA 2012-87/CVE-2012-3990 (bmo#787704) Use-after-free in the IME State Manager - requires NSPR 4.9.2 - improve GStreamer integration (bmo#760140) - removed upstreamed mozilla-crashreporter-restart-args.patch - webapprt now included - use kmozillahelper's new REVEAL command (bnc#777415) (requires mozilla-kde4-integration >= 0.6.4) - updated translations-other with new languages ------------------------------------------------------------------- Mon Sep 10 19:37:56 UTC 2012 - wr@rosenauer.org - update to Firefox 15.0.1 (bnc#779936) * Sites visited while in Private Browsing mode could be found through manual browser cache inspection (bmo#787743) ------------------------------------------------------------------- Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org - update to Firefox 15.0 (bnc#777588) * MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 Use-after-free issues found using Address Sanitizer * MFSA 2012-59/CVE-2012-1956 (bmo#756719) Location object can be shadowed using Object.defineProperty * MFSA 2012-60/CVE-2012-3965 (bmo#769108) Escalation of privilege through about:newtab * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) Memory corruption with bitmap format images with negative height * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 WebGL use-after-free and memory corruption * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 SVG buffer overflow and use-after-free issues * MFSA 2012-64/CVE-2012-3971 Graphite 2 memory corruption * MFSA 2012-65/CVE-2012-3972 (bmo#746855) Out-of-bounds read in format-number in XSLT * MFSA 2012-66/CVE-2012-3973 (bmo#757128) HTTPMonitor extension allows for remote debugging without explicit activation * MFSA 2012-68/CVE-2012-3975 (bmo#770684) DOMParser loads linked resources in extensions when parsing text/html * MFSA 2012-69/CVE-2012-3976 (bmo#768568) Incorrect site SSL certificate data display * MFSA 2012-70/CVE-2012-3978 (bmo#770429) Location object security checks bypassed by chrome code * MFSA 2012-72/CVE-2012-3980 (bmo#771859) Web console eval capable of executing chrome-privileged code - fix HTML5 video crash with GStreamer enabled (bmo#761030) - GStreamer is only used for MP4 (no WebM, OGG) - updated filelist - moved browser specific preferences to correct location ------------------------------------------------------------------- Sun Jul 29 08:34:39 UTC 2012 - aj@suse.de - Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16) ------------------------------------------------------------------- Sat Jul 14 19:31:51 UTC 2012 - wr@rosenauer.org - update to 14.0.1 (bnc#771583) * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards * MFSA 2012-43/CVE-2012-1950 Incorrect URL displayed in addressbar through drag and drop * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952 Gecko memory corruption * MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue with location * MFSA 2012-46/CVE-2012-1966 (bmo#734076) XSS through data: URLs * MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper filtering of javascript in HTML feed-view * MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free in nsGlobalWindow::PageHidden * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) Same-compartment Security Wrappers can be bypassed * MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds read in QCMS * MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options header ignored when duplicated * MFSA 2012-52/CVE-2012-1962 (bmo#764296) JSDependentString::undepend string conversion results in memory corruption * MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content Security Policy 1.0 implementation errors cause data leakage * MFSA 2012-55/CVE-2012-1965 (bmo#758990) feed: URLs with an innerURI inherit security context of page * MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution through javascript: URLs - license change from tri license to MPL-2.0 - fix crashreporter restart option (bmo#762780) - require NSS 3.13.5 - remove mozjs pacrunner obsoletes again for now - adopted mozilla-prefer_plugin_pref.patch - PPC fixes: * reenabled mozilla-yarr-pcre.patch to fix build for PPC * add patches for bmo#750620 and bmo#746112 * fix xpcshell segfault on ppc ------------------------------------------------------------------- Fri Jun 15 12:37:09 UTC 2012 - wr@rosenauer.org - update to Firefox 13.0.1 * bugfix release - obsolete libproxy's mozjs pacrunner (bnc#759123) ------------------------------------------------------------------- Sat Jun 2 08:22:51 UTC 2012 - wr@rosenauer.org - update to Firefox 13.0 (bnc#765204) * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards * MFSA 2012-36/CVE-2012-1944 (bmo#751422) Content Security Policy inline-script bypass * MFSA 2012-37/CVE-2012-1945 (bmo#670514) Information disclosure though Windows file shares and shortcut files * MFSA 2012-38/CVE-2012-1946 (bmo#750109) Use-after-free while replacing/inserting a node in a document * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 Buffer overflow and use-after-free issues found using Address Sanitizer - require NSS 3.13.4 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) - fix sound notifications when filename/path contains a whitespace (bmo#749739) ------------------------------------------------------------------- Wed May 23 14:40:16 UTC 2012 - adrian@suse.de - fix build on arm ------------------------------------------------------------------- Wed May 16 05:34:01 UTC 2012 - wr@rosenauer.org - reenabled crashreporter for Factory/12.2 (fix in mozilla-gcc47.patch) ------------------------------------------------------------------- Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org - update to Firefox 12.0 (bnc#758408) * rebased patches * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 Miscellaneous memory safety hazards * MFSA 2012-22/CVE-2012-0469 (bmo#738985) use-after-free in IDBKeyRange * MFSA 2012-23/CVE-2012-0470 (bmo#734288) Invalid frees causes heap corruption in gfxImageSurface * MFSA 2012-24/CVE-2012-0471 (bmo#715319) Potential XSS via multibyte content processing errors * MFSA 2012-25/CVE-2012-0472 (bmo#744480) Potential memory corruption during font rendering using cairo-dwrite * MFSA 2012-26/CVE-2012-0473 (bmo#743475) WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) Page load short-circuit can lead to XSS * MFSA 2012-28/CVE-2012-0475 (bmo#694576) Ambiguous IPv6 in Origin headers may bypass webserver access restrictions * MFSA 2012-29/CVE-2012-0477 (bmo#718573) Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues * MFSA 2012-30/CVE-2012-0478 (bmo#727547) Crash with WebGL content using textImage2D * MFSA 2012-31/CVE-2011-3062 (bmo#739925) Off-by-one error in OpenType Sanitizer * MFSA 2012-32/CVE-2011-1187 (bmo#624621) HTTP Redirections and remote content can be read by javascript errors * MFSA 2012-33/CVE-2012-0479 (bmo#714631) Potential site identity spoofing when loading RSS and Atom feeds - added mozilla-libnotify.patch to allow fallback from libnotify to xul based events if no notification-daemon is running - gcc 4.7 fixes * mozilla-gcc47.patch * disabled crashreporter temporarily for Factory - recommend libcanberra0 for proper sound notifications ------------------------------------------------------------------- Fri Mar 9 21:47:07 UTC 2012 - wr@rosenauer.org - update to Firefox 11.0 (bnc#750044) * MFSA 2012-13/CVE-2012-0455 (bmo#704354) XSS with Drag and Drop and Javascript: URL * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) SVG issues found with Address Sanitizer * MFSA 2012-15/CVE-2012-0451 (bmo#717511) XSS with multiple Content Security Policy headers * MFSA 2012-16/CVE-2012-0458 Escalation of privilege with Javascript: URL as home page * MFSA 2012-17/CVE-2012-0459 (bmo#723446) Crash when accessing keyframe cssText after dynamic modification * MFSA 2012-18/CVE-2012-0460 (bmo#727303) window.fullScreen writeable by untrusted content * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ CVE-2012-0463 Miscellaneous memory safety hazards - ported and reenabled KDE integration (bnc#746591) - explicitely build-require X libs ------------------------------------------------------------------- Mon Mar 5 13:31:48 UTC 2012 - vdziewiecki@suse.com - add Provides: browser(npapi) FATE#313084 ------------------------------------------------------------------- Fri Feb 17 17:41:11 UTC 2012 - pcerny@suse.com - better plugin directory resolution (bnc#747320) ------------------------------------------------------------------- Thu Feb 16 08:47:31 UTC 2012 - wr@rosenauer.org - update to Firefox 10.0.2 (bnc#747328) * CVE-2011-3026 (bmo#727401) libpng: integer overflow leading to heap-buffer overflow ------------------------------------------------------------------- Thu Feb 9 09:26:11 UTC 2012 - wr@rosenauer.org - update to Firefox 10.0.1 (bnc#746616) * MFSA 2012-10/CVE-2012-0452 (bmo#724284) use after free in nsXBLDocumentInfo::ReadPrototypeBindings ------------------------------------------------------------------- Tue Feb 7 10:40:58 UTC 2012 - dvaleev@suse.com - Use YARR interpreter instead of PCRE on platforms where YARR JIT is not supported, since PCRE doesnt build (bmo#691898) - fix ppc64 build (bmo#703534) ------------------------------------------------------------------- Mon Jan 30 09:41:59 UTC 2012 - wr@rosenauer.org - update to Firefox 10.0 (bnc#744275) * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443 Miscellaneous memory safety hazards * MFSA 2012-03/CVE-2012-0445 (bmo#701071) <iframe> element exposed across domains via name attribute * MFSA 2012-04/CVE-2011-3659 (bmo#708198) Child nodes from nsDOMAttribute still accessible after removal of nodes * MFSA 2012-05/CVE-2012-0446 (bmo#705651) Frame scripts calling into untrusted objects bypass security checks * MFSA 2012-06/CVE-2012-0447 (bmo#710079) Uninitialized memory appended when encoding icon images may cause information disclosure * MFSA 2012-07/CVE-2012-0444 (bmo#719612) Potential Memory Corruption When Decoding Ogg Vorbis files * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466) Crash with malformed embedded XSLT stylesheets - KDE integration has been disabled since it needs refactoring - removed obsolete ppc64 patch ------------------------------------------------------------------- Sun Jan 22 12:08:07 UTC 2012 - joop.boonen@opensuse.org - Disable neon for arm as it doesn't build correctly ------------------------------------------------------------------- Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org - update to Firefox 9.0.1 * (strongparent) parentNode of element gets lost (bmo#335998) ------------------------------------------------------------------- Sun Dec 18 09:58:52 UTC 2011 - adrian@suse.de - fix arm build, don't package crashreporter there ------------------------------------------------------------------- Sun Dec 18 09:52:08 UTC 2011 - wr@rosenauer.org - update to Firefox 9 (bnc#737533) * MFSA 2011-53/CVE-2011-3660 Miscellaneous memory safety hazards (rv:9.0) * MFSA 2011-54/CVE-2011-3661 (bmo#691299) Potentially exploitable crash in the YARR regular expression library * MFSA 2011-55/CVE-2011-3658 (bmo#708186) nsSVGValue out-of-bounds access * MFSA 2011-56/CVE-2011-3663 (bmo#704482) Key detection without JavaScript via SVG animation * MFSA 2011-58/VE-2011-3665 (bmo#701259) Crash scaling <video> to extreme sizes ------------------------------------------------------------------- Sun Nov 27 03:51:54 UTC 2011 - mgorse@suse.com - Fix accessibility under GNOME 3 (bnc#732898) ------------------------------------------------------------------- Sat Nov 12 15:16:38 UTC 2011 - dvaleev@suse.com - fix ppc64 build ------------------------------------------------------------------- Sun Nov 6 08:20:59 UTC 2011 - wr@rosenauer.org - update to Firefox 8 (bnc#728520) * MFSA 2011-47/CVE-2011-3648 (bmo#690225) Potential XSS against sites using Shift-JIS * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards * MFSA 2011-49/CVE-2011-3650 (bmo#674776) Memory corruption while profiling using Firebug * MFSA 2011-52/CVE-2011-3655 (bmo#672182) Code execution via NoWaiverWrapper - rebased patches ------------------------------------------------------------------- Thu Oct 20 12:34:47 UTC 2011 - wr@rosenauer.org - enable telemetry prompt ------------------------------------------------------------------- Fri Sep 30 10:52:36 UTC 2011 - wr@rosenauer.org - update to minor release 7.0.1 * fixed staged addon updates - set intl.locale.matchOS=true in the base package as it causes too much confusion when it's only available with branding-openSUSE ------------------------------------------------------------------- Fri Sep 23 11:22:22 UTC 2011 - wr@rosenauer.org - update to Firefox 7 (bnc#720264) including * Improve Responsiveness with Memory Reductions * Instant Sync * WebSocket protocol 8 * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997 Miscellaneous memory safety hazards * MFSA 2011-39/CVE-2011-3000 (bmo#655389) Defense against multiple Location headers due to CRLF Injection * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001 Code installation through holding down Enter * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335) Potentially exploitable WebGL crashes * MFSA 2011-42/CVE-2011-3232 (bmo#653672) Potentially exploitable crash in the YARR regular expression library * MFSA 2011-43/CVE-2011-3004 (bmo#653926) loadSubScript unwraps XPCNativeWrapper scope parameter * MFSA 2011-44/CVE-2011-3005 (bmo#675747) Use after free reading OGG headers * MFSA 2011-45 Inferring keystrokes from motion data - removed obsolete mozilla-cairo-lcd.patch - rebased patches - removed XLIB_SKIP_ARGB_VISUALS=1 from environment in mozilla.sh.in (bnc#680758) ------------------------------------------------------------------- Fri Sep 16 06:57:38 UTC 2011 - wr@rosenauer.org - fixed loading of kde.js under KDE (bnc#718311) ------------------------------------------------------------------- Wed Sep 14 07:02:04 UTC 2011 - wr@rosenauer.org - add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1) - increase minversions for NSPR and NSS ------------------------------------------------------------------- Fri Sep 9 20:44:15 UTC 2011 - wr@rosenauer.org - recreated source archive to get correct source-stamp.txt ------------------------------------------------------------------- Wed Sep 7 14:30:34 UTC 2011 - pcerny@suse.com - security update to 6.0.2 (bnc#714931) * Complete blocking of certificates issued by DigiNotar (bmo#683449) ------------------------------------------------------------------- Fri Sep 2 14:40:07 UTC 2011 - pcerny@suse.com - security update to 6.0.1 (bnc#714931) * MFSA 2011-34 Protection against fraudulent DigiNotar certificates (bmo#682927) ------------------------------------------------------------------- Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org - update to 6.0 (bnc#712224) included security fixes MFSA 2011-29 * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985 Miscellaneous memory safety hazards * CVE-2011-2993 (bmo#657267) Unsigned scripts can call script inside signed JAR * CVE-2011-2988 (bmo#665934) Heap overflow in ANGLE library * CVE-2011-0084 (bmo#648094) Crash in SVGTextElement.getCharNumAtPosition() * CVE-2011-2990 Credential leakage using Content Security Policy reports * CVE-2011-2986 (bmo#655836) Cross-origin data theft using canvas and Windows D2D - removed obsolete curl header dependency (mozilla-curl.patch) ------------------------------------------------------------------- Fri Jul 22 13:34:12 UTC 2011 - wr@rosenauer.org - update to 6.0b3 * removed obsolete patches - firefox-shellservice.patch - mozilla-gio.patch - mozilla-ppc-ipc.patch - firefox-linkorder.patch - firefox-no-sync-l10n.patch - recognize linux3 as platform for symbolstore.py ------------------------------------------------------------------- Fri Jul 1 19:53:18 CEST 2011 - vuntz@opensuse.org - Add x-scheme-handler/ftp to the MimeType key in the .desktop, to let desktops know that Firefox can deal with ftp: URIs. ------------------------------------------------------------------- Fri Jul 1 06:45:08 UTC 2011 - wr@rosenauer.org - create upstream branding package again (supposedly empty) (bnc#703401) - fix build on SLE11 (changes do not affect/are not applied for later versions) ------------------------------------------------------------------- Wed Jun 22 06:41:17 UTC 2011 - wr@rosenauer.org - enable startup notification (bnc#701465) ------------------------------------------------------------------- Mon Jun 20 19:37:01 UTC 2011 - wr@rosenauer.org - update to 5.0 final - included fixes for security issues: (bnc#701296, bnc#700578) * MFSA 2011-19/CVE-2011-2374 CVE-2011-2375 Miscellaneous memory safety hazards * MFSA 2011-20/CVE-2011-2373 (bmo#617247) Use-after-free vulnerability when viewing XUL document with script disabled * MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) Memory corruption due to multipart/x-mixed-replace images * MFSA 2011-22/CVE-2011-2371 (bmo#664009) Integer overflow and arbitrary code execution in Array.reduceRight() * MFSA 2011-25/CVE-2011-2366 Stealing of cross-domain images using WebGL textures * MFSA 2011-26/CVE-2011-2367 CVE-2011-2368 Multiple WebGL crashes * MFSA 2011-27/CVE-2011-2369 (bmo#650001) XSS encoding hazard with inline SVG * MFSA 2011-28/CVE-2011-2370 (bmo#645699) Non-whitelisted site can trigger xpinstall ------------------------------------------------------------------- Mon Jun 20 09:17:42 UTC 2011 - wr@rosenauer.org - update to 5.0b7 * updated supported locales - do not build dump_syms static (not needed for us) -> fix build for openSUSE 12.1 and above ------------------------------------------------------------------- Wed Jun 15 14:59:32 UTC 2011 - wr@rosenauer.org - update to 5.0b6 - include proper revision information into the build - speedier find-external-requires.sh ------------------------------------------------------------------- Tue May 31 06:53:55 UTC 2011 - wr@rosenauer.org - update to 5.0b3 - transformed to standalone Firefox (not xulrunner based) (with new Firefox rapid release cycle it makes no sense anymore) * imported all relevant xulrunner patches - do not compile in build timestamp ------------------------------------------------------------------- Fri Apr 15 07:08:53 UTC 2011 - wr@rosenauer.org - security update to 4.0.1 (bnc#689281) * MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0079 CVE-2011-0080 CVE-2011-0081 Miscellaneous memory safety hazards * MFSA 2011-17/CVE-2011-0068 (bmo#623791) WebGLES vulnerabilities * MFSA 2011-18/CVE-2011-1202 (bmo#640339) XSLT generate-id() function heap address leak ------------------------------------------------------------------- Wed Mar 30 11:24:36 UTC 2011 - wr@rosenauer.org - add all available icon sizes ------------------------------------------------------------------- Tue Mar 29 11:55:53 UTC 2011 - cfarrell@novell.com - license update: MPLv1.1 or GPLv2+ or LGPLv2+ Sync licenses with Fedora. MPL does not state ^or later^ ------------------------------------------------------------------- Fri Mar 18 08:49:15 UTC 2011 - wr@rosenauer.org - update to version 4.0rc2 - fixed rpm macros delivered with devel package (bnc#679950) ------------------------------------------------------------------- Wed Feb 23 07:52:04 UTC 2011 - wr@rosenauer.org - update to version 4.0b12 - rebased patches ------------------------------------------------------------------- Fri Feb 4 09:32:50 UTC 2011 - wr@rosenauer.org - update to version 4.0b11 * loads of bugfixes compared to last beta * added "Do Not Track" option - rebased patches - disable testpilot ------------------------------------------------------------------- Fri Jan 28 08:56:12 UTC 2011 - wr@rosenauer.org - set correct desktop file name within KDE for 11.4 and up - add devel package with macros for extensions (from lnussel@suse.de) ------------------------------------------------------------------- Sat Jan 22 22:21:52 UTC 2011 - wr@rosenauer.org - update to version 4.0b10 - removed obsolete firefox-shell-bmo624267.patch - testpilot moved to distribution/extensions - updated locale provides and removed bn-IN from locales ------------------------------------------------------------------- Tue Jan 11 06:13:40 UTC 2011 - wr@rosenauer.org - update to version 4.0b9 - added x-scheme-handler for http and https to desktop file for newer Gnome environments - fixed default browser check/set for GIO (bmo#611953) (mozilla-shellservice.patch) - removed obsolete firefox-appname.patch (integrated into shellservice patch) - renamed desktop file to firefox.desktop for 11.4 and newer (bnc#664211) - removed support for 10.3 and older from the spec file - removed obsolete "Ximian" categories from desktop file ------------------------------------------------------------------- Mon Jan 3 17:35:46 CET 2011 - meissner@suse.de - Mirror ac_add_options --disable-ipc from xulrunner for PowerPC. ------------------------------------------------------------------- Wed Dec 15 07:49:45 UTC 2010 - wr@rosenauer.org - update to version 4.0beta8 ------------------------------------------------------------------- Tue Nov 30 14:19:59 UTC 2010 - wr@rosenauer.org - major update to version 4.0beta7 * based on mozilla-xulrunner20 * far too many internal changes to list ------------------------------------------------------------------- Wed Oct 27 07:12:14 CEST 2010 - wr@rosenauer.org - security update to 3.6.12 (bnc#649492) * MFSA 2010-73/CVE-2010-3765 (bmo#607222) Heap buffer overflow mixing document.write and DOM insertion ------------------------------------------------------------------- Wed Oct 6 07:13:52 CEST 2010 - wr@rosenauer.org - security update to 3.6.11 (bnc#645315) * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176 Miscellaneous memory safety hazards * MFSA 2010-65/CVE-2010-3179 (bmo#583077) Buffer overflow and memory corruption using document.write * MFSA 2010-66/CVE-2010-3180 (bmo#588929) Use-after-free error in nsBarProp * MFSA 2010-67/CVE-2010-3183 (bmo#598669) Dangling pointer vulnerability in LookupGetterOrSetter * MFSA 2010-68/CVE-2010-3177 (bmo#556734) XSS in gopher parser when parsing hrefs * MFSA 2010-69/CVE-2010-3178 (bmo#576616) Cross-site information disclosure via modal calls * MFSA 2010-70/CVE-2010-3170 (bmo#578697) SSL wildcard certificate matching IP addresses * MFSA 2010-71/CVE-2010-3182 (bmo#590753) Unsafe library loading vulnerabilities * MFSA 2010-72/CVE-2010-3173 Insecure Diffie-Hellman key exchange ------------------------------------------------------------------- Wed Sep 15 07:39:22 CEST 2010 - wr@rosenauer.org - update to 3.6.10 * fixing startup topcrash (bmo#594699) ------------------------------------------------------------------- Thu Aug 26 07:40:28 CEST 2010 - wr@rosenauer.org - security update to 3.6.9 (bnc#637303) * MFSA 2010-49/CVE-2010-3169 Miscellaneous memory safety hazards * MFSA 2010-50/CVE-2010-2765 (bmo#576447) Frameset integer overflow vulnerability * MFSA 2010-51/CVE-2010-2767 (bmo#584512) Dangling pointer vulnerability using DOM plugin array * MFSA 2010-53/CVE-2010-3166 (bmo#579655) Heap buffer overflow in nsTextFrameUtils::TransformText * MFSA 2010-54/CVE-2010-2760 (bmo#585815) Dangling pointer vulnerability in nsTreeSelection * MFSA 2010-55/CVE-2010-3168 (bmo#576075) XUL tree removal crash and remote code execution * MFSA 2010-56/CVE-2010-3167 (bmo#576070) Dangling pointer vulnerability in nsTreeContentView * MFSA 2010-57/CVE-2010-2766 (bmo#580445) Crash and remote code execution in normalizeDocument * MFSA 2010-59/CVE-2010-2762 (bmo#584180) SJOW creates scope chains ending in outer object * MFSA 2010-61/CVE-2010-2768 (bmo#579744) UTF-7 XSS by overriding document charset using <object> type attribute * MFSA 2010-62/CVE-2010-2769 (bmo#520189) Copy-and-paste or drag-and-drop into designMode document allows XSS * MFSA 2010-63/CVE-2010-2764 (bmo#552090) Information leak via XMLHttpRequest statusText ------------------------------------------------------------------- Wed Jul 28 08:33:14 CEST 2010 - meissner@suse.de - disable crash reporter for non x86/x86_64 to make it build. ------------------------------------------------------------------- Sat Jul 24 12:42:58 CEST 2010 - wr@rosenauer.org - security update to 3.6.8 (bnc#622506) * MFSA 2010-48/CVE-2010-2755 (bmo#575836) Dangling pointer crash regression from plugin parameter array fix ------------------------------------------------------------------- Fri Jul 16 06:48:44 CEST 2010 - wr@rosenauer.org - security update to 3.6.7 (bnc#622506) * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212 Miscellaneous memory safety hazards * MFSA 2010-35/CVE-2010-1208 (bmo#572986) DOM attribute cloning remote code execution vulnerability * MFSA 2010-36/CVE-2010-1209 (bmo#552110) Use-after-free error in NodeIterator * MFSA 2010-37/CVE-2010-1214 (bmo#572985) Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability * MFSA 2010-38/CVE-2010-1215 (bmo#567069) Arbitrary code execution using SJOW and fast native function * MFSA 2010-39/CVE-2010-2752 (bmo#574059) nsCSSValue::Array index integer overflow * MFSA 2010-40/CVE-2010-2753 (bmo#571106) nsTreeSelection dangling pointer remote code execution vulnerability * MFSA 2010-41/CVE-2010-1205 (bmo#570451) Remote code execution using malformed PNG image * MFSA 2010-42/CVE-2010-1213 (bmo#568148) Cross-origin data disclosure via Web Workers and importScripts * MFSA 2010-43/CVE-2010-1207 (bmo#571287) Same-origin bypass using canvas context * MFSA 2010-44/CVE-2010-1210 (bmo#564679) Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957) Multiple location bar spoofing vulnerabilities * MFSA 2010-46/CVE-2010-0654 (bmo#524223) Cross-domain data theft using CSS * MFSA 2010-47/CVE-2010-2754 (bmo#568564) Cross-origin data leakage from script filename in error messages ------------------------------------------------------------------- Sun Jun 27 20:24:31 CEST 2010 - wr@rosenauer.org - update to 3.6.6 release * modifies the crash protection feature to increase the amount of time that plugins are allowed to be non-responsive before being terminated. ------------------------------------------------------------------- Wed Jun 23 14:40:35 CEST 2010 - wr@rosenauer.org - update to final 3.6.4 release (bnc#603356) * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/ CVE-2010-1203 Crashes with evidence of memory corruption (rv:1.9.2.4) * MFSA 2010-28/CVE-2010-1198 (bmo#532246) Freed object reuse across plugin instances * MFSA 2010-29/CVE-2010-1196 (bmo#534666) Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal * MFSA 2010-30/CVE-2010-1199 (bmo#554255) Integer Overflow in XSLT Node Sorting * MFSA 2010-31/CVE-2010-1125 (bmo#552255) focus() behavior can be used to inject or steal keystrokes * MFSA 2010-32/CVE-2010-1197 (bmo#537120) Content-Disposition: attachment ignored if Content-Type: multipart also present * MFSA 2010-33/CVE-2008-5913 (bmo#475585) User tracking across sites using Math.random() ------------------------------------------------------------------- Mon Jun 7 07:07:33 CEST 2010 - wr@rosenauer.org - update to 3.6.4(build6) ------------------------------------------------------------------- Sun Apr 18 09:42:40 CEST 2010 - wr@rosenauer.org - security update to 3.6.4 (Lorentz) * enable crashreporter also for x86-64 * Flash runs in a separate process to avoid crashing Firefox (ix86 only; x86-64 still uses nspluginwrapper) ------------------------------------------------------------------- Thu Apr 1 11:15:38 UTC 2010 - wr@rosenauer.org - security update to 3.6.3 * MFSA 2010-25/CVE-2010-1121 (bmo#555109) Re-use of freed object due to scope confusion ------------------------------------------------------------------- Thu Mar 18 06:43:33 CET 2010 - wr@rosenauer.org - security update to version 3.6.2 (bnc#586567) * MFSA 2010-08/CVE-2010-1028 WOFF heap corruption due to integer overflow * MFSA 2010-09/CVE-2010-0164 (bmo#547143) Deleted frame reuse in multipart/x-mixed-replace image * MFSA 2010-10/CVE-2010-0170 (bmo#541530) XSS via plugins and unprotected Location object * MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167 Crashes with evidence of memory corruption * MFSA 2010-12/CVE-2010-0171 (bmo#531364) XSS using addEventListener and setTimeout on a wrapped object * MFSA 2010-13/CVE-2010-0168 (bmo#540642) Content policy bypass with image preloading * MFSA 2010-14/CVE-2010-0169 (bmo#535806) Browser chrome defacement via cached XUL stylesheets * MFSA 2010-15/CVE-2010-0172 (bmo#537862) Asynchronous Auth Prompt attaches to wrong window * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174 Crashes with evidence of memory corruption * MFSA 2010-18/CVE-2010-0176 (bmo#538308) Dangling pointer vulnerability in nsTreeContentView * MFSA 2010-19/CVE-2010-0177 (bmo#538310) Dangling pointer vulnerability in nsPluginArray * MFSA 2010-20/CVE-2010-0178 (bmo#546909) Chrome privilege escalation via forced URL drag and drop * MFSA 2010-22/CVE-2009-3555 (bmo#545755) Update NSS to support TLS renegotiation indication * MFSA 2010-23/CVE-2010-0181 (bmo#452093) Image src redirect to mailto: URL opens email editor * MFSA 2010-24/CVE-2010-0182 (bmo#490790) XMLDocument::load() doesn't check nsIContentPolicy ------------------------------------------------------------------- Mon Jan 18 09:42:50 CET 2010 - wr@rosenauer.org - update to 3.6rc2 (already named 3.6.0) - removed obsolete orbit-devel build requirement ------------------------------------------------------------------- Wed Jan 6 17:15:40 CET 2010 - wr@rosenauer.org - major update to 3.6rc1 ------------------------------------------------------------------- Fri Dec 25 09:39:42 CET 2009 - wr@rosenauer.org - update to version 3.5.7 (bnc#568011) * DNS resolution in MakeSN of nsAuthSSPI causing issues for proxy servers that support NTLM auth (bmo#535193) - added missing lockdown preferences (bnc#567131) ------------------------------------------------------------------- Thu Dec 17 20:06:38 CET 2009 - wr@rosenauer.org - readded firefox-ui-lockdown.patch (bnc#546158) ------------------------------------------------------------------- Thu Dec 3 21:53:59 CET 2009 - wr@rosenauer.org - security update to version 3.5.6 (bnc#559807) * MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982 Crashes with evidence of memory corruption (rv:1.9.1.6) * MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816) Memory safety fixes in liboggplay media library * MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613) Integer overflow, crash in libtheora video library * MFSA 2009-68/CVE-2009-3983 (bmo#487872) NTLM reflection vulnerability * MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities * MFSA 2009-70/VE-2009-3986 (bmo#522430) Privilege escalation via chrome window.opener - fixed firefox-browser-css.patch (bnc#561027) ------------------------------------------------------------------- Mon Nov 23 22:31:21 CET 2009 - wr@rosenauer.org - rebased patches for fuzz=0 ------------------------------------------------------------------- Thu Nov 5 19:49:33 UTC 2009 - wr@rosenauer.org - update to version 3.5.5 (bnc#553172) ------------------------------------------------------------------- Sat Oct 17 23:19:23 CEST 2009 - wr@rosenauer.org - security update to version 3.5.4 (bnc#545277) * MFSA 2009-52/CVE-2009-3370 (bmo#511615) Form history vulnerable to stealing * MFSA 2009-53/CVE-2009-3274 (bmo#514823) Local downloaded file tampering * MFSA 2009-54/CVE-2009-3371 (bmo#514554) Crash with recursive web-worker calls * MFSA 2009-55/CVE-2009-3372 (bmo#500644) Crash in proxy auto-configuration regexp parsing * MFSA 2009-56/CVE-2009-3373 (bmo#511689) Heap buffer overflow in GIF color map parser * MFSA 2009-57/CVE-2009-3374 (bmo#505988) Chrome privilege escalation in XPCVariant::VariantDataToJS() * MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862) Heap buffer overflow in string to number conversion * MFSA 2009-61/CVE-2009-3375 (bmo#503226) Cross-origin data theft through document.getSelection() * MFSA 2009-62/CVE-2009-3376 (bmo#511521) Download filename spoofing with RTL override * MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378 Upgrade media libraries to fix memory safety bugs * MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383 Crashes with evidence of memory corruption - removed upstreamed patch * firefox-bug506901.patch ------------------------------------------------------------------- Wed Oct 7 20:11:24 CEST 2009 - llunak@novell.com - fix KDE button order in one more place (bnc#170055) ------------------------------------------------------------------- Fri Oct 2 20:26:49 CEST 2009 - wr@rosenauer.org - improve UI colors to be usable with dark themes at all (firefox-browser-css.patch) (bnc#503351) - extend list of supported architectures as ABI identifier (mozilla-abi.patch) (bnc#543460) ------------------------------------------------------------------- Mon Sep 14 00:07:55 CEST 2009 - wr@rosenauer.org - added KDE integration patch from llunak@novell.com (firefox-kde.patch) * support for knotify, making -kde4-addon obsolete * KDE-specific support functional (bnc#170055) - do not build libnkgnomevfs (bmo#512671) (firefox-no-gnomevfs) ------------------------------------------------------------------- Thu Sep 10 09:34:26 CEST 2009 - wr@rosenauer.org - security update to version 3.5.3 (bnc#534458) * MFSA 2009-47/CVE-2009-3069/CVE-2009-3070/CVE-2009-3071/ CVE-2009-3072/CVE-2009-3073/CVE-2009-3074/CVE-2009-3075 Crashes with evidence of memory corruption * MFSA 2009-49/CVE-2009-3077 (bmo#506871) TreeColumns dangling pointer vulnerability * MFSA 2009-50/CVE-2009-3078 (bmo#453827) Location bar spoofing via tall line-height Unicode characters * MFSA 2009-51/CVE-2009-3079 (bmo#454363) Chrome privilege escalation with FeedWriter ------------------------------------------------------------------- Wed Aug 19 22:14:07 CEST 2009 - wr@rosenauer.org - renamed patch firefox-contextmenu-gnome to firefox-cross-desktop as it contains more tweaks to handle non-Gnome environments and especially KDE integration: * added the ability to set the KDE default browser (still part of bnc#170055) ------------------------------------------------------------------- Sat Aug 8 00:14:18 CEST 2009 - wr@rosenauer.org - split -translations package into -common and -other (bnc#529180) - remove "set as background" from context menu if not running in Gnome (part of bnc#170055) ------------------------------------------------------------------- Fri Jul 31 09:01:57 CEST 2009 - wr@rosenauer.org - security update to version 3.5.2 * MFSA 2009-38/CVE-2009-2470 (bmo#459524) Data corruption with SOCKS5 reply containing DNS name longer than 15 characters * MFSA 2009-44/CVE-2009-2654 (bmo#451898) Location bar and SSL indicator spoofing via window.open() on invalid URL * MFSA 2009-45 Crashes with evidence of memory corruption * MFSA 2009-46 (bmo#498897) Chrome privilege escalation due to incorrectly cached wrapper * various other stability fixes - export MOZ_APP_LAUNCHER in the startscript (bmo#453689) ------------------------------------------------------------------- Tue Jul 28 14:54:46 CEST 2009 - wr@rosenauer.org - fixed %exclude usage - fixed preferences' advanced pane for fresh profiles (bmo#506901) ------------------------------------------------------------------- Wed Jul 15 20:13:19 CEST 2009 - wr@rosenauer.org - security update to version 3.5.1 * MFSA 2009-41 Corrupt JIT state after deep return from native function ------------------------------------------------------------------- Mon Jul 6 12:33:47 CEST 2009 - wr@rosenauer.org - added mozilla-linkorder.patch to fix build with --as-needed ------------------------------------------------------------------- Tue Jun 30 08:52:00 CEST 2009 - wr@rosenauer.org - update to final version 3.5 (20090623) ------------------------------------------------------------------- Tue Jun 23 09:39:50 CEST 2009 - wr@rosenauer.org - fixed build by linking to a real file ------------------------------------------------------------------- Thu Jun 18 10:19:40 CEST 2009 - wr@rosenauer.org - update to version 3.5rc2 (20090617) - BuildRequire mozilla-xulrunner191 = 1.9.1.0 ------------------------------------------------------------------- Sat Jun 6 15:59:02 CEST 2009 - wr@rosenauer.org - update to version 3.5b99 (20090604) - BuildRequire mozilla-xulrunner191 = 1.9.1b99 ------------------------------------------------------------------- Wed May 27 08:03:16 CEST 2009 - wr@rosenauer.org - fixed typos in improved xulrunner dependencies ------------------------------------------------------------------- Mon May 11 18:25:12 CEST 2009 - wr@rosenauer.org - use non-localized Downloads folder (bnc#501724) ------------------------------------------------------------------- Mon May 4 07:57:50 CEST 2009 - wr@rosenauer.org - update to new major version 3.5b4 * based on Gecko 1.9.1 (mozilla-xulrunner191) * Private Browsing Mode * TraceMonkey JavaScript engine * Geolocation support * native JSON and web worker threads support * speculative parsing for faster content rendering * Some HTML5 support - updated firefox.schemas - improved firefox-no-update.patch ------------------------------------------------------------------- Tue Apr 28 10:47:54 CEST 2009 - wr@rosenauer.org - security update to 3.0.10 * MFSA 2009-23/CVE-2009-1313 (bmo#489647) Crash in nsTextFrame::ClearTextRun() ------------------------------------------------------------------- Thu Apr 16 13:52:21 CEST 2009 - wr@rosenauer.org - security update to 3.0.9 (bnc#495473) * MFSA 2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304/CVE-2009-1305 Crashes with evidence of memory corruption (rv:1.9.0.9) * MFSA 2009-15/CVE-2009-0652 (bmo#479336) URL spoofing with box drawing character * MFSA 2009-16/CVE-2009-1306 (bmo#474536) jar: scheme ignores the content-disposition: header on the inner URI * MFSA 2009-17/CVE-2009-1307 (bmo#481342) Same-origin violations when Adobe Flash loaded via view-source: scheme * MFSA 2009-18/CVE-2009-1308 (bmo#481558) XSS hazard using third-party stylesheets and XBL bindings * MFSA 2009-19/CVE-2009-1309 (bmo#482206,478433) Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString * MFSA 2009-20/CVE-2009-1310 (bmo#483086) Malicious search plugins can inject code into arbitrary sites * MFSA 2009-21/CVE-2009-1311 (bmo#471962) POST data sent to wrong site when saving web page with embedded frame * MFSA 2009-22/CVE-2009-1312 (bmo#475636) Firefox allows Refresh header to redirect to javascript: URIs ------------------------------------------------------------------- Fri Mar 27 09:43:43 CET 2009 - wr@rosenauer.org - security update to 1.9.0.8 (bnc#488955,489411) * MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation * MFSA 2009-13/CVE-2009-1044 (bmo#484320) Arbitrary code execution via XUL tree moveToEdgeShift - allow RPM provides for stuff besides shared libraries (e.g. mime-types) ------------------------------------------------------------------- Sun Mar 1 11:08:58 CET 2009 - wr@rosenauer.org - security update to 3.0.7 (bnc#478625) * MFSA 2009-07 - Crashes with evidence of memory corruption CVE-2009-0771 - Layout Engine Crashes CVE-2009-0772 - Layout Engine Crashes CVE-2009-0773 - crashes in the JavaScript engine CVE-2009-0774 - Layout Engine Crashes * MFSA 2009-08/CVE-2009-0775 - (bmo#474456) Mozilla Firefox XUL Linked Clones Double Free Vulnerability * MFSA 2009-09/CVE-2009-0776 (bmo#414540) XML data theft via RDFXMLDataSource and cross-domain redirect * MFSA 2009-10/CVE-2009-0040 (bmo#478901) Upgrade PNG library to fix memory safety hazards * MFSA 2009-11/CVE-2009-0777 (bmo#452979) URL spoofing with invisible control characters ------------------------------------------------------------------- Wed Feb 4 18:58:59 EST 2009 - hfiguiere@suse.de - Review and approve changes. ------------------------------------------------------------------- Wed Jan 28 13:48:00 CET 2009 - wr@rosenauer.org - security update to 3.0.6 (bnc#470074) * MFSA 2009-06/CVE-2009-0358: Directives to not cache pages ignored (bmo#441751) * MFSA 2009-05/CVE-2009-0357: XMLHttpRequest allows reading HTTPOnly cookies (bmo#380418) * MFSA 2009-04/CVE-2009-0356: Chrome privilege escalation via local .desktop files (bmo#460425) * MFSA 2009-03/CVE-2009-0355: Local file stealing with SessionStore (bmo#466937) * MFSA 2009-02/CVE-2009-0354: XSS using a chrome XBL method and window.eval (bmo#468581) * MFSA 2009-01/CVE-2009-0352 - CVE-2009-0353: Crashes with evidence of memory corruption (rv:1.9.0.6) (bmo#452913, bmo#449006, bmo#331088, bmo#401042, bmo#416461, bmo#422283, bmo#422301, bmo#431705, bmo#437142, bmo#421839, bmo#420697, bmo#461027) * (non security) added lv locale ------------------------------------------------------------------- Thu Jan 22 11:09:42 EST 2009 - hfiguiere@suse.de - Fix the wrapper script for PowerPC 64-bits (bnc#464753) ------------------------------------------------------------------- Wed Dec 17 13:13:25 EST 2008 - hfiguiere@suse.de - Review and approve changes. ------------------------------------------------------------------- Mon Dec 15 16:41:57 CET 2008 - wr@rosenauer.org - security update to 1.9.0.5 (bnc#455804) for details http://www.mozilla.org/security/known-vulnerabilities/firefox30.html * removed aboutRights workaround again * added et locale ------------------------------------------------------------------- Tue Nov 25 10:14:45 EST 2008 - hfiguiere@suse.de - Review and approve changes. ------------------------------------------------------------------- Sat Nov 22 13:26:03 CET 2008 - wr@rosenauer.org - replace license agreement with about:rights toolbar (backported from upcoming FF 3.0.5) (bnc#436054, bmo#456439) (it's always displayed in en-US) ------------------------------------------------------------------- Fri Nov 21 03:11:41 EST 2008 - hfiguiere@suse.de - Update firefox-lockdown-ui.patch * Print Setup is now properly locked down. bnc#431028 * Bookmark editing it now properly locked down. bnc#439335 * Bookmars are properly hidden. * History is properly locked down. bnc#439343 * Make sure the search bar is not put back when resetting the toolbar. bnc#439358 ------------------------------------------------------------------- Thu Nov 20 18:49:19 CST 2008 - maw@suse.de - Review and approve changes. ------------------------------------------------------------------- Thu Nov 13 08:22:13 CET 2008 - wr@rosenauer.org - lockdown cleanup * removed gecko-lockdown.patch from Firefox (it's in xulrunner) * stripped out some toolkit stuff from firefox-ui-lockdown * added extra default preferences for lockdown ------------------------------------------------------------------- Wed Nov 12 17:55:19 CST 2008 - maw@suse.de - Review and approve changes. ------------------------------------------------------------------- Tue Nov 11 09:15:59 CET 2008 - wr@rosenauer.org - update to security/maintenance release 3.0.4 (bnc#439841) * support additional locales (bg, cy, eo, oc) - removed obsolete configure option (enable-gconf) ------------------------------------------------------------------- Fri Nov 7 15:39:54 CST 2008 - maw@suse.de - Review and approve changes. ------------------------------------------------------------------- Tue Nov 4 23:27:03 CET 2008 - wr@rosenauer.org - moved gconf schema into branding packages (bnc#441646) ------------------------------------------------------------------- Tue Oct 28 16:16:14 EDT 2008 - hfiguiere@suse.de - Fix missing %endif (for fix for bnc#434283) ------------------------------------------------------------------- Mon Oct 27 17:05:02 EDT 2008 - hfiguiere@suse.de - Add disable_show_passwords to firefox.schemas. (FATE #301534) ------------------------------------------------------------------- Mon Oct 27 11:57:29 CET 2008 - wr@rosenauer.org - make biarch dependencies work correctly (bnc#434283) ------------------------------------------------------------------- Thu Oct 23 10:14:22 EDT 2008 - hfiguiere@suse.de - Added firefox-ui-lockdown.patch and gecko-lockdown.patch * Lockdown: FATE#302023, FATE#302024 ------------------------------------------------------------------- Mon Oct 6 14:55:48 CEST 2008 - sbrabec@suse.cz - Conflict with other branding providers (FATE#304881). ------------------------------------------------------------------- Mon Sep 29 12:27:43 CDT 2008 - maw@suse.de - Review and approve changes. ------------------------------------------------------------------- Mon Sep 29 11:36:30 CDT 2008 - maw@suse.de - Remove a reference to a stale patch. ------------------------------------------------------------------- Sun Sep 28 18:19:26 CEST 2008 - wr@rosenauer.org - update to regression fix release 3.0.3 * Fixed a problem where users were unable to retrieve saved passwords or save new passwords (bmo#454708, bnc#429179#c20, CVE-2008-4063, CVE-2008-4064, CVE-2008-3836, andCVE-2008-4070) ------------------------------------------------------------------- Thu Sep 25 14:47:13 CDT 2008 - maw@suse.de - Review and approve changes. ------------------------------------------------------------------- Mon Sep 15 13:45:16 CEST 2008 - wr@rosenauer.org - update to security/maintenance release 3.0.2 (bnc#429179) - removed unused files from sources - fix more rpmlint complaints and provide a config file to filter false positives - disable Gnome crashreporter as it has no value - brought man-page up to date for the firefox stub (removing firefox-bin reference) - en-US locale not longer packaged in translations subpackage ------------------------------------------------------------------- Fri Aug 15 18:56:26 CDT 2008 - maw@novell.com - Review and approve changes. ------------------------------------------------------------------- Mon Aug 4 09:26:05 CEST 2008 - wr@rosenauer.org - Tweak branding split ------------------------------------------------------------------- Tue Jul 29 15:02:47 CEST 2008 - vuntz@novell.com - Create branding package (bnc#390752): + search-addons.tar.bz2, bookmarks.html.suse and firefox-suse-default-prefs.js will be moved to MozillaFirefox-branding-openSUSE + create a MozillaFirefox-branding-upstream package ------------------------------------------------------------------- Mon Jul 28 20:54:22 CEST 2008 - mauro@suse.de - Update to stability/security release 3.0.1 (bnc#407573) (thanks, Wolfgang) + MFSA 2008-36 Crash with malformed GIF file on Mac OS X + MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running + MFSA 2008-34 Remote code execution by overflowing CSS reference counter - Set browser.shell.checkDefaultBrowser to true (bnc#404119) ------------------------------------------------------------------- Tue Jun 17 18:49:33 CEST 2008 - maw@suse.de - Merge changes from the build service (thanks, Wolfgang) (bnc#400001 and SWAMP#18164). ------------------------------------------------------------------- Tue Jun 17 14:40:04 CEST 2008 - wr@rosenauer.org - update to version 3.0 - fixed double entry in bookmarks for www.opensuse.org (bnc#396980 ------------------------------------------------------------------- Thu May 15 13:45:51 CEST 2008 - aj@suse.de - Add Planet SUSE, forums.o.o and How to participate to default URLs. ------------------------------------------------------------------- Fri May 2 16:25:24 CEST 2008 - maw@suse.de - network.protocol-handler.app.* prefs are no longer supported; remove references to them from firefox-suse-default-prefs.js (bnc#383697). ------------------------------------------------------------------- Thu Apr 3 01:42:34 CEST 2008 - maw@suse.de - Update to Firefox 3.0b5 (2.9.95) (thanks, Wolfgang). ------------------------------------------------------------------- Wed Mar 26 01:05:18 CET 2008 - maw@suse.de - Merge changes from the build service (thanks, Wolfgang) - Update to the fourth Firefox 3.0 Beta (2.9.94): + Based upon the Gecko 1.9 Web rendering platform, which improves performance, stability, and rendering correctness; it also boasts a considerable simplification in its code + Security improvements: * One-click site info * Malware Protection * New Web Forgery Protection page * New SSL error pages * Add-ons and Plugin version check * Secure add-on updates * Effective top-level domain (eTLD) service to better restrict cookies and other restricted content to a single domain * Better protection against cross-site JSON data leaks + Usability improvements: * Easier password management * Simplified add-on installation * New Download Manager * Resumable downloading * Full page zoom * Podcasts and Videocasts can be associated with your media playback tools * Tab scrolling and quickmenu * Save what you were doing: Firefox will prompt users to save tabs on exit * Optimized Open in Tabs behavior * Location and Search bar size can now be customized with a simple resizer item * Text selection improvements * Find toolbar * Improved integration with Linux: Firefox's default icons, buttons, and menu styles now use the native GTK theme + Personalization improvements: * Star button: quickly add bookmarks from the location bar with a single click; a second click lets you file and tag them * Tags: associate keywords with your bookmarks to sort them by topic * Location bar & auto-complete * Smart Bookmarks Folder * Places Organizer: view, organize and search through all of your bookmarks, tags, and browsing history with multiple views and smart folders to store your frequent searches * Web-based protocol handlers * Download & Install Add-ons * Easy to use Download Actions + Improved platform for web developers: * New graphics and font handling: new graphics and text rendering architectures in Gecko 1.9 provides rendering improvements in CSS, SVG as well as improved display of fonts with ligatures and complex scripts * Color management: (set gfx.color_management.enabled on in about:config and restart the browser to enable.); Firefox can now adjust images with embedded color profiles * Offline support: enables web applications to provide offline functionality (website authors must add support for offline browsing to their site for this feature to be available to users) + Improved performance: * Speed: improvements to the JavaScript engine as well as profile guided optimizations have resulted in significant improvements in performance; compared to Firefox 2, web applications like Google Mail and Zoho Office run twice as fast in Firefox 3 Beta 4, and the popular SunSpider test from Apple shows improvements over previous releases * Memory usage: Several new technologies work together to reduce the amount of memory used by Firefox 3 Beta 4 over a web browsing session; memory cycles are broken and collected by an automated cycle collector, a new memory allocator reduces fragmentation, hundreds of leaks have been fixed, and caching strategies have been tuned * Reliability: A user's bookmarks, history, cookies, and preferences are now stored in a transactionally secure database format which will prevent data loss even if their system crashes - This version depends upon the mozilla-xulrunner190 package - Drop various stale packages, respin several that have been kept around, and add a few new ones. ------------------------------------------------------------------- Mon Feb 11 18:18:14 CET 2008 - maw@suse.de - Security update to version 2.0.0.12 (bnc#354469): + MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay + MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect + MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files + MFSA 2008-08/CVE-2008-0591 File action dialog tampering + MFSA 2008-06/CVE-2008-0419 Web browsing history and forward navigation stealing + MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI + MFSA 2008-04/CVE-2008-0417 Stored password corruption + MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote Code Execution + MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing vulnerabilities + MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory corruption (rv:1.8.1.12) - Reference libaoss.so in start script (bnc#117079) - Remove mozilla-canvas-1.8.1.10.patch, as it has been upstreamed - Update firefox-ui-lockdown.patch (FATE#301534, FATE#302023, and FATE#302024) - Add application/x-xpinstall mime type to MozillaFirefox.desktop - Add MozillaFirefox.xml to bind .xpi to application/x-xpinstall in desktop. ------------------------------------------------------------------- Thu Jan 17 17:52:47 CET 2008 - maw@suse.de - Add mozilla-maxpathlen.patch (#354150 and bmo #412610). ------------------------------------------------------------------- Fri Dec 21 18:46:50 CET 2007 - maw@suse.de - Add firefox-348446-empty-lists.patch (bnc#348446). ------------------------------------------------------------------- Wed Dec 5 02:21:26 CET 2007 - maw@suse.de - Respin proxy-dev.patch (bnc#340678) -- thanks, Anders! ------------------------------------------------------------------- Tue Nov 27 18:25:25 CET 2007 - maw@suse.de - Security update to version 2.0.0.10 (#341905, #341591): + MFSA 2007-39 Referer-spoofing via window.location race condition + MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10) + MFSA 2007-37 jar: URI scheme XSS hazard + Fixes for regressions introduced in 2.0.0.8 + Updated dbus.patch, startup.patch, misc.dif, and configure.patch - Add mozilla-gcc4.3-fixes.patch - Add mozilla-canvas-1.8.1.10.patch (#341591#c10). ------------------------------------------------------------------- Mon Nov 26 18:27:25 CET 2007 - maw@suse.de - Build with -ftree-vrp -fwrapv, per advice in #342603#c17. ------------------------------------------------------------------- Tue Nov 13 17:49:01 CET 2007 - maw@suse.de - Add firefox-gcc4.3-fixes.patch. ------------------------------------------------------------------- Fri Oct 19 02:04:45 CEST 2007 - maw@suse.de - Security update to version 2.0.0.8 (#332512) (thanks, Wolfgang) * MFSA 2007-29 Crashes with evidence of memory corruption * MFSA 2007-30 onUnload Tailgating * MFSA 2007-31 Digest authentication request splitting * MFSA 2007-32 File input focus stealing vulnerability * MFSA 2007-33 XUL pages can hide the window titlebar * MFSA 2007-34 Possible file stealing through sftp protocol * MFSA 2007-35 XPCNativeWraper pollution using Script object complete advisories on http://www.mozilla.org/projects/security/known-vulnerabilities.html ------------------------------------------------------------------- Sun Sep 23 19:49:12 CEST 2007 - maw@suse.de - Don't explicitly require libaoss.so (#326751). ------------------------------------------------------------------- Fri Sep 14 23:13:06 CEST 2007 - maw@suse.de - Update the Novell Support search plugin in search-addons.tar.bz2 (#297261) - Set the browser.tabs.loadFolderAndReplace preference to false by default (#230759). ------------------------------------------------------------------- Wed Sep 12 15:21:06 CEST 2007 - dmueller@suse.de - fix hardlinks accross partitions ------------------------------------------------------------------- Thu Sep 6 16:07:12 CEST 2007 - maw@suse.de - Add http://software.opensuse.org/search?baseproject=openSUSE:10.3 to the default bookmarks (#308223). ------------------------------------------------------------------- Mon Sep 3 22:33:09 CEST 2007 - ro@suse.de - move last change a bit further in specfile ------------------------------------------------------------------- Fri Aug 31 18:36:16 CEST 2007 - maw@suse.de - Mark a .png file as nonexecutable. ------------------------------------------------------------------- Tue Aug 28 16:44:08 CEST 2007 - maw@suse.de - Minor .spec update (#305193) + Remove two obsolete patches + Correct releasedate + Include only the officially supported locales. ------------------------------------------------------------------- Wed Aug 22 17:53:03 CEST 2007 - maw@suse.de - Merge changes from the build service (thanks, Wolfgang): + Provide locale dependency information (#302288) + Add x11-session.patch, supporting X11 session management (#227047) + Update to version 2.0.0.6 * MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows * MFSA 2007-27 Unescaped URIs passed to external programs (only relevant on Windows) - Use %fdupes. ------------------------------------------------------------------- Tue Aug 21 09:45:35 CEST 2007 - aj@suse.de - Adjust bookmarks: Add news.opensuse.org, use new software.o.o page. ------------------------------------------------------------------- Thu Aug 16 14:57:27 CEST 2007 - mauro@suse.de - Revert previous change. ------------------------------------------------------------------- Tue Aug 14 11:58:23 CEST 2007 - mauro@suse.de - Added support for ymp in the mimetypes.rdf - Added OneClickInstallUrlHandler for handing the actual call from firefox. - Fixes bnc #295677 ------------------------------------------------------------------- Mon Jul 23 18:57:07 CEST 2007 - maw@suse.de - Security update to version 2.0.0.5 (#288115) which has fixes for: MFSA 2007-18 CVE-2007-3734 - Browser flaws CVE-2007-3735 - Javascript flaws MFSA 2007-19 CVE-2007-3736 MFSA 2007-20 CVE-2007-3089 MFSA 2007-21 CVE-2007-3737 MFSA 2007-22 CVE-2007-3285 MFSA 2007-23 CVE-2007-3670 MFSA 2007-24 CVE-2007-3656 MFSA 2007-25 CVE-2007-3738 ------------------------------------------------------------------- Thu Jun 21 15:59:01 CEST 2007 - adrian@suse.de - fix changelog entry order ------------------------------------------------------------------- Mon Jun 18 13:22:42 CDT 2007 - maw@suse.de - Use mozilla.sh.in from the build service (#230681). ------------------------------------------------------------------- Tue Jun 5 15:55:08 CEST 2007 - sbrabec@suse.cz - Removed invalid desktop category "Application" (#254654). ------------------------------------------------------------------- Mon Jun 4 19:53:35 CDT 2007 - maw@suse.de - Security update to version 2.0.0.4 - Refresh configure.patch, startup.patch, and visibility.patch - Now use l10n-%{version}.tar.bz2 instead of l10n.tar.bz2. ------------------------------------------------------------------- Mon Apr 30 16:49:55 CEST 2007 - ro@suse.de - added unzip to BuildRequires ------------------------------------------------------------------- Wed Apr 18 14:16:44 CEST 2007 - mfabian@suse.de - add Japanese to the languages which get PANGO enabled in the start script to support the Japanese combining characters U+3099 U+309A (see bugzilla #262718 comment #29). ------------------------------------------------------------------- Mon Mar 12 11:06:10 CST 2007 - maw@suse.de - Package gconf stuff. ------------------------------------------------------------------- Wed Feb 21 16:37:25 CST 2007 - maw@suse.de - Security update to 2.0.0.2 (#244923), which covers: + mfsa2007-01 * CVE-2007-0775 - layout engine crashes * CVE-2007-0776 - SVG * CVE-2007-0777 - javascript engine corruption + mfsa2007-02 * CVE-2007-0995 - Invalid trailing characters in HTML tag attributes * CVE-2007-0996 - Child frame character set inheritance * CVE-2006-6077 - Injected password forms + mfsa2007-02 + mfsa2007-03 * CVE-2007-0078 + mfsa2007-04 * CVE-2007-0079 + mfsa2007-05 * CVE-2007-0780 * CVE-2007-0800 + mfsa2007-06 * CVE-2007-0008 - client flaw * CVE-2007-0009 - server flaw + mfsa2007-07 * CVE-2007-0981 - Updates mozilla.sh.in (#230681) - Fixes #232209 - Updates the man page (#243037) - Properly propagates exit codes (#241492) - Adds em-356370.patch (#217374) ------------------------------------------------------------------- Thu Jan 25 10:16:56 CST 2007 - maw@suse.de - Fixup the Gnome paths, keeping in closer sync with the buildservice. ------------------------------------------------------------------- Thu Jan 18 09:27:54 CST 2007 - maw@suse.de - Gnome is now in /usr, so remove references to /opt/gnome - Install firefox.png with the executable bit not set. ------------------------------------------------------------------- Wed Jan 10 12:57:39 CET 2007 - meissner@suse.de - readd MozillaFirebird provides (was incorrect in removing it). ------------------------------------------------------------------- Mon Jan 8 11:16:08 CET 2007 - meissner@suse.de - Do not provide MozillaFirebird, just obsolete it. ------------------------------------------------------------------- Fri Dec 1 02:22:49 CET 2006 - maw@suse.de - Update gecko-lockdown.patch (#220616). ------------------------------------------------------------------- Thu Nov 30 19:02:54 CET 2006 - maw@suse.de - Update firefox-suse-default-prefs.js, adding 'pref("browser.backspace_action", 2);' (#217374) ------------------------------------------------------------------- Thu Nov 30 08:17:28 CET 2006 - aj@suse.de - Fix last change (#224431). ------------------------------------------------------------------- Wed Nov 29 11:45:47 CET 2006 - aj@suse.de - Change download bookmark (#224431). - Rename bookmark folder to openSUSE. ------------------------------------------------------------------- Tue Nov 28 08:09:48 CET 2006 - aj@suse.de - Sync from Buildservice with following critical fixes (thanks Wolfgang Rosenauer!): * fixed system-proxies.patch to actually work (#223881). * Rearrange Bookmarks to pass trademark review. ------------------------------------------------------------------- Mon Nov 27 19:40:44 CET 2006 - aj@suse.de - Fix tango theme (#223796). ------------------------------------------------------------------- Mon Nov 27 17:40:50 CET 2006 - aj@suse.de - Use www.opensuse.org as home page. ------------------------------------------------------------------- Sun Nov 12 11:28:00 CET 2006 - aj@suse.de - Set novell.com as home page. - Update from BuildService (thanks Wolfgang!): - fixed crash in htmlparser (#217257, bmo #358797) - added gconf2 as PreReq (#212505) - added 32bit libaoss.so as requirement (#216266) - Removed SUSE searchplugin (Portal not available anymore) (#216054) - Removed obsolete xul-picker.patch and system-nspr.patch - Fixed building on 10.1 and 10.0 (dbus) - Removed obsolete throbber preference ------------------------------------------------------------------- Thu Nov 9 19:09:46 CET 2006 - jhargadon@suse.de - updated tango theme ------------------------------------------------------------------- Sun Oct 29 12:05:46 CET 2006 - aj@suse.de - Another fix for 214125, patch by Wolfgang Rosenauer. ------------------------------------------------------------------- Thu Oct 26 06:58:59 CEST 2006 - aj@suse.de - Fix gcc warnings about undefined operations, patch by Robert O'Callahan. - Update system-proxies.patch to fix error box (214125), patch by Robert O'Callahan. ------------------------------------------------------------------- Mon Oct 23 21:54:54 CEST 2006 - aj@suse.de - Update to current CVS version of 2.0. - Use www.opensuse.org as default home page for now (#203547). ------------------------------------------------------------------- Sat Oct 21 08:53:50 CEST 2006 - aj@suse.de - Disable non-working plasticfox and tango themes. ------------------------------------------------------------------- Fri Oct 20 20:16:29 CEST 2006 - aj@suse.de - Fix building of locales. ------------------------------------------------------------------- Fri Oct 20 11:27:23 CEST 2006 - mkoenig@suse.de - update to version 2.0rc3: * New features: Visual Refresh, Built-in phishing protection, Enhanced search capabilities, Improved tabbed browsing, Resuming your browsing session, Previewing and subscribing to Web feeds, Inline spell checking, Live Titles, Improved Add-ons manager, JavaScript 1.7, Extended search plugin format, Updates to the extension system, Client-side session and persistent storage, SVG text ------------------------------------------------------------------- Tue Oct 17 11:26:44 CEST 2006 - meissner@suse.de - disabled debugging. ------------------------------------------------------------------- Tue Sep 12 20:27:02 CEST 2006 - stark@suse.de - security update to version 1.5.0.7 ------------------------------------------------------------------- Mon Aug 21 12:53:50 CEST 2006 - stark@suse.de - added greasemonkey helper change (#199920) - fixed packager.mk for new make version ------------------------------------------------------------------- Fri Aug 11 20:51:48 CEST 2006 - stark@suse.de - fixed crash in dbus component (patch by thoenig #197928) - use external adresses for PAC configuration (#196506) ------------------------------------------------------------------- Mon Aug 7 09:26:58 CEST 2006 - stark@suse.de - added symlink for Firefox 1.0.x compatibility ------------------------------------------------------------------- Sat Jul 29 08:48:53 CEST 2006 - stark@suse.de - update to regression release 1.5.0.6 (#195043) ------------------------------------------------------------------- Thu Jul 27 06:20:36 CEST 2006 - stark@suse.de - security update to version 1.5.0.5 (#195043) * observer-lock.patch integrated now - fixed leak in JS' liveconnect (#186066) - fixed desktop file for old distributions (StartupNotify=false) ------------------------------------------------------------------- Thu Jun 29 20:13:28 CEST 2006 - stark@suse.de - fixed printing crash if the last used printer is not available anymore (#187013) ------------------------------------------------------------------- Fri Jun 16 22:11:22 CEST 2006 - stark@suse.de - added 48x48 icon (#185777) ------------------------------------------------------------------- Mon Jun 12 20:20:02 CEST 2006 - stark@suse.de - fix overwrite confirmation for GTK filesaver (#179531) - get network.negotiate-auth.trusted-uris and network.negotiate-auth.delegation-uris from gconf if system-settings are enabled (#184489) ------------------------------------------------------------------- Thu Jun 1 20:34:43 CEST 2006 - stark@suse.de - update to security/stability release 1.5.0.4 (#179011) - moved locale-global prefs to browserconfig.properties (#177881) ------------------------------------------------------------------- Tue May 23 21:11:11 CEST 2006 - stark@suse.de - complete implementation of startup-notification (#115417) (including autoconf and remote support) - different home-pages for SLE10 and SL (#177881) ------------------------------------------------------------------- Tue May 16 06:27:26 CEST 2006 - stark@suse.de - fixed potential deadlock in nsObserverList::RemoveObserver (#173986, bmo #338069) - base startup notification on libstartup-notification (#115417) ------------------------------------------------------------------- Thu May 11 09:39:27 CEST 2006 - stark@suse.de - save printer settings properly (#174082, bmo #324072) - added startup notification support for showing load activity in Gnome and to avoid focus stealing prevention (#115417) - added StartupNotify=true to desktop file (#115417) - provide legacy symlink for NLD9 update compatibility (#173138) - fixed system-proxies patch to avoid unwanted wpad requests (#171743, #167613) ------------------------------------------------------------------- Mon May 8 14:55:52 CEST 2006 - stark@suse.de - preconfigure the theme according to the used desktop (#151163) ------------------------------------------------------------------- Thu Apr 27 10:24:07 CEST 2006 - stark@suse.de - last minute change for 1.5.0.3 ------------------------------------------------------------------- Wed Apr 26 14:23:33 CEST 2006 - stark@suse.de - security update to 1.5.0.3 - fix for typo in postscript.patch ------------------------------------------------------------------- Tue Apr 25 14:14:51 CEST 2006 - stark@suse.de - fixed iframe crash (#169039, bmo #334515) - fixed img tag misuse (#168710, bmo #334341) ------------------------------------------------------------------- Mon Apr 24 08:04:16 CEST 2006 - stark@suse.de - improved postscript output (bmo #334485) - changed defaults for printer properties (#6534) - overwrite gnome-vfs' file protocol by providing "desktop-launch" (#131501) - get available paper sizes from CUPS (#65482) - replaced/removed complicated gconfd reload in %post (#167989) - fixed memory leak in clipboard caching (bmo #289897) ------------------------------------------------------------------- Tue Apr 11 08:35:53 CEST 2006 - stark@suse.de - added (optional) plastikfox theme (#151163) - get some more security related patches (#148876) - finally fixed the default proxy configuration by adding a new UI option (#132398) ------------------------------------------------------------------- Mon Apr 3 11:41:13 CEST 2006 - stark@suse.de - fixed keyword fixup patch (#162532) ------------------------------------------------------------------- Tue Mar 28 07:17:04 CEST 2006 - stark@suse.de - don't use keyword fixup for pasted text (#160034, bmo #331522) ------------------------------------------------------------------- Mon Mar 20 09:28:58 CET 2006 - stark@suse.de - added Tango theme - fixed reading proxies from gconf (#132398) ------------------------------------------------------------------- Sun Mar 12 09:04:05 CET 2006 - stark@suse.de - tweaked bookmarks (fixed URLs) - added Khmer (km-*) to pango locales (#157397) ------------------------------------------------------------------- Sat Mar 4 21:08:45 CET 2006 - stark@suse.de - fixed crash with multipart JPEGs (bmo #328684) (#140416) - got latest security fixes from upstream (#148876) ------------------------------------------------------------------- Wed Feb 22 13:24:58 CET 2006 - stark@suse.de - fixed plugin loading when launched from Thunderbird (#151614) - merged dbus reconnection patch (#150042) - default to autodetect proxy (network.proxy.type=4) (#151811) - added GTK category to desktop file ------------------------------------------------------------------- Tue Feb 14 06:45:24 CET 2006 - stark@suse.de - modified lockdown patches (#67281, #67282) - applied set of security patches (#148876) bmo bugs: 282105, 307989, 315625, 320459, 323634, 325403, 325947 ------------------------------------------------------------------- Tue Feb 7 20:09:43 CET 2006 - stark@suse.de - fixed disabling of Pango (#148788) ------------------------------------------------------------------- Thu Feb 2 21:51:30 CET 2006 - stark@suse.de - define gssapi lib explicitely (#147670) - use only official Firefox-Icon - changed home-download patch ------------------------------------------------------------------- Sun Jan 29 09:54:49 CET 2006 - stark@suse.de - throbber URL is default again - removed firefox-showpass patch - removed additional CA certs from builtin NSS ------------------------------------------------------------------- Fri Jan 27 17:55:21 CET 2006 - stark@suse.de - got some l10n changes from 1.8.0 branch ------------------------------------------------------------------- Fri Jan 27 08:15:09 CET 2006 - stark@suse.de - final 1.5.0.1 version - make it possible to choose $HOME as download directory (#144894, bmo #300856) ------------------------------------------------------------------- Wed Jan 25 21:33:43 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Sun Jan 22 17:06:57 CET 2006 - stark@suse.de - disable Pango if MOZ_ENABLE_PANGO is not set and no typical language which needs Pango is used (#143428) ------------------------------------------------------------------- Wed Jan 18 10:27:30 CET 2006 - stark@suse.de - fixed DumpStackToFile() for glibc 2.4 - added default (font) settings ------------------------------------------------------------------- Thu Jan 12 10:23:58 CET 2006 - stark@suse.de - update to 1.5.0.1pre (20060111) - updated man-page - fixed hovered tab close button - only Requires mozilla-nspr instead of PreReq since there is no postinstall registration necessary anymore - use system NSS from CODE10 on - use -fstack-protector where available - changed unixproxy component to work on older distributions ------------------------------------------------------------------- Mon Jan 2 13:39:09 CET 2006 - stark@suse.de - added unixproxy component written by Robert O'Callahan (#132398) (bmo #66057) - added official translations - preload libaoss for plugin sound (#117079) ------------------------------------------------------------------- Wed Dec 28 08:16:03 CET 2005 - stark@suse.de - get some patches from 1.8.0 branch - readded modification to gconf-backend (bmo #321315) - readded lockdown stuff - enable additional extension install directory (#120329) (/usr/lib/browser-extensions/firefox) - added patch to make the XUL filechooser optional (MOZ_XUL_PICKER) ------------------------------------------------------------------- Wed Dec 14 16:08:12 CET 2005 - stark@suse.de - fixed patch for parsing -remote parameter - removed default-plugin patch (not needed anymore) ------------------------------------------------------------------- Fri Dec 9 17:21:29 CET 2005 - stark@suse.de - fix to ignore X composite extension (#135373) - fixed parsing of -remote parameters (#134396) - activated locales as released ------------------------------------------------------------------- Tue Nov 29 21:33:13 CET 2005 - stark@suse.de - update to 1.5 (20051128) - don't override startup URL when changing Gecko versions (#135314) - added patch for GTK2 handling (#134831) - readded add-plugins stuff for compatibility ------------------------------------------------------------------- Fri Nov 18 07:41:41 CET 2005 - stark@suse.de - update to 1.5rc3 (20051117) ------------------------------------------------------------------- Mon Oct 31 08:58:14 CET 2005 - stark@suse.de - updated l10n archive (20051030) - fixed postinstall script to copy plugin links instead of files ------------------------------------------------------------------- Fri Oct 28 06:43:27 CEST 2005 - stark@suse.de - update to 1.5rc1 (20051027) - fixed profile locking on FAT partitions (bmo #313360) - introduced an rpath again ------------------------------------------------------------------- Wed Oct 19 20:03:48 CEST 2005 - stark@suse.de - update to snapshot 1.5 (20051019) - moved installation to /usr/%{_lib}/firefox - added dbus component to be able to get network status from NetworkManager (bmo #312793) - remove all update UI for application - removed diable-gconf (no registration at build time anymore) - removed rebuild-databases.sh (no system registration anymore) - open links in new windows (#128087) ------------------------------------------------------------------- Thu Oct 6 20:44:53 CEST 2005 - stark@suse.de - update to Firefox 1.5b2 (20051005) - added supported translations ------------------------------------------------------------------- Sat Oct 1 15:09:18 CEST 2005 - stark@suse.de - update to Firefox 1.5b1 (20050930) RPM version 1.4.1 - removed rebuild-databases.sh calls - removed add-plugins.sh calls and corresponding triggers - enabled SVG and Canvas support - fixed gconf urlhandler registration ------------------------------------------------------------------- Tue Sep 20 10:24:16 CEST 2005 - stark@suse.de - security update to 1.0.7 (#117619) * MFSA 2005-57: IDN heap overrun using soft-hyphens (bmo #307259) (enabled IDN pref again) * MFSA 2005-58: CAN-2005-2701 Heap overrun in XBM image processing CAN-2005-2702 Crash on "zero-width non-joiner" sequence CAN-2005-2703 XMLHttpRequest header spoofing CAN-2005-2704 Object spoofing using XBL <implements> CAN-2005-2705 JavaScript integer overflow CAN-2005-2706 Privilege escalation using about: scheme CAN-2005-2707 Chrome window spoofing Regression fixes - register beagle extension if it gets installed (#116787) ------------------------------------------------------------------- Tue Sep 13 15:41:37 CEST 2005 - aj@suse.de - Change SUSE bookmarks. ------------------------------------------------------------------- Sun Sep 11 17:05:07 CEST 2005 - stark@suse.de - disable IDN per default (#116070) - unlocalize bookmarks (#114279) ------------------------------------------------------------------- Thu Sep 8 08:52:13 CEST 2005 - stark@suse.de - fixed some filemodes (#114849) ------------------------------------------------------------------- Sun Sep 4 00:03:53 CEST 2005 - stark@suse.de - fixed gconf-backend patch to be able to use system prefs (#114054) ------------------------------------------------------------------- Thu Sep 1 13:22:17 CEST 2005 - stark@suse.de - changed default font to sans-serif (#114464) - removed de-de parts of the bookmark-links (#114279) ------------------------------------------------------------------- Mon Aug 22 06:10:12 CEST 2005 - stark@suse.de - install gconf schema for lockdown also on non-NLD - added backports (firefox-backports.patch) * gtk_im_context_set_cursor_location() is not used (bmo #281339) * fixed crash in imgCacheValidator::OnStartRequest() (bmo #293307) - workaround for linking with pangoxft and pangox (broken by gtk 2.8 update) (#105764) - remove extensions on deinstallation - include dragonegg (kparts) plugin (#105468) ------------------------------------------------------------------- Thu Aug 18 13:08:55 CEST 2005 - stark@suse.de - fixed regression in profile locking change (bmo #303633) - added rtsp handler to global config (#104434) - don't blacklist help: protocol (bmo #304833) - fixed Gdk-WARNING at startup (gtk.patch) - fixed crash with gtk 2.7 (bmo #300226, bnc #104586) - fixed installation of the beagle plugin - update industrial theme to 1.0.11 (#104564) - included lockdownV2 (removed obsolete gconf.diff) - linked firefox-bin with rpath to progdir ------------------------------------------------------------------- Fri Aug 5 09:51:26 CEST 2005 - stark@suse.de - fixed profile locking (bmo #151188) - install beagle extension globally ------------------------------------------------------------------- Fri Jul 29 06:58:24 CEST 2005 - stark@suse.de - don't require and provide NSS libs (#98002) - fixed printing error 'You cannot print while in print preview' (#96991, bmo #302445) ------------------------------------------------------------------- Wed Jul 27 09:34:12 CEST 2005 - stark@suse.de - fixed Firefox on ppc (stack-direction.patch) (#97359) - removed open-pref from startscript as it is done automatically now (#73042) - updated Novell searchplugins ------------------------------------------------------------------- Mon Jul 25 12:32:13 CEST 2005 - stark@suse.de - GTK filechooser is now modal (#8533) - backed out patch to add tooltips to print-preview because it breaks localization ------------------------------------------------------------------- Fri Jul 22 10:54:39 CEST 2005 - stark@suse.de - fixed another problem in printing patch ------------------------------------------------------------------- Tue Jul 19 10:44:59 CEST 2005 - stark@suse.de - fixed error in ft-xft-ps2.patch - disabled stripping in spec instead of patch - added NSPR to PreReq ------------------------------------------------------------------- Mon Jul 18 08:43:24 CEST 2005 - stark@suse.de - fixed some more regressions with final 1.0.6 - fixed width calculation in Postscript module (bmo #290292) - fixed plugin event starvation (bnc #94749, #94751, bmo #301161) ------------------------------------------------------------------- Fri Jul 15 11:24:47 CEST 2005 - stark@suse.de - searchplugins can now be installed per profile (#8176) ------------------------------------------------------------------- Fri Jul 15 06:54:02 CEST 2005 - stark@suse.de - update to 1.0.6 which restores API compatibility ------------------------------------------------------------------- Tue Jul 12 06:20:37 CEST 2005 - stark@suse.de - update to 1.0.5 final (#88509) - don't strip explicitely - don't ship beagle.xpi ------------------------------------------------------------------- Wed Jul 6 14:13:09 CEST 2005 - stark@suse.de - update to 1.0.5-pre (20050705) - use RPM_OPT_FLAGS for NSS component - fixed implicit declarations and uninitialized used variables - added patch for bmo #87969 ------------------------------------------------------------------- Tue Jul 5 10:17:16 CEST 2005 - stark@suse.de - fixed regression from security update (#95069, bmo #298478) ------------------------------------------------------------------- Mon Jun 27 21:46:58 CEST 2005 - stark@suse.de - don't use system-prefs by default on NLD - removed basic lockdown stuff for SUSE Linux (it's not needed and caused problems: bnc #75418) - fixed NLD lockdown patch (bnc #75418) - don't write prefs back to gconf for now ------------------------------------------------------------------- Wed Jun 22 07:32:42 CEST 2005 - stark@suse.de - new NLD lockdown patch which is syncing user prefs to gconf - update to 1.0.5pre security-release ------------------------------------------------------------------- Thu Jun 9 06:56:02 CEST 2005 - stark@suse.de - new revision of NLD lockdown patch - fixed remote usage behaviour in start script (bnc #41903) - got more bugfixes from the branch ------------------------------------------------------------------- Thu Jun 2 10:31:48 CEST 2005 - stark@suse.de - fixed neededforbuild ------------------------------------------------------------------- Wed Jun 1 20:15:25 CEST 2005 - stark@suse.de - fixed IDN for 64bit platforms (bmo #236425, bnc #46268) ------------------------------------------------------------------- Fri May 20 15:12:06 CEST 2005 - stark@suse.de - fixed keybinding for KP separator (bnc #84147) - pulled security related patch from upstream branch - update plastikfox theme to version 1.6 ------------------------------------------------------------------- Thu May 12 06:16:25 CEST 2005 - stark@suse.de - update to final 1.0.4 release ------------------------------------------------------------------- Tue May 10 06:38:05 CEST 2005 - stark@suse.de - update to 1.0.4 security release - removed s390(x) patches (upstream) - made two more files %verify (81692) - updated NLD lockdown patch (81304) ------------------------------------------------------------------- Thu Apr 28 09:45:53 CEST 2005 - stark@suse.de - use static NSPR libs from new location ------------------------------------------------------------------- Sat Apr 23 15:56:08 CEST 2005 - stark@suse.de - activate usage of system NSPR for distributions after 9.3 - add patch to be able to use systen NSPR at all ------------------------------------------------------------------- Fri Apr 22 02:06:06 CEST 2005 - ro@suse.de - use mozilla-gcc4.patch ------------------------------------------------------------------- Thu Apr 21 12:51:19 CEST 2005 - stark@suse.de - don't execute gconf magic within build environment ------------------------------------------------------------------- Sat Apr 16 13:05:37 CEST 2005 - stark@suse.de - update to final 1.0.3 release ------------------------------------------------------------------- Fri Apr 15 00:10:54 CEST 2005 - ro@suse.de - fix problem in postinstall script ------------------------------------------------------------------- Wed Apr 14 09:20:02 CEST 2005 - stark@suse.de - included fixed lockdown patch for NLD - linked proxies within Firefox with gnome settings (NLD) - added gconfd restart procedure to install script (only needed if gconf changes are done) (#76852) ------------------------------------------------------------------- Sat Apr 2 21:03:11 CEST 2005 - stark@suse.de - update to security pre-release 1.0.3 (#75692) * Manual plug-in install, javascript vulnerability (bmo #288556) * Access memory vulnerability (bmo #288688) ------------------------------------------------------------------- Fri Apr 1 11:32:44 CEST 2005 - stark@suse.de - added advanced lockdown features for ZLM integration (NLD-only) ------------------------------------------------------------------- Tue Mar 22 12:33:15 CET 2005 - stark@suse.de - update to final 1.0.2 - use new theme handling on NLD - added default-plugin-less-annoying from mozilla - use GTK2 for Flash - use system NSPR on SUSE releases after 9.3 - made startscript PIS aware - set g-application-name correctly (bmo #281979) - added man-page - use GTK system colors - modify useragent string and add vendor id - activate smooth-scrolling by default (#74310) ------------------------------------------------------------------- Tue Mar 22 08:59:06 CET 2005 - stark@suse.de - don't register beagle automatically (#74062) - added default bookmarks for SUSE LINUX ------------------------------------------------------------------- Mon Mar 21 18:20:39 CET 2005 - max@suse.de - Fixed a typo in the shell code that handles inclusion of the Acrobat Reader plugin (#70861). ------------------------------------------------------------------- Thu Mar 17 21:01:11 CET 2005 - stark@suse.de - updates from upcoming 1.0.2 - added again logic to use Adobe Reader 7 (#70861) - fixed crash in ICO decoding (#67142, bmo #245631) - preinstall beagle extension (#72920) - bugfixes in trigger scripts - fixed industrial theming for Gnome (#72918) ------------------------------------------------------------------- Sat Mar 12 12:42:16 CET 2005 - stark@suse.de - fixed more security related bugs (bmo #284551, #284627, #285595) ------------------------------------------------------------------- Wed Mar 9 21:42:05 CET 2005 - stark@suse.de - update also GNOME desktop file (#71810) - added firefox-gnome.png to filelist - use correct Firefox icon ------------------------------------------------------------------- Mon Mar 7 20:47:00 CET 2005 - stark@suse.de - disable inclusion of acrobat plugin again (#70861) - don't use gconfd in registration phase (#66381) ------------------------------------------------------------------- Mon Mar 7 16:13:29 CET 2005 - adrian@suse.de - use standard icon again for the default desktop file and add a Gnome-only desktop file for the Gnome icon - add plastikfox chrome theme to fix button order within KDE - add patch for automatic theme selection for KDE and Gnome - do register extensions in rebuild-databases.sh instead of %install, to fix needed timestamps ------------------------------------------------------------------- Fri Mar 4 07:54:47 CET 2005 - stark@suse.de - extend add-plugins to recognize Java 1.5 (#66909) - changed comment in desktop-file (#66867) ------------------------------------------------------------------- Tue Feb 22 09:33:44 CET 2005 - stark@suse.de - make --display parameter working in all cases (bnc #66043) - revised postscript patch - final 1.0.1 codebase ------------------------------------------------------------------- Mon Feb 21 13:09:30 CET 2005 - stark@suse.de - added patch to create Postscript level 2 (instead of 3) (special thanks to Jungshik Shin) - disabled freetype explicitly to be able to use the above patch (freetype wasn't used anymore since some time anyway) ------------------------------------------------------------------- Fri Feb 18 09:10:10 CET 2005 - stark@suse.de - got more patches from branch to get another IDN fix and to fix bug #51019 - enabled IDN again ------------------------------------------------------------------- Wed Feb 16 09:20:39 CET 2005 - stark@suse.de - bumped version number to 1.0.1 ------------------------------------------------------------------- Tue Feb 15 10:26:04 CET 2005 - stark@suse.de - got updates from 1.0.1 branch ------------------------------------------------------------------- Thu Feb 10 06:57:33 CET 2005 - stark@suse.de - additional fireflashing fix (#50635, bmo #280664) - some more security related fixes (bmo #268483, #273498, #277322) - fire up GTK2 filepicker if GNOME is running ------------------------------------------------------------------- Tue Feb 8 07:51:13 CET 2005 - stark@suse.de - some prefs are ignored (bmo #261934) - disabled default IDN (#50566) - fixed some more bugzilla.mozilla.org bugs: #276482, #280056, #280603 ------------------------------------------------------------------- Sun Feb 6 13:10:12 CET 2005 - stark@suse.de - use same desktop categories for Professional and NLD - added some lockdown stuff for printing and page saving (bmo #280488) ------------------------------------------------------------------- Wed Feb 2 13:58:53 CET 2005 - stark@suse.de - modified gconf.diff to honor ignore_hosts (bmo #280742) - added a JS crasher fix (bmo #268535) - added more fixes (bmo #255441, #273024, #275405, #275634) ------------------------------------------------------------------- Fri Jan 28 12:39:37 CET 2005 - stark@suse.de - added gplflash inclusion - improved JRE inclusion - reactivated usage of Acrobat Reader plugin (ready for acroread 7) ------------------------------------------------------------------- Sat Jan 22 13:16:47 CET 2005 - stark@suse.de - added some backported bugfixes ------------------------------------------------------------------- Sat Dec 18 10:30:11 CET 2004 - stark@suse.de - updated industrial theme to 1.0.9 - use slightly changed icon for menu-entry (bnc #275) - use original desktop file for NLD again ------------------------------------------------------------------- Thu Dec 16 19:37:48 CET 2004 - stark@suse.de - newer patch for GNOME associations (bnc #362) - fix overwriting of files with GTK picker (Ximian #65068) - readded the industrial default theme patch for NLD ------------------------------------------------------------------- Wed Dec 15 11:50:56 CET 2004 - stark@suse.de - activate GTK filepicker for NLD again - fix for GNOME helper applications with parameters - make GNOME associations the default on NLD ------------------------------------------------------------------- Sat Dec 4 16:11:01 CET 2004 - stark@suse.de - fixed build on s390/s390x - added patch to be able to install-global without running X (bmo #265859) ------------------------------------------------------------------- Thu Nov 18 21:48:05 CET 2004 - stark@suse.de - update industrial theme to 1.0.8 (still not activated) - added patch to make home-directory the default download dir (on NLD is still used Desktop) ------------------------------------------------------------------- Thu Nov 11 09:01:58 CET 2004 - stark@suse.de - made initial window height smaller again ------------------------------------------------------------------- Tue Nov 9 09:09:06 CET 2004 - stark@suse.de - update to final 1.0 release (20041109) ------------------------------------------------------------------- Thu Nov 4 08:22:36 CET 2004 - stark@suse.de - update to 1.0rc2 ------------------------------------------------------------------- Sat Oct 30 21:27:29 CEST 2004 - stark@suse.de - added missing s390(x) patch ------------------------------------------------------------------- Wed Oct 27 07:26:25 CEST 2004 - stark@suse.de - update to 1.0rc1 codebase - printing via XFT/fontconfig - freetype changes to avoid API conflicts with newer freetype2 - fixed build for s390/s390x - removed AMD64 patch (included upstream) - added translations sub-package - removed "Show folder" patch for NLD (resolved upstream) - don't use gnome-filepicker patch for NLD for now - removed hppa buildfix (included upstream) - removed untitled.patch (bmo #24068) resolved by (bmo #262478) - use make -C browser/installer now to prepare installation - don't check for default browser at startup (#47587) - updated industrial.jar (0.99.13) (disabled) ------------------------------------------------------------------- Fri Oct 15 13:51:54 CEST 2004 - stark@suse.de - inherit locale from system - fixed chrome registration ------------------------------------------------------------------- Wed Oct 6 23:11:01 CEST 2004 - joeshaw@suse.de - disable gconf settings as default (Ximian #67718) ------------------------------------------------------------------- Wed Oct 6 07:04:05 CEST 2004 - stark@suse.de - fixed inclusion of RealPlayer plugin again ------------------------------------------------------------------- Tue Oct 5 10:09:04 CEST 2004 - stark@suse.de - small important fix in firefox-download.patch (Ximian #65472) ------------------------------------------------------------------- Sun Oct 3 00:02:09 CEST 2004 - stark@suse.de - added security-fix from 0.10.1 (mozilla.org #259708) (#46687) ------------------------------------------------------------------- Fri Oct 1 12:49:38 CEST 2004 - stark@suse.de - final fix for downloading to Desktop folder (Ximian #65756) - remove Postscript from printer names (Ximian #65560) ------------------------------------------------------------------- Thu Sep 30 16:14:10 CEST 2004 - shprasad@suse.de - Modified the MozillaFirefox.desktop file. Changed the name 'Firefox' to 'Firefox Web Browser'. Also changed it for all languages. ------------------------------------------------------------------- Wed Sep 29 15:54:46 CEST 2004 - stark@suse.de - fix inclusion of RealPlayer plugin (Ximian #65711) ------------------------------------------------------------------- Mon Sep 27 17:51:24 CEST 2004 - joeshaw@suse.de - Update the industrial default patch, for some reason it didn't take before. ------------------------------------------------------------------- Fri Sep 24 07:34:48 CEST 2004 - stark@suse.de - fix for Ximian #65176 (mozilla.org #240068) - revised patch for update function (Ximian #65615) ------------------------------------------------------------------- Thu Sep 23 20:21:39 CEST 2004 - joeshaw@suse.de - Uncomment the patch which tells the UI that industrial is the default. ------------------------------------------------------------------- Thu Sep 23 12:38:06 CEST 2004 - stark@suse.de - open Nautilus on NLD for 'Show folder' in download settings (Ximian #65472) by sragavan@novell.com - save to Desktop folder if selected (Ximian #65756) by sragavan@novell.com ------------------------------------------------------------------- Wed Sep 22 10:23:01 CEST 2004 - stark@suse.de - synced NLD package with 9.2 version - GTK2 filepicker does now ask for confirmation when overwriting files (Ximian #65068) by sagarwala@novell.com - no direct update function (Ximian #65615) by rganesan@novell.com - throbber linked to Novell (Ximian #66283) by rganesan@novell.com - make industrial the default theme for NLD (Ximian #65542) by joeshaw@suse.de ------------------------------------------------------------------- Mon Sep 20 22:00:55 CEST 2004 - joeshaw@suse.de - Add default bookmarks. Ximian #65546. - Add the industrial theme, but it's not the default yet. - Remove acroread from add-plugins because it's badly behaved. Ximian #65499. ------------------------------------------------------------------- Mon Sep 20 17:57:38 CEST 2004 - federico@ximian.com - Added MozillaFirefox-toplevel-window-height.diff for http://bugzilla.ximian.com/show_bug.cgi?id=65543 ------------------------------------------------------------------- Sun Sep 19 15:42:30 CEST 2004 - stark@suse.de - use GNOME system prefs only for NLD by default (fixes bug #45575) ------------------------------------------------------------------- Fri Sep 17 08:59:32 CEST 2004 - stark@suse.de - joeshaw@suse.de: Update GConf patch so that proxy settings work correctly (Ximian #64461) - don't search Java on every path (Ximian #65383) - added some missing fixes for official release - added new java package name for triggers (#45257) ------------------------------------------------------------------- Sat Sep 11 13:25:41 CEST 2004 - stark@suse.de - update to official 1.0PR (0.10) - adopted gnome-filepicker patch - removed obsolete CUPS hack from start-script (Ximian #65635, #65560) ------------------------------------------------------------------- Thu Sep 9 21:35:42 CEST 2004 - stark@suse.de - fixed endianess on AMD64 in JS component (#34743) ------------------------------------------------------------------- Mon Sep 6 17:33:07 CEST 2004 - stark@suse.de - fixed filelist ------------------------------------------------------------------- Mon Sep 6 13:48:03 CEST 2004 - stark@suse.de - update to 1.0PR (aka 0.10) ------------------------------------------------------------------- Fri Sep 3 21:35:47 CEST 2004 - stark@suse.de - added ppc64 patch ------------------------------------------------------------------- Thu Sep 2 03:08:59 CEST 2004 - dave@suse.de - Fixed up the .desktop installation on nld ------------------------------------------------------------------- Wed Sep 1 15:05:48 CEST 2004 - shprasad@suse.de - Doesn't ask to set Firefox as default web-browser. ------------------------------------------------------------------- Tue Aug 31 14:01:18 CEST 2004 - stark@suse.de - next new version for filepicker stuff - deactivated native filepicker for NLD - update to snapshot (20040831) ------------------------------------------------------------------- Tue Aug 24 17:35:52 CEST 2004 - stark@suse.de - new version of gnome-filepicker patch - added patch for config ------------------------------------------------------------------- Fri Aug 20 17:12:48 CEST 2004 - stark@suse.de - update to snapshot (20040820) ------------------------------------------------------------------- Thu Aug 19 08:46:42 CEST 2004 - stark@suse.de - added workaround for mozilla bug #246313 (Firefox does not start: getting "cannot open display" error) ------------------------------------------------------------------- Wed Aug 18 15:07:22 CEST 2004 - stark@suse.de - added some patches from Ximian - use GNOME filepicker - use more gconf settings - set startup homepage to Novell ------------------------------------------------------------------- Tue Aug 17 13:12:35 CEST 2004 - stark@suse.de - update to pre-1.0.0 (20040817) ------------------------------------------------------------------- Thu Aug 5 06:27:41 CEST 2004 - stark@suse.de - security update to 0.9.3 (including #43312 and others) - handle RealPlayer 9 plugin ------------------------------------------------------------------- Mon Aug 2 15:11:51 CEST 2004 - ro@suse.de - recode desktop file to utf-8 ------------------------------------------------------------------- Wed Jul 28 08:46:31 CEST 2004 - stark@suse.de - added fix against certificate spoofing (#43312) ------------------------------------------------------------------- Fri Jul 23 06:31:41 CEST 2004 - stark@suse.de - update to 0.9.2 - added workaround for extension registry - removed old (incompatible) mozex extension ------------------------------------------------------------------- Tue Jun 29 06:27:59 CEST 2004 - stark@suse.de - update to 0.9.1 - added hint to run as root first ------------------------------------------------------------------- Tue Jun 15 12:42:28 CEST 2004 - stark@suse.de - update to 0.9 - added patch for newer freetype ------------------------------------------------------------------- Fri Apr 2 10:31:45 CEST 2004 - stark@suse.de - removing relocation of TEMP directory (#34391) ------------------------------------------------------------------- Mon Mar 29 11:43:51 CEST 2004 - stark@suse.de - update to 0.8.0+ (20040503) - removed firefox logos and activate official branding for milestone builds - changed profile-dir to .firefox - added some needed files - enabled gnomevfs extension ------------------------------------------------------------------- Fri Mar 26 18:09:34 CET 2004 - uli@suse.de - fixed hang during build on s390* (bug #35440) ------------------------------------------------------------------- Wed Mar 3 06:52:00 CET 2004 - stark@suse.de - removed unused patches for GTK2 build - more fixes for (#35179) ------------------------------------------------------------------- Mon Mar 1 07:32:52 CET 2004 - stark@suse.de - improved start-script to interact with thunderbird (#35179) ------------------------------------------------------------------- Thu Feb 26 06:57:05 CET 2004 - stark@suse.de - use official releasedate - added official (trademarked) artwork - added firefox icon to /usr/share/pixmaps - cleaned up spec-file (there will be no GTK1 version) ------------------------------------------------------------------- Tue Feb 24 16:43:17 CET 2004 - stark@suse.de - fixed optimization for non-x86 archs ------------------------------------------------------------------- Tue Feb 24 07:43:35 CET 2004 - stark@suse.de - adopted file-list and build options to original distribution - added prdtoa fix (#32963) - added hook for static firefox build to rebuild-databases.sh - added compiler flags for security/ (nss-opt.patch) - included mozex (mozex.mozdev.org) - added -Os as optimization flag ------------------------------------------------------------------- Mon Feb 9 21:59:37 CET 2004 - stark@suse.de - renamed to MozillaFirefox - update to final version 0.8 ------------------------------------------------------------------- Fri Feb 6 08:39:15 CET 2004 - stark@suse.de - update to Firebird 0.8 (20040205) - added mips build fix - set PS printer list in MozillaFirebird.sh - use lib64 again for biarch platforms ------------------------------------------------------------------- Sat Jan 10 10:33:54 CET 2004 - adrian@suse.de - build as user ------------------------------------------------------------------- Fri Aug 22 11:32:07 CEST 2003 - stark@suse.de - upstream sync for 0.6.1post ------------------------------------------------------------------- Sun Aug 10 22:01:12 CEST 2003 - stark@suse.de - removed dmoz from searchplugins-filelist ------------------------------------------------------------------- Fri Aug 8 10:30:50 CEST 2003 - stark@suse.de - update to 0.6.1post (TRUNK) - use -fno-strict-aliasing ------------------------------------------------------------------- Thu Jul 31 11:25:39 CEST 2003 - stark@suse.de - update to 0.6.1 (MOZILLA_1_4_BRANCH) - synchronized with mozilla-source - created file-list ------------------------------------------------------------------- Thu Jul 10 09:45:49 CEST 2003 - stark@suse.de - update to snapshot 20030709 - fixed generation of symlink MozillaFirebird-xremote-client ------------------------------------------------------------------- Fri Jun 20 06:53:08 CEST 2003 - stark@suse.de - update to snapshot 20030622 (0.7pre) ------------------------------------------------------------------- Mon May 19 08:54:46 CEST 2003 - stark@suse.de - update to snapshot 20030518 (0.6) ------------------------------------------------------------------- Sun May 7 10:11:16 CEST 2003 - stark@suse.de - update to snapshot 20030507 ------------------------------------------------------------------- Wed Apr 30 13:26:43 CEST 2003 - stark@suse.de - initial SuSE package
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor