- Mozilla Firefox ESR 115.3.0
  MFSA 2023-42 (bsc#???????)
  * CVE-2023-5168 (bmo#1846683)
    Out-of-bounds write in FilterNodeD2D1
  * CVE-2023-5169 (bmo#1846685)
    Out-of-bounds write in PathOps
  * CVE-2023-5171 (bmo#1851599)
    Use-after-free in Ion Compiler
  * CVE-2023-5174 (bmo#1848454)
    Double-free in process spawning on Windows
  * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824,
    bmo#1843962, bmo#1848890, bmo#1850180, bmo#1850983,
    bmo#1851195)
    Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
    and Thunderbird 115.3

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.3.0
  MFSA 2023-42 (bsc#???????)
  * Fixed: Various security fixes and other quality improvements.

• Files Changed
• Browse Source

Das hatte Andreas vergessen...

• Files Changed
• Browse Source

Mozilla Firefox 115.2.1

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.2.0
  MFSA 2023-36 (bsc#???????)
  * CVE-2023-4573 (bmo#1846687)
    Memory corruption in IPC CanvasTranslator
  * CVE-2023-4574 (bmo#1846688)
    Memory corruption in IPC ColorPickerShownCallback
  * CVE-2023-4575 (bmo#1846689)
    Memory corruption in IPC FilePickerShownCallback
  * CVE-2023-4576 (bmo#1846694)
    Integer Overflow in RecordedSourceSurfaceCreation
  * CVE-2023-4577 (bmo#1847397)
    Memory corruption in JIT UpdateRegExpStatics
  * CVE-2023-4051 (bmo#1821884)
    Full screen notification obscured by file open dialog
  * CVE-2023-4578 (bmo#1839007)
    Error reporting methods in SpiderMonkey could have triggered
    an Out of Memory Exception
  * CVE-2023-4053 (bmo#1839079)
    Full screen notification obscured by external program
  * CVE-2023-4580 (bmo#1843046)
    Push notifications saved to disk unencrypted
  * CVE-2023-4581 (bmo#1843758)
    XLL file extensions were downloadable without warnings
  * CVE-2023-4582 (bmo#1773874)
    Buffer Overflow in WebGL glGetProgramiv
  * CVE-2023-4583 (bmo#1842030)
    Browsing Context potentially not cleared when closing Private
    Window
  * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,
    bmo#1846526, bmo#1847529)
    Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,
    Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2
  * CVE-2023-4585 (bmo#1751583, bmo#1833504, bmo#1841082,
    bmo#1847904, bmo#1848999)
    Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2,
    and Thunderbird 115.2

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.2.0
  MFSA 2023-?? (bsc#???????)

• Files Changed
• Browse Source

- Rectify build requirements for the upcoming openSUSE Leap 15.6

• Files Changed
• Browse Source

- Revert the VERSION changes as they fixed the URL on the upstream
  server to that the release notes can be found again (bmo#1844726).
- drop obsolete mozilla-bmo1775202.patch

• Files Changed
• Browse Source

- Mozilla Firefox ESR 115.1
  MFSA 2023-31 (bsc#1213746)
  * MFSA-RESERVE-2023-0001 (bmo#1833876)
    Offscreen Canvas could have bypassed cross-origin
    restrictions
  * MFSA-RESERVE-2023-0002 (bmo#1837686)
    Incorrect value used during WASM compilation
  * MFSA-RESERVE-2023-0003 (bmo#1839073)
    Potential permissions request bypass via clickjacking
  * MFSA-RESERVE-2023-0004 (bmo#1841368)
    Crash in DOMParser due to out-of-memory conditions
  * MFSA-RESERVE-2023-0005 (bmo#1842658)
    Fix potential race conditions when releasing platform objects
  * MFSA-RESERVE-2023-0006 (bmo#1843038)
    Stack buffer overflow in StorageManager
  * MFSA-RESERVE-2023-0008 (bmo#1824420)
    File deletion and privilege escalation through Firefox
    uninstaller
  * MFSA-RESERVE-2023-0010 (bmo#1840777)
    Lack of warning when opening appref-ms files
  * MFSA-RESERVE-2023-0011 (bmo#1782561)
    Cookie jar overflow caused unexpected cookie jar state
  * MFSA-RESERVE-2023-0012 (bmo#1820587, bmo#1824634,
    bmo#1839235, bmo#1842325, bmo#1843847)
    Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
    Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
  * MFSA-RESERVE-2023-0013 (bmo#1841682)
    Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
    and Thunderbird 115.1

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- Mozilla Firefox 115.1 ESR
  MFSA 2023-?? (bsc#???????)
- Set CHANNEL to "esr115" in tar_stamps
- Set update_channel to "esr" in the spec file
- Ensure to use "esr" in the VERSION variable, otherwise the executable
  will not find its releasenotes; unfortunately this does not work for
  .0 releases which gets removed from the releasenotes URL :(

• Files Changed
• Browse Source

Mozilla Firefox 115.0.3 ESR

• Files Changed
• Browse Source

- Mozilla Firefox 115.0.2 ESR
  MFSA 2023-26 (bsc#????????)
  * CVE-2023-3600 (bmo#1839703)
    Use-after-free in workers
  * Fixed: Fixed a startup crash experienced by some Windows 10
    and 11 users by blocking instances of a malicious injected
    DLL (bmo#1841751)
  * Fixed: Fixed a bug with displaying a caret in the text editor
    on some websites (bmo#1840804)
  * Fixed: Fixed a bug with broken audio rendering on some
    websites (bmo#1841982)
  * Fixed: Fixed a bug with patternTransform translate using the
    wrong units (bmo#1840746)
  * Fixed: A security fix.
  * Fixed: Fixed a crash affecting Windows 7 users related to the
    DLL blocklist.

• Files Changed
• Browse Source

- Mozilla Firefox 115.0.1 ESR
  * Fixed: Fixed a startup crash for Windows users with Kingsoft
    Antivirus software installed (bmo#1837242)
- Update create-tar.sh: Use the pre-packaged Thunderbird locales
  from FTP, if available

Ist zwar nur fuer Windows relevant, aber du hast den firefox115 ja auch neu gebaut... :)

• Files Changed
• Browse Source

Update changes

• Files Changed
• Browse Source

- Mozilla Firefox 115.0 ESR
  * Fixed: Various security fixes.
- Requires NSS 3.90
- Add mozilla-rust-disable-future-incompat.patch

• Browse Source