openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of MozillaFirefox

Dominique Leuenberger (dimstar_suse) accepted request 1056394 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 386)

Dominique Leuenberger (dimstar_suse) accepted request 1044163 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 385)

- add mozilla-bmo1805809.patch to fix build for x86-32 (boo#1206600)

Dominique Leuenberger (dimstar_suse) accepted request 1043934 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 384)

- Mozilla Firefox 108.0.1 (boo#1206507)
  * Fixes the default search engine being reset on upgrade for
    profiles which were previously copied from a different location

- Mozilla Firefox 108.0
  https://www.mozilla.org/en-US/firefox/108.0/releasenotes/
  MFSA 2022-51 (bsc#1206242)
  * CVE-2022-46871 (bmo#1795697)
    libusrsctp library out of date
  * CVE-2022-46872 (bmo#1799156)
    Arbitrary file read from a compromised content process
  * CVE-2022-46873 (bmo#1644790)
    Firefox did not implement the CSP directive unsafe-hashes
  * CVE-2022-46874 (bmo#1746139)
    Drag and Dropped Filenames could have been truncated to
    malicious extensions
  * CVE-2022-46875 (bmo#1786188)
    Download Protections were bypassed by .atloc and .ftploc
    files on Mac OS
  * CVE-2022-46877 (bmo#1795139)
    Fullscreen notification bypass
  * CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
    bmo#1801102, bmo#1801315, bmo#1802395)
    Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
  * CVE-2022-46879 (bmo#1736224, bmo#1793407, bmo#1794249, bmo#1795845,
    bmo#1797682, bmo#1797720, bmo#1798494, bmo#1799479)
    Memory safety bugs fixed in Firefox 108
- requires
  NSS >= 3.85
  rustc/cargo 1.65

Dominique Leuenberger (dimstar_suse) accepted request 1039406 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 383)

Dominique Leuenberger (dimstar_suse) accepted request 1036230 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 382)

- Mozilla Firefox 107.0
  MFSA 2022-47 (bsc#1205270)
 * CVE-2022-45403 (bmo#1762078)
    Service Workers might have learned size of cross-origin media files
  * CVE-2022-45404 (bmo#1790815)
    Fullscreen notification bypass
  * CVE-2022-45405 (bmo#1791314)
    Use-after-free in InputStream implementation
  * CVE-2022-45406 (bmo#1791975)
    Use-after-free of a JavaScript Realm
  * CVE-2022-45407 (bmo#1793314)
    Loading fonts on workers was not thread-safe
  * CVE-2022-45408 (bmo#1793829)
    Fullscreen notification bypass via windowName
  * CVE-2022-45409 (bmo#1796901)
    Use-after-free in Garbage Collection
  * CVE-2022-45410 (bmo#1658869)
    ServiceWorker-intercepted requests bypassed SameSite cookie policy
  * CVE-2022-45411 (bmo#1790311)
    Cross-Site Tracing was possible via non-standard override headers
  * CVE-2022-45412 (bmo#1791029)
    Symlinks may resolve to partially uninitialized buffers
  * CVE-2022-45413 (bmo#1791201)
    SameSite=Strict cookies could have been sent cross-site via
    intent URLs
  * CVE-2022-40674 (bmo#1791598)
    Use-after-free vulnerability in expat
  * CVE-2022-45415 (bmo#1793551)
    Downloaded file may have been saved with malicious extension
  * CVE-2022-45416 (bmo#1793676)

Dominique Leuenberger (dimstar_suse) accepted request 1033697 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 381)

Dominique Leuenberger (dimstar_suse) accepted request 1032848 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 380)

- Mozilla Firefox 106.0.3
  * Fixes for other platforms

Dominique Leuenberger (dimstar_suse) accepted request 1031637 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 379)

- Mozilla Firefox 106.0.2
  * Fix missing content on some PDF forms (bmo#1794351)
  * Fix column width for the Notification sub-panel in Settings
    (bmo#1793558)
  * Fix a browser freeze with accessibility enabled on some sites
    such as the Proxmox Web UI (bmo#1793748)
  * Fix page reloading not working with Firefox View and not
    refreshing synced data (bmo#1792680, bmo#1794474)

Dominique Leuenberger (dimstar_suse) accepted request 1030584 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 378)

- Mozilla Firefox 106.0.1
  * Addresses a crash experienced by users with AMD Zen 1 CPUs
    (bmo#1796126)

Dominique Leuenberger (dimstar_suse) accepted request 1030290 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 377)

i686 and aarch64 should be fixed. No idea for ppc64le

- Mozilla Firefox 106.0
  * support editing of PDFs
  * introduced Firefox View
  * major WebRTC update
    - Better screen sharing for Windows and Linux Wayland users
    - RTP performance and reliability improvements
    - Richer statistics
    - Cross-browser and service compatibility improvements
  * detailed releasenotes
    https://www.mozilla.org/en-US/firefox/106.0/releasenotes
  MFSA 2022-44 (bsc#1204421)
  * CVE-2022-42927 (bmo#1789128)
    Same-origin policy violation could have leaked cross-origin URLs
  * CVE-2022-42928 (bmo#1791520)
    Memory Corruption in JS Engine
  * CVE-2022-42929 (bmo#1789439)
    Denial of Service via window.print
  * CVE-2022-42930 (bmo#1789503)
    Race condition in DOM Workers
  * CVE-2022-42931 (bmo#1780571)
    Username saved to a plaintext file on disk
  * CVE-2022-42932 (bmo#1789729, bmo#1791363, bmo#1792041)
    Memory safety bugs fixed in Firefox
- added -msse2 flag to fix i386 build and workaround bmo#1795993
- fixed used buildflags
- renamed mozilla-i686-build.patch to mozilla-buildfixes.patch
  as it was extended with changes for other archs

Dominique Leuenberger (dimstar_suse) accepted request 1009258 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 376)

- Mozilla Firefox 105.0.3:
  * Fixes for other platforms

- Mozilla Firefox 105.0.2:
  * Fixed poor contrast on various menu items with certain
    themes on Linux systems (bmo#1792063)
  * Fixed the scrollbar appearing on the wrong side of
    `select` elements in right-to-left locales (bmo#1791219)
  * Fixed a possible deadlock when loading some sites in
    Troubleshoot Mode (bmo#1786259)
  * Fixed a bug causing some dynamic appearance changes to
    not appear when expected (bmo#1786521)
  * Fixed a bug causing theme styling to not be properly applied
    to sidebars for some add-ons in Private Browsing Mode
    (bmo#1787543)

- Mozilla Firefox 105.0.1
  * Reverted focus behavior for new windows back to the content
    area instead of the address bar (bmo#1784692)
- added mozilla-i686-build.patch to avoid using avx2

- Mozilla Firefox 105.0
  https://www.mozilla.org/en-US/firefox/105.0/releasenotes
  MFSA 2022-40 (bsc#1203477)
  * CVE-2022-40959 (bmo#1782211)
    Bypassing FeaturePolicy restrictions on transient pages
  * CVE-2022-40960 (bmo#1787633)
    Data-race when parsing non-UTF-8 URLs in threads
  * CVE-2022-40958 (bmo#1779993)
    Bypassing Secure Context restriction for cookies with __Host

Dominique Leuenberger (dimstar_suse) accepted request 1002272 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 375)

Dominique Leuenberger (dimstar_suse) accepted request 1001583 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 374)

- Mozilla Firefox 104.0.2 (boo#1203177)
  https://www.mozilla.org/en-US/firefox/104.0.2/releasenotes/
  * Fixed a bug making it impossible to use touch or a stylus to
    drag the scrollbar on pages (bmo#1787361)
  * Fixed an issue causing some users to crash in out-of-memory
    conditions (bmo#1774155)
  * Fixed an issue that would sometimes affect video & audio playback
    when loaded via a cross-origin iframe src attribute (bmo#1781759)
  * Fixed an issue that would sometimes affect video & audio playback
    when served with Content-Security-Policy: sandbox (bmo#1781063)

- Mozilla Firefox 104.0.1
  * Addresses an issue with Youtube video playback that was
    affecting some users (boo#1203003)

Dominique Leuenberger (dimstar_suse) accepted request 999342 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 373)

- Mozilla Firefox 104.0
  * https://www.mozilla.org/en-US/firefox/104.0/releasenotes
  MFSA 2022-33 (bsc#1202645)
  * CVE-2022-38472 (bmo#1769155)
    Address bar spoofing via XSLT error handling
  * CVE-2022-38473 (bmo#1771685)
    Cross-origin XSLT Documents would have inherited the parent's
    permissions
  * CVE-2022-38474 (bmo#1719511)
    Recording notification not shown when microphone was
    recording on Android
  * CVE-2022-38475 (bmo#1773266)
    Attacker could write a value to a zero-length array
  * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363)
    Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
  * CVE-2022-38478 (bmo#1770630, bmo#1776658)
    Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2,
    and Firefox ESR 91.13
- requires
  NSPR 4.34.1
  NSS 3.81
  rust 1.62

Dominique Leuenberger (dimstar_suse) accepted request 994938 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 372)

- added mozilla-glibc236.patch (bmo#1782988, boo#1202323)

Dominique Leuenberger (dimstar_suse) accepted request 994312 from

Wolfgang Rosenauer (wrosenauer) over 1 year ago (revision 371)

- Mozilla Firefox 103.0.2
  * Fixed menu shortcuts for users of the JAWS screen reader
  * Fixed an occasional non-overridable certificate error when
    accessing device configuration pages

- The --disable-elf-hack option only exists on ARM and X86

Dominique Leuenberger (dimstar_suse) accepted request 992040 from

Wolfgang Rosenauer (wrosenauer) almost 2 years ago (revision 370)

- Mozilla Firefox 103.0.1
  * Enabled hardware acceleration on newer AMD cards.
  * Fixed a crash on Firefox shutdown caused by a bug in the
    audio manager

- Mozilla Firefox 103.0
  https://www.mozilla.org/en-US/firefox/103.0/releasenotes
  MFSA 2022-28 (bsc#1201758)
  * CVE-2022-36319 (bmo#1737722)
    Mouse Position spoofing with CSS transforms
  * CVE-2022-36317 (bmo#1759951)
    Long URL would hang Firefox for Android
  * CVE-2022-36318 (bmo#1771774)
    Directory indexes for bundled resources reflected URL
    parameters
  * CVE-2022-36314 (bmo#1773894)
    Opening local <code>.lnk</code> files could cause unexpected
    network loads
  * CVE-2022-36315 (bmo#1762520)
    Preload Cache Bypasses Subresource Integrity
  * CVE-2022-36316 (bmo#1768583)
    Performance API leaked whether a cross-site resource is
    redirecting
  * CVE-2022-36320 (bmo#1759794, bmo#1760998)
    Memory safety bugs fixed in Firefox 103
  * CVE-2022-2505 (bmo#1769739, bmo#1772824)
    Memory safety bugs fixed in Firefox 103 and 102.1
- requires
  NSS >= 3.80
  rust = 1.61

Dominique Leuenberger (dimstar_suse) accepted request 988096 from

Wolfgang Rosenauer (wrosenauer) almost 2 years ago (revision 369)

- Firefox 102.0.1:
  * Fixed: Fixed bookmarks sidebar flashing white when opened in
    dark mode (bmo#1776157)
  * Fixed: Fixed multilingual spell checking not working with
    content in both English and a non-Latin alphabet
    (bmo#1773802)
  * Fixed: Developer tools:  Fixed an issue where the console
    output keep getting scrolled to the bottom when the last
    visible message is an evaluation result (bmo#1776262)
  * Fixed: Fixed *Delete cookies and site data when Firefox is
    closed* checkbox getting disabled on startup (bmo#1777419)
  * Fixed: Various stability fixes

- Firefox 102.0
  * You can now disable automatic opening of the download panel
    every time a new download starts
  * Firefox now mitigates query parameter tracking when navigating
    sites in ETP strict mode
  * Improved security by moving audio decoding into a separate
    process with stricter sandboxing, thus improving process isolation
  * https://www.mozilla.org/en-US/firefox/102.0/releasenotes
  MFSA 2022-24 (bsc#1200793)
  * CVE-2022-34479 (bmo#1745595)
    A popup window could be resized in a way to overlay the
    address bar with web content
  * CVE-2022-34470 (bmo#1765951)
    Use-after-free in nsSHistory
  * CVE-2022-34468 (bmo#1768537)
    CSP sandbox header without `allow-scripts` can be bypassed
    via retargeted javascript: URI

Dominique Leuenberger (dimstar_suse) accepted request 982081 from

Wolfgang Rosenauer (wrosenauer) almost 2 years ago (revision 368)

Dominique Leuenberger (dimstar_suse) accepted request 980191 from

Wolfgang Rosenauer (wrosenauer) almost 2 years ago (revision 367)

- Mozilla Firefox 101.0
  * Reading is now easier with the prefers-contrast media query,
    which allows sites to detect if the user has requested that web
    content is presented with a higher (or lower) contrast
  * All non-configured MIME types can now be assigned a custom
    action upon download completion
  * allows users to use as many microphones as you want, at the
    same time, during video conferencing. The most exciting benefit
    is that you can easily switch your microphones at any time
    (if your conferencing service provider enables this flexibility)
  MFSA 2022-20 (bsc#1200027)
  * CVE-2022-31736 (bmo#1735923)
    Cross-Origin resource's length leaked
  * CVE-2022-31737 (bmo#1743767)
    Heap buffer overflow in WebGL
  * CVE-2022-31738 (bmo#1756388)
    Browser window spoof using fullscreen mode
  * CVE-2022-31739 (bmo#1765049)
    Attacker-influenced path traversal when saving downloaded files
  * CVE-2022-31740 (bmo#1766806)
    Register allocation problem in WASM on arm64
  * CVE-2022-31741 (bmo#1767590)
    Uninitialized variable leads to invalid memory read
  * CVE-2022-31742 (bmo#1730434)
    Querying a WebAuthn token with a large number of allowCredential
    entries may have leaked cross-origin information
  * CVE-2022-31743 (bmo#1747388)
    HTML Parsing incorrectly ended HTML comments prematurely
  * CVE-2022-31744 (bmo#1757604)
    CSP bypass enabling stylesheet injection

Displaying revisions 41 - 60 of 426

Places

Revisions of MozillaFirefox

Places