openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of MozillaFirefox

buildservice-autocommit accepted request 1141490 from

Wolfgang Rosenauer (wrosenauer) 3 months ago (revision 1129)

baserev update by copy to link target

Wolfgang Rosenauer (wrosenauer) committed 3 months ago (revision 1128)

- Mozilla Firefox 122.0
  https://www.mozilla.org/en-US/firefox/122.0/releasenotes/
  MFSA 2024-01 (bsc#1218955)
  * CVE-2024-0741 (bmo#1864587)
    Out of bounds write in ANGLE
  * CVE-2024-0742 (bmo#1867152)
    Failure to update user input timestamp
  * CVE-2024-0743 (bmo#1867408)
    Crash in NSS TLS method
  * CVE-2024-0744 (bmo#1871089)
    Wild pointer dereference in JavaScript
  * CVE-2024-0745 (bmo#1871838)
    Stack buffer overflow in WebAudio
  * CVE-2024-0746 (bmo#1660223)
    Crash when listing printers on Linux
  * CVE-2024-0747 (bmo#1764343)
    Bypass of Content Security Policy when directive unsafe-inline was set
  * CVE-2024-0748 (bmo#1783504)
    Compromised content process could modify document URI
  * CVE-2024-0749 (bmo#1813463)
    Phishing site popup could show local origin in address bar
  * CVE-2024-0750 (bmo#1863083)
    Potential permissions request bypass via clickjacking
  * CVE-2024-0751 (bmo#1865689)
    Privilege escalation through devtools
  * CVE-2024-0752 (bmo#1866840)
    Use-after-free could occur when applying update on macOS
  * CVE-2024-0753 (bmo#1870262)
    HSTS policy on subdomain could bypass policy of upper domain
  * CVE-2024-0754 (bmo#1871605)

buildservice-autocommit accepted request 1138351 from

Wolfgang Rosenauer (wrosenauer) 4 months ago (revision 1127)

baserev update by copy to link target

Wolfgang Rosenauer (wrosenauer) accepted request 1137806 from

Andreas Stieger (AndreasStieger) 4 months ago (revision 1126)

Mozilla Firefox 121.0.1

buildservice-autocommit accepted request 1134603 from

Wolfgang Rosenauer (wrosenauer) 4 months ago (revision 1125)

baserev update by copy to link target

Wolfgang Rosenauer (wrosenauer) committed 4 months ago (revision 1124)

- Mozilla Firefox 121.0
  https://www.mozilla.org/en-US/firefox/121.0/releasenotes
  MFSA 2023-56 (bsc#1217974)
  * CVE-2023-6856 (bmo#1843782)
    Heap-buffer-overflow affecting WebGL DrawElementsInstanced
    method with Mesa VM driver
  * CVE-2023-6135 (bmo#1853908)
    NSS susceptible to "Minerva" attack
  * CVE-2023-6865 (bmo#1864123)
    Potential exposure of uninitialized data in EncryptingOutputStream
  * CVE-2023-6857 (bmo#1796023)
    Symlinks may resolve to smaller than expected buffers
  * CVE-2023-6858 (bmo#1826791)
    Heap buffer overflow in nsTextFragment
  * CVE-2023-6859 (bmo#1840144)
    Use-after-free in PR_GetIdentitiesLayer
  * CVE-2023-6866 (bmo#1849037)
    TypedArrays lack sufficient exception handling
  * CVE-2023-6860 (bmo#1854669)
    Potential sandbox escape due to VideoBridge lack of texture
    validation
  * CVE-2023-6867 (bmo#1863863)
    Clickjacking permission prompts using the popup transition
  * CVE-2023-6861 (bmo#1864118)
    Heap buffer overflow affected nsWindow::PickerOpen(void) in
    headless mode
  * CVE-2023-6868 (bmo#1865488)
    WebPush requests on Firefox for Android did not require VAPID key
  * CVE-2023-6869 (bmo#1799036)
    Content can paint outside of sandboxed iframe

buildservice-autocommit accepted request 1132165 from

Wolfgang Rosenauer (wrosenauer) 5 months ago (revision 1123)

baserev update by copy to link target

Wolfgang Rosenauer (wrosenauer) accepted request 1132141 from

Andreas Stieger (AndreasStieger) 5 months ago (revision 1122)

Mozilla Firefox 120.0.1 (boo#1217910)

buildservice-autocommit accepted request 1129161 from

Wolfgang Rosenauer (wrosenauer) 5 months ago (revision 1121)

baserev update by copy to link target

Wolfgang Rosenauer (wrosenauer) committed 5 months ago (revision 1120)

- Mozilla Firefox 120.0
  https://www.mozilla.org/en-US/firefox/120.0/releasenotes
  MFSA 2023-49 (bsc#1217230)
  * CVE-2023-6204 (bmo#1841050)
    Out-of-bound memory access in WebGL2 blitFramebuffer
  * CVE-2023-6205 (bmo#1854076)
    Use-after-free in MessagePort::Entangled
  * CVE-2023-6206 (bmo#1857430)
    Clickjacking permission prompts using the fullscreen
    transition
  * CVE-2023-6207 (bmo#1861344)
    Use-after-free in ReadableByteStreamQueueEntry::Buffer
  * CVE-2023-6208 (bmo#1855345)
    Using Selection API would copy contents into X11 primary
    selection.
  * CVE-2023-6209 (bmo#1858570)
    Incorrect parsing of relative URLs starting with "///"
  * CVE-2023-6210 (bmo#1801501)
    Mixed-content resources not blocked in a javascript: pop-up
  * CVE-2023-6211 (bmo#1850200)
    Clickjacking to load insecure pages in HTTPS-only mode
  * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,
    bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,
    bmo#1862782)
    Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
    and Thunderbird 115.5
  * CVE-2023-6213 (bmo#1849265, bmo#1851118, bmo#1854911)
    Memory safety bugs fixed in Firefox 120
- rebased patches

buildservice-autocommit accepted request 1124746 from

Wolfgang Rosenauer (wrosenauer) 6 months ago (revision 1119)

baserev update by copy to link target

Wolfgang Rosenauer (wrosenauer) accepted request 1124728 from

Andreas Stieger (AndreasStieger) 6 months ago (revision 1118)

Mozilla Firefox 119.0.1

buildservice-autocommit accepted request 1121261 from

Wolfgang Rosenauer (wrosenauer) 6 months ago (revision 1117)

baserev update by copy to link target

Wolfgang Rosenauer (wrosenauer) accepted request 1121257 from

Bjørn Lie (iznogood) 6 months ago (revision 1116)

Alter .changes to avoid factory bots nack'ing the submission. (mention patches enabled/disabled).

Wolfgang Rosenauer (wrosenauer) committed 6 months ago (revision 1115)

- Mozilla Firefox 119.0
  https://www.mozilla.org/en-US/firefox/119.0/releasenotes
  MFSA 2023-45 (bsc#1216338)
  * CVE-2023-5721 (bmo#1830820)
    Queued up rendering could have allowed websites to clickjack
  * CVE-2023-5722 (bmo#1738426)
    Cross-Origin size and header leakage
  * CVE-2023-5723 (bmo#1802057)
    Invalid cookie characters could have led to unexpected errors
  * CVE-2023-5724 (bmo#1836705)
    Large WebGL draw could have led to a crash
  * CVE-2023-5725 (bmo#1845739)
    WebExtensions could open arbitrary URLs
  * CVE-2023-5726 (bmo#1846205)
    Full screen notification obscured by file open dialog on macOS
  * CVE-2023-5727 (bmo#1847180)
    Download Protections were bypassed by .msix, .msixbundle,
    .appx, and .appxbundle files on Windows
  * CVE-2023-5728 (bmo#1852729)
    Improper object tracking during GC in the JavaScript engine
    could have led to a crash.
  * CVE-2023-5729 (bmo#1823720)
    Fullscreen notification dialog could have been obscured by
    WebAuthn prompts
  * CVE-2023-5730 (bmo#1836607, bmo#1840918, bmo#1848694, bmo#1848833,
    bmo#1850191, bmo#1850259, bmo#1852596, bmo#1853201, bmo#1854002,
    bmo#1855306, bmo#1855640, bmo#1856695)
    Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4,
    and Thunderbird 115.4.1
  * CVE-2023-5731 (bmo#1690111, bmo#1721904, bmo#1851803, bmo#1854068)

Wolfgang Rosenauer (wrosenauer) committed 7 months ago (revision 1114)

  (boo#1216027)

Wolfgang Rosenauer (wrosenauer) committed 7 months ago (revision 1113)

- Activate KDE integration again, included rebased and updated patches
  (upstream removed special files handling for preferences but that
  has no effect since we haven't shipped obsolete kde.js for a while)

Wolfgang Rosenauer (wrosenauer) accepted request 1114576 from

Björn Bidar (Thaodan) 7 months ago (revision 1112)

- Active KDE integration again, included rebased and updated patches

Wolfgang Rosenauer (wrosenauer) accepted request 1117058 from

Andreas Stieger (AndreasStieger) 7 months ago (revision 1111)

Mozilla Firefox 118.0.2

buildservice-autocommit accepted request 1114282 from

Wolfgang Rosenauer (wrosenauer) 7 months ago (revision 1110)

baserev update by copy to link target

Displaying revisions 21 - 40 of 1149

Places

Revisions of MozillaFirefox

Places