Update for 00Meta, 389-ds, 389-ds.10198, Graphic... security important

Security update for MozillaFirefox, MozillaFirefox-branding-SLE

This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues:

Changes in MozillaFirefox:

Security issues fixed:

- CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).
- CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).
- CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).
- CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).
- CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).
- CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).
- CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).
- CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).
- CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).

Non-security issues fixed:

- Added Provides-line for translations-common (bsc#1153423) .
- Moved some settings from branding-package here (bsc#1153869).
- Disabled DoH by default.

Changes in MozillaFirefox-branding-SLE:

- Moved extensions preferences to core package (bsc#1153869).

This update was imported from the SUSE:SLE-15:Update update project.

Fixed bugs
VUL-0: CVE-2019-15903: expat: crafted XML input results in heap-based buffer over-read by fooling the parser into changing from DTD parsing to document parsing
Newer versions of firefox have a dependency on GLIBCXX_3.4.20
SLES15 - IBM s390-tools-2.1.0 Maintenance Patches (#6)
Firefox 60.7 ESR changed the user interface language
Changes to preferences not saved in Thunderbird's CardBook add-on
Dependencies issue: MozillaFirefox-translations-52.9.0esr-109.38.2.s390x requires MozillaFirefox = 52.9.0esr
Move extension preferences from branding-package to the core-package
VUL-0: MozillaFirefox, MozillaThunderbird: Update Firefox and Thunderbird to 68.2 esr (MFSA 2019-33)
Selected Binaries
openSUSE Build Service is sponsored by