Overview
Request 1043934 accepted
- Mozilla Firefox 108.0.1 (boo#1206507)
* Fixes the default search engine being reset on upgrade for
profiles which were previously copied from a different location
- Mozilla Firefox 108.0
https://www.mozilla.org/en-US/firefox/108.0/releasenotes/
MFSA 2022-51 (bsc#1206242)
* CVE-2022-46871 (bmo#1795697)
libusrsctp library out of date
* CVE-2022-46872 (bmo#1799156)
Arbitrary file read from a compromised content process
* CVE-2022-46873 (bmo#1644790)
Firefox did not implement the CSP directive unsafe-hashes
* CVE-2022-46874 (bmo#1746139)
Drag and Dropped Filenames could have been truncated to
malicious extensions
* CVE-2022-46875 (bmo#1786188)
Download Protections were bypassed by .atloc and .ftploc
files on Mac OS
* CVE-2022-46877 (bmo#1795139)
Fullscreen notification bypass
* CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
bmo#1801102, bmo#1801315, bmo#1802395)
Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
* CVE-2022-46879 (bmo#1736224, bmo#1793407, bmo#1794249, bmo#1795845,
bmo#1797682, bmo#1797720, bmo#1798494, bmo#1799479)
Memory safety bugs fixed in Firefox 108
- requires
NSS >= 3.85
rustc/cargo 1.65
- Created by wrosenauer
- In state accepted
- Supersedes 1043932
last one was declined because of "FTBFS on i586 and ppc64le"
Please note that I don't care about i586 anymore. Every new release breaks and I understood we stop the architecture. ppc64le to my knowledge is also not a fully supported TW architecture. So how to unblock the situation that 99% of the TW users don't get security updates vs. i586 and ppc64le support from day one?
as long as the spec file declares it should build, it has to build.
i586 is still a maintained port, just like ARM, PowerPC and s390x, and the upcoming RISCV
Request History
wrosenauer created request
- Mozilla Firefox 108.0.1 (boo#1206507)
* Fixes the default search engine being reset on upgrade for
profiles which were previously copied from a different location
- Mozilla Firefox 108.0
https://www.mozilla.org/en-US/firefox/108.0/releasenotes/
MFSA 2022-51 (bsc#1206242)
* CVE-2022-46871 (bmo#1795697)
libusrsctp library out of date
* CVE-2022-46872 (bmo#1799156)
Arbitrary file read from a compromised content process
* CVE-2022-46873 (bmo#1644790)
Firefox did not implement the CSP directive unsafe-hashes
* CVE-2022-46874 (bmo#1746139)
Drag and Dropped Filenames could have been truncated to
malicious extensions
* CVE-2022-46875 (bmo#1786188)
Download Protections were bypassed by .atloc and .ftploc
files on Mac OS
* CVE-2022-46877 (bmo#1795139)
Fullscreen notification bypass
* CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
bmo#1801102, bmo#1801315, bmo#1802395)
Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
* CVE-2022-46879 (bmo#1736224, bmo#1793407, bmo#1794249, bmo#1795845,
bmo#1797682, bmo#1797720, bmo#1798494, bmo#1799479)
Memory safety bugs fixed in Firefox 108
- requires
NSS >= 3.85
rustc/cargo 1.65
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
dimstar_suse set openSUSE:Factory:Staging:I as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:I"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:I"
dimstar accepted review
licensedigger accepted review
The legal review is accepted preliminary. The package may require actions later on.
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:I got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:I got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:I got accepted.