Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.1&build=442.2&groupid=50 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&query_format=advanced&resolution=---&version=Leap%2015.1 When you reply to discuss some issues, make sure to change the subject. Please use the test plan at https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m... to record your testing efforts and use bugzilla to report bugs. Packages changed: MozillaFirefox (60.5.1 -> 60.6.1) xfce4-session === Details === ==== MozillaFirefox ==== Version update (60.5.1 -> 60.6.1) Subpackages: MozillaFirefox-translations-common MozillaFirefox-translations-other - Mozilla Firefox 60.6.1esr MFSA 2019-10 (bsc#1130262) * CVE-2019-9810 (bmo#1537924) IonMonkey MArraySlice has incorrect alias information * CVE-2019-9813 (bmo#1538006) Ionmonkey type confusion with __proto__ mutations - Mozilla Firefox 60.6.0esr MFSA 2019-08 (bsc#1129821) * CVE-2019-9790 bmo#1525145 Use-after-free when removing in-use DOM elements * CVE-2019-9791 bmo#1530958 Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey * CVE-2019-9792 bmo#1532599 IonMonkey leaks JS_OPTIMIZED_OUT magic value to script * CVE-2019-9793 bmo#1528829 Improper bounds checks when Spectre mitigations are disabled * CVE-2019-9794 bmo#1530103 Command line arguments not discarded during execution * CVE-2019-9795 bmo#1514682 Type-confusion in IonMonkey JIT compiler * CVE-2019-9796 bmo#1531277 Use-after-free with SMIL animation controller * CVE-2018-18506 bmo#1503393 Proxy Auto-Configuration file can define localhost access to be proxied * CVE-2019-9788 bmo#1518001 bmo#1521304 bmo#1521214 bmo#1506665 bmo#1516834 bmo#1518774 bmo#1524755 bmo#1523362 bmo#1524214 bmo#1529203 Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 - Mozilla Firefox 60.5.2esr: * Fix a frequent crash when reading various Reuters news articles (bmo#1505844) ==== xfce4-session ==== Subpackages: libxfsm-4_6-0 xfce4-session-lang - Remove a hunk from xinitrd. Upstream already sets XDG_CURRENT_DESKTOP with commit 4daf68eb xfce4-session-adapt-session-scripts.patch - Use autosetup for simpler quilt setup refresh add-light-locker-support.patch -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org