Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2019-05-27 08:29:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox"
Mon May 27 08:29:14 2019 rev:289 rq:705211 version:67.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2019-05-12 11:32:52.553778090 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/MozillaFirefox.changes 2019-05-27 08:29:25.179280682 +0200
@@ -1,0 +2,85 @@
+Sun May 19 20:40:30 UTC 2019 - Wolfgang Rosenauer
+
+- Mozilla Firefox 67.0
+ * Firefox 67 will be able to run different Firefox installs side by side
+ https://blog.nightly.mozilla.org/2019/01/14/moving-to-a-profile-per-install-...
+ * Tabs can now be pinned from the Page Actions menu in the address bar
+ * Users can block known cryptominers and fingerprinters in the
+ Custom settings or their Content Blocking preferences
+ * The Import Data from Another Browser feature is now also available
+ from the File menu
+ * Firefox will now protect you against running older versions which
+ can lead to data corruption and stability issues
+ * Easier access to your list of saved logins from the main menu and
+ login autocomplete
+ * We’ve added a toolbar menu for your Firefox Account to provide more
+ transparency for when you are synced, sharing data across devices
+ and with Firefox. Personalize the appearance of the menu with your
+ own avatar
+ * Enable FIDO U2F API, and permit registrations for Google Accounts
+ * Enabled AV1 support on Linux
+ MFSA 2019-13 (boo#1135824)
+ * CVE-2019-9815 (bmo#1546544)
+ Disable hyperthreading on content JavaScript threads on macOS
+ * CVE-2019-9816 (bmo#1536768)
+ Type confusion with object groups and UnboxedObjects
+ * CVE-2019-9817 (bmo#1540221)
+ Stealing of cross-domain images using canvas
+ * CVE-2019-9818 (bmo#1542581) (Windows only)
+ Use-after-free in crash generation server
+ * CVE-2019-9819 (bmo#1532553)
+ Compartment mismatch with fetch API
+ * CVE-2019-9820 (bmo#1536405)
+ Use-after-free of ChromeEventHandler by DocShell
+ * CVE-2019-9821 (bmo#1539125)
+ Use-after-free in AssertWorkerThread
+ * CVE-2019-11691 (bmo#1542465)
+ Use-after-free in XMLHttpRequest
+ * CVE-2019-11692 (bmo#1544670)
+ Use-after-free removing listeners in the event listener manager
+ * CVE-2019-11693 (bmo#1532525)
+ Buffer overflow in WebGL bufferdata on Linux
+ * CVE-2019-7317 (bmo#1542829)
+ Use-after-free in png_image_free of libpng library
+ * CVE-2019-11694 (bmo#1534196) (Windows only)
+ Uninitialized memory memory leakage in Windows sandbox
+ * CVE-2019-11695 (bmo#1445844)
+ Custom cursor can render over user interface outside of web content
+ * CVE-2019-11696 (bmo#1392955)
+ Java web start .JNLP files are not recognized as executable files
+ for download prompts
+ * CVE-2019-11697 (bmo#1440079)
+ Pressing key combinations can bypass installation prompt delays and
+ install extensions
+ * CVE-2019-11698 (bmo#1543191)
+ Theft of user history data through drag and drop of hyperlinks
+ to and from bookmarks
+ * CVE-2019-11700 (bmo#1549833) (Windows only)
+ res: protocol can be used to open known local files
+ * CVE-2019-11699 (bmo#1528939)
+ Incorrect domain name highlighting during page navigation
+ * CVE-2019-11701 (bmo#1518627)
+ webcal: protocol default handler loads vulnerable web page
+ * CVE-2019-9814 (bmo#1527592, bmo#1534536, bmo#1520132, bmo#1543159,
+ bmo#1539393, bmo#1459932, bmo#1459182, bmo#1516425)
+ Memory safety bugs fixed in Firefox 67
+ * CVE-2019-9800 (bmo#1540166, bmo#1534593, bmo#1546327, bmo#1540136,
+ bmo#1538736, bmo#1538042, bmo#1535612, bmo#1499719, bmo#1499108,
+ bmo#1538619, bmo#1535194, bmo#1516325, bmo#1542324, bmo#1542097,
+ bmo#1532465, bmo#1533554, bmo#1541580)
+ Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
+- requires
+ * rust/cargo >= 1.32
+ * mozilla-nspr >= 4.21
+ * mozilla-nss >= 3.43
+ * rust-cbindgen >= 0.8.2
+- rebased patches
+- KDE integration for default browser detection is broken in this revision
+
+-------------------------------------------------------------------
+Fri May 17 12:04:49 UTC 2019 - Guillaume GARDET
+
+- Fix armv7 build with:
+ * mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
+
+-------------------------------------------------------------------
Old:
----
firefox-66.0.5.source.tar.xz
firefox-66.0.5.source.tar.xz.asc
l10n-66.0.5.tar.xz
New:
----
firefox-67.0.source.tar.xz
firefox-67.0.source.tar.xz.asc
l10n-67.0.tar.xz
mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaFirefox.spec ++++++
--- /var/tmp/diff_new_pack.pWF4Gk/_old 2019-05-27 08:29:50.715270727 +0200
+++ /var/tmp/diff_new_pack.pWF4Gk/_new 2019-05-27 08:29:50.719270725 +0200
@@ -18,13 +18,13 @@
# changed with every update
-%define major 66
-%define mainver %major.0.5
-%define orig_version 66.0.5
+%define major 67
+%define mainver %major.0
+%define orig_version 67.0
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
-%define releasedate 20190507012018
+%define releasedate 20190516215225
%define source_prefix firefox-%{orig_version}
# always build with GCC as SUSE Security Team requires that
@@ -69,7 +69,7 @@
%else
BuildRequires: gcc-c++
%endif
-BuildRequires: cargo >= 1.31
+BuildRequires: cargo >= 1.32
BuildRequires: libXcomposite-devel
BuildRequires: libcurl-devel
BuildRequires: libidl-devel
@@ -77,15 +77,15 @@
BuildRequires: libnotify-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
-BuildRequires: mozilla-nspr-devel >= 4.20
-BuildRequires: mozilla-nss-devel >= 3.42.1
+BuildRequires: mozilla-nspr-devel >= 4.21
+BuildRequires: mozilla-nss-devel >= 3.43
BuildRequires: nasm >= 2.13
BuildRequires: nodejs >= 8.11
BuildRequires: python-devel
BuildRequires: python2-xml
BuildRequires: python3 >= 3.5
-BuildRequires: rust >= 1.31
-BuildRequires: rust-cbindgen >= 0.6.8
+BuildRequires: rust >= 1.32
+BuildRequires: rust-cbindgen >= 0.8.2
BuildRequires: startup-notification-devel
BuildRequires: unzip
BuildRequires: update-desktop-files
@@ -164,6 +164,7 @@
Patch9: mozilla-bmo1463035.patch
Patch10: mozilla-cubeb-noreturn.patch
Patch11: mozilla-fix-aarch64-libopus.patch
+Patch12: mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -271,6 +272,7 @@
%patch9 -p1
%patch10 -p1
%patch11 -p1
+%patch12 -p1
# Firefox
%patch101 -p1
%patch102 -p1
++++++ compare-locales.tar.xz ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.pWF4Gk/_old 2019-05-27 08:29:50.851270674 +0200
+++ /var/tmp/diff_new_pack.pWF4Gk/_new 2019-05-27 08:29:50.855270673 +0200
@@ -7,8 +7,8 @@
CHANNEL="release"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="96d2576eae4baf0aa961b4f5a1dadd26bb8ee823"
-VERSION="66.0.5"
+RELEASE_TAG="2a7896ba9aa5d982abe01f859d771d411fda8101"
+VERSION="67.0"
VERSION_SUFFIX=""
LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
++++++ firefox-66.0.5.source.tar.xz -> firefox-67.0.source.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-66.0.5.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/firefox-67.0.source.tar.xz differ: char 15, line 1
++++++ firefox-kde.patch ++++++
--- /var/tmp/diff_new_pack.pWF4Gk/_old 2019-05-27 08:29:50.903270653 +0200
+++ /var/tmp/diff_new_pack.pWF4Gk/_new 2019-05-27 08:29:50.903270653 +0200
@@ -1,11 +1,11 @@
# HG changeset patch
-# Parent 87262204aa945e6fce864193d103a93659bf76f6
+# Parent 18632e53d0b0c4c03f254ca2dbbeac8f48ec6f5c
diff --git a/browser/base/content/browser-kde.xul b/browser/base/content/browser-kde.xul
new file mode 100644
--- /dev/null
+++ b/browser/base/content/browser-kde.xul
-@@ -0,0 +1,1408 @@
+@@ -0,0 +1,1404 @@
+#filter substitution
+<?xml version="1.0"?>
+# -*- Mode: HTML -*-
@@ -80,7 +80,6 @@
+ retargetdocumentfocus="urlbar"
+ persist="screenX screenY width height sizemode"
+#ifdef BROWSER_XHTML
-+ hidden="true"
+ mozpersist=""
+#endif
+ >
@@ -90,11 +89,7 @@
+# that they can be shared with macWindow.inc.xul.
+#include global-scripts.inc
+
-+