Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package firefox-esr for openSUSE:Factory checked in at 2025-01-07 20:55:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/firefox-esr (Old) and /work/SRC/openSUSE:Factory/.firefox-esr.new.1881 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "firefox-esr" Tue Jan 7 20:55:19 2025 rev:2 rq:1235674 version:128.6.0 Changes: -------- --- /work/SRC/openSUSE:Factory/firefox-esr/firefox-esr.changes 2024-12-12 21:18:24.577262608 +0100 +++ /work/SRC/openSUSE:Factory/.firefox-esr.new.1881/firefox-esr.changes 2025-01-07 20:55:53.803060948 +0100 @@ -1,0 +2,34 @@ +Tue Jan 7 09:24:50 UTC 2025 - Manfred Hollstein <[email protected]> + +- Firefox Extended Support Release 128.6.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.6.0 + https://www.mozilla.org/security/advisories/mfsa2025-02 + MFSA 2025-02 (boo#1234991) + * CVE-2025-0237 (bmo#1915257) + WebChannel APIs susceptible to confused deputy attack + * CVE-2025-0238 (bmo#1915535) + Use-after-free when breaking lines in text + * CVE-2025-0239 (bmo#1929156) + Alt-Svc ALPN validation failure when redirected + * CVE-2025-0240 (bmo#1929623) + Compartment mismatch when parsing JavaScript JSON module + * CVE-2025-0241 (bmo#1933023) + Memory corruption when using JavaScript Text Segmentation + * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, + bmo#1932169) + Memory safety bugs fixed in Firefox 134, Thunderbird 134, + Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, + and Thunderbird 128.6 + * CVE-2025-0243 (bmo#1827142, bmo#1932783) + Memory safety bugs fixed in Firefox 134, Thunderbird 134, + Firefox ESR 128.6, and Thunderbird 128.6 + +------------------------------------------------------------------- +Fri Dec 13 08:39:09 UTC 2024 - Manfred Hollstein <[email protected]> + +- Firefox Extended Support Release 128.5.2 ESR + * Fixed: Fixed a crash experienced by Windows users with Qihoo + 360 Total Security Antivirus software installed (bmo#1934258) + +------------------------------------------------------------------- Old: ---- firefox-128.5.1esr.source.tar.xz firefox-128.5.1esr.source.tar.xz.asc l10n-128.5.1esr.tar.xz New: ---- firefox-128.6.0esr.source.tar.xz firefox-128.6.0esr.source.tar.xz.asc l10n-128.6.0esr.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ firefox-esr.spec ++++++ --- /var/tmp/diff_new_pack.H1lCgL/_old 2025-01-07 20:56:03.327455000 +0100 +++ /var/tmp/diff_new_pack.H1lCgL/_new 2025-01-07 20:56:03.363456490 +0100 @@ -1,8 +1,8 @@ # # spec file for package firefox-esr # -# Copyright (c) 2024 SUSE LLC -# Copyright (c) 2006-2024 Wolfgang Rosenauer <[email protected]> +# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2006-2025 Wolfgang Rosenauer <[email protected]> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -41,8 +41,8 @@ # major 69 # mainver %%major.99 %define major 128 -%define mainver %major.5.1 -%define orig_version 128.5.1 +%define mainver %major.6.0 +%define orig_version 128.6.0 %define orig_suffix esr %define update_channel esr %define branding 1 ++++++ MozillaFirefox.changes.txt ++++++ --- /var/tmp/diff_new_pack.H1lCgL/_old 2025-01-07 20:56:04.131488266 +0100 +++ /var/tmp/diff_new_pack.H1lCgL/_new 2025-01-07 20:56:04.183490418 +0100 @@ -1,4 +1,38 @@ ------------------------------------------------------------------- +Tue Jan 7 09:24:50 UTC 2025 - Manfred Hollstein <[email protected]> + +- Firefox Extended Support Release 128.6.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.6.0 + https://www.mozilla.org/security/advisories/mfsa2025-02 + MFSA 2025-02 (boo#1234991) + * CVE-2025-0237 (bmo#1915257) + WebChannel APIs susceptible to confused deputy attack + * CVE-2025-0238 (bmo#1915535) + Use-after-free when breaking lines in text + * CVE-2025-0239 (bmo#1929156) + Alt-Svc ALPN validation failure when redirected + * CVE-2025-0240 (bmo#1929623) + Compartment mismatch when parsing JavaScript JSON module + * CVE-2025-0241 (bmo#1933023) + Memory corruption when using JavaScript Text Segmentation + * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, + bmo#1932169) + Memory safety bugs fixed in Firefox 134, Thunderbird 134, + Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, + and Thunderbird 128.6 + * CVE-2025-0243 (bmo#1827142, bmo#1932783) + Memory safety bugs fixed in Firefox 134, Thunderbird 134, + Firefox ESR 128.6, and Thunderbird 128.6 + +------------------------------------------------------------------- +Fri Dec 13 08:39:09 UTC 2024 - Manfred Hollstein <[email protected]> + +- Firefox Extended Support Release 128.5.2 ESR + * Fixed: Fixed a crash experienced by Windows users with Qihoo + 360 Total Security Antivirus software installed (bmo#1934258) + +------------------------------------------------------------------- Wed Dec 11 15:24:36 UTC 2024 - Manfred Hollstein <[email protected]> - Add MozillaFirefox.changes.txt as a hard link to firefox-esr.changes ++++++ firefox-128.5.1esr.source.tar.xz -> firefox-128.6.0esr.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/firefox-esr/firefox-128.5.1esr.source.tar.xz /work/SRC/openSUSE:Factory/.firefox-esr.new.1881/firefox-128.6.0esr.source.tar.xz differ: char 15, line 1 ++++++ firefox-esr.changes.txt ++++++ --- /var/tmp/diff_new_pack.H1lCgL/_old 2025-01-07 20:56:05.007524510 +0100 +++ /var/tmp/diff_new_pack.H1lCgL/_new 2025-01-07 20:56:05.059526662 +0100 @@ -1,4 +1,38 @@ ------------------------------------------------------------------- +Tue Jan 7 09:24:50 UTC 2025 - Manfred Hollstein <[email protected]> + +- Firefox Extended Support Release 128.6.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.6.0 + https://www.mozilla.org/security/advisories/mfsa2025-02 + MFSA 2025-02 (boo#1234991) + * CVE-2025-0237 (bmo#1915257) + WebChannel APIs susceptible to confused deputy attack + * CVE-2025-0238 (bmo#1915535) + Use-after-free when breaking lines in text + * CVE-2025-0239 (bmo#1929156) + Alt-Svc ALPN validation failure when redirected + * CVE-2025-0240 (bmo#1929623) + Compartment mismatch when parsing JavaScript JSON module + * CVE-2025-0241 (bmo#1933023) + Memory corruption when using JavaScript Text Segmentation + * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, + bmo#1932169) + Memory safety bugs fixed in Firefox 134, Thunderbird 134, + Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, + and Thunderbird 128.6 + * CVE-2025-0243 (bmo#1827142, bmo#1932783) + Memory safety bugs fixed in Firefox 134, Thunderbird 134, + Firefox ESR 128.6, and Thunderbird 128.6 + +------------------------------------------------------------------- +Fri Dec 13 08:39:09 UTC 2024 - Manfred Hollstein <[email protected]> + +- Firefox Extended Support Release 128.5.2 ESR + * Fixed: Fixed a crash experienced by Windows users with Qihoo + 360 Total Security Antivirus software installed (bmo#1934258) + +------------------------------------------------------------------- Wed Dec 11 15:24:36 UTC 2024 - Manfred Hollstein <[email protected]> - Add MozillaFirefox.changes.txt as a hard link to firefox-esr.changes ++++++ l10n-128.5.1esr.tar.xz -> l10n-128.6.0esr.tar.xz ++++++ ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.H1lCgL/_old 2025-01-07 20:56:06.591590048 +0100 +++ /var/tmp/diff_new_pack.H1lCgL/_new 2025-01-07 20:56:06.623591372 +0100 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="esr128" -VERSION="128.5.1" +VERSION="128.6.0" VERSION_SUFFIX="esr" -PREV_VERSION="128.5.0" +PREV_VERSION="128.5.2" PREV_VERSION_SUFFIX="esr" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr128"; -RELEASE_TAG="a6cdcd2ed9ec3e256f358010672bafd1674b0b8b" -RELEASE_TIMESTAMP="20241128151741" +RELEASE_TAG="4f008c71b12e001ae54b7fcd4787b266764c28bf" +RELEASE_TIMESTAMP="20241218153108"
