Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2025-02-05 12:40:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2316 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Wed Feb 5 12:40:04 2025 rev:448 rq:1243203 version:135.0 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2025-01-24 13:39:26.096254961 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2316/MozillaFirefox.changes 2025-02-05 12:40:14.484093406 +0100 @@ -1,0 +2,35 @@ +Mon Feb 3 10:55:18 UTC 2025 - Wolfgang Rosenauer <w...@rosenauer.org> + +- Mozilla Firefox 135.0 + https://www.mozilla.org/en-US/firefox/135.0/releasenotes + MFSA 2025-07 (bsc#1236539) + * CVE-2025-1009 (bmo#1936613) + Use-after-free in XSLT + * CVE-2025-1010 (bmo#1936982) + Use-after-free in Custom Highlight + * CVE-2025-1018 (bmo#1910818) + Fullscreen notification is not displayed when fullscreen is + re-requested + * CVE-2025-1011 (bmo#1936454) + A bug in WebAssembly code generation could result in a crash + * CVE-2025-1012 (bmo#1939710) + Use-after-free during concurrent delazification + * CVE-2025-1019 (bmo#1940162) + Fullscreen notification not properly displayed + * CVE-2025-1013 (bmo#1932555) + Potential opening of private browsing tabs in normal browsing windows + * CVE-2025-1014 (bmo#1940804) + Certificate length was not properly checked + * CVE-2025-1016 (bmo#1936601, bmo#1936844, bmo#1937694, bmo#1938469, + bmo#1939583, bmo#1940994) + Memory safety bugs fixed in Firefox 135, Thunderbird 135, + Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20, + and Thunderbird 128.7 + * CVE-2025-1017 (bmo#1926256, bmo#1935471, bmo#1935984) + Memory safety bugs fixed in Firefox 135, Thunderbird 135, + Firefox ESR 128.7, and Thunderbird 128.7 + * CVE-2025-1020 (bmo#1939063, bmo#1942169) + Memory safety bugs fixed in Firefox 135 and Thunderbird 135 +- requires rust 1.83 + +------------------------------------------------------------------- Old: ---- firefox-134.0.2.source.tar.xz firefox-134.0.2.source.tar.xz.asc l10n-134.0.2.tar.xz New: ---- firefox-135.0.source.tar.xz firefox-135.0.source.tar.xz.asc l10n-135.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.aAKqlA/_old 2025-02-05 12:40:30.480753583 +0100 +++ /var/tmp/diff_new_pack.aAKqlA/_new 2025-02-05 12:40:30.480753583 +0100 @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %%major.99 -%define major 134 -%define mainver %major.0.2 -%define orig_version 134.0.2 +%define major 135 +%define mainver %major.0 +%define orig_version 135.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -103,8 +103,8 @@ %else BuildRequires: gcc-c++ %endif -BuildRequires: cargo1.81 -BuildRequires: rust1.81 +BuildRequires: cargo1.83 +BuildRequires: rust1.83 %if 0%{useccache} != 0 BuildRequires: ccache %endif ++++++ firefox-134.0.2.source.tar.xz -> firefox-135.0.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-134.0.2.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2316/firefox-135.0.source.tar.xz differ: char 15, line 1 ++++++ l10n-134.0.2.tar.xz -> l10n-135.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-134.0.2.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2316/l10n-135.0.tar.xz differ: char 15, line 1 ++++++ mozilla-bmo1746799.patch ++++++ --- /var/tmp/diff_new_pack.aAKqlA/_old 2025-02-05 12:40:30.740764313 +0100 +++ /var/tmp/diff_new_pack.aAKqlA/_new 2025-02-05 12:40:30.740764313 +0100 @@ -11,9 +11,9 @@ --- a/third_party/rust/cubeb-pulse/.cargo-checksum.json +++ b/third_party/rust/cubeb-pulse/.cargo-checksum.json @@ -1,1 +1,1 @@ --{"files":{".editorconfig":"bf047bd1da10cabb99eea666d1e57c321eba4716dccb3e4ed0e2c5fe3ca53858",".github/workflows/build.yml":"477366d58c9dc059dbe4a158a6e910f23a3e9ecac7411f73616e06375583b764","AUTHORS":"0e0ac930a68ce2f6b876126b195add177f0d3886facb9260f4d9b69f1988f0cc","Cargo.toml":"4dc677a2a769c0f1667c7ad52bc7b09d22ae8e47bb95389223a5075eb4228d13","LICENSE":"44c6b5ae5ec3fe2fbc608b00e6f4896f4d2d5c7e525fcbaa3eaa3cf2f3d5a983","README.md":"0079450bb4b013bac065ed1750851e461a3710ebad1f323817da1cb82db0bc4f","src/backend/context.rs":"c0db5f2447de1d6df5aa2812fa342a085e73156a072c221c7379b9a6a9b86786","src/backend/cork_state.rs":"4a0f1afc7d9f333dac89218cc56d7d32fbffb487cd48c1c9a4e03d79cb3b5e28","src/backend/intern.rs":"11ca424e4eb77f8eb9fd5a6717d1e791facf9743156a8534f0016fcf64d57b0f","src/backend/mod.rs":"dfb30ec497d6215e4535e936fea8fe3a407ef24dc1cec43b52c0ffa923d9229c","src/backend/stream.rs":"dfe5b747e100cae4aeae36cf2ebb9dc4715b411b4116721a40eec2944eb0ec23","src/capi.rs":"fa0fa020f0d0efe55aa0f c3596405e8407bbe2cbe6c7a558345304e6da87994e","src/lib.rs":"b41bbdc562cbfb130ed7c1e53fe69944774f515705341d8ce48a2f82c8c0c2c5"},"package":null} +-{"files":{".editorconfig":"bf047bd1da10cabb99eea666d1e57c321eba4716dccb3e4ed0e2c5fe3ca53858",".github/workflows/build.yml":"477366d58c9dc059dbe4a158a6e910f23a3e9ecac7411f73616e06375583b764","AUTHORS":"0e0ac930a68ce2f6b876126b195add177f0d3886facb9260f4d9b69f1988f0cc","Cargo.toml":"607b9f93ad76d2bc52213b704a6f72b12ff418ab78f757c1b2ead17f63a612ad","LICENSE":"44c6b5ae5ec3fe2fbc608b00e6f4896f4d2d5c7e525fcbaa3eaa3cf2f3d5a983","README.md":"0079450bb4b013bac065ed1750851e461a3710ebad1f323817da1cb82db0bc4f","src/backend/context.rs":"c0db5f2447de1d6df5aa2812fa342a085e73156a072c221c7379b9a6a9b86786","src/backend/cork_state.rs":"4a0f1afc7d9f333dac89218cc56d7d32fbffb487cd48c1c9a4e03d79cb3b5e28","src/backend/intern.rs":"11ca424e4eb77f8eb9fd5a6717d1e791facf9743156a8534f0016fcf64d57b0f","src/backend/mod.rs":"dfb30ec497d6215e4535e936fea8fe3a407ef24dc1cec43b52c0ffa923d9229c","src/backend/stream.rs":"dfe5b747e100cae4aeae36cf2ebb9dc4715b411b4116721a40eec2944eb0ec23","src/capi.rs":"fa0fa020f0d0efe55aa0f c3596405e8407bbe2cbe6c7a558345304e6da87994e","src/lib.rs":"b41bbdc562cbfb130ed7c1e53fe69944774f515705341d8ce48a2f82c8c0c2c5"},"package":null} \ No newline at end of file -+{"files":{".editorconfig":"bf047bd1da10cabb99eea666d1e57c321eba4716dccb3e4ed0e2c5fe3ca53858",".github/workflows/build.yml":"477366d58c9dc059dbe4a158a6e910f23a3e9ecac7411f73616e06375583b764","AUTHORS":"0e0ac930a68ce2f6b876126b195add177f0d3886facb9260f4d9b69f1988f0cc","Cargo.toml":"4dc677a2a769c0f1667c7ad52bc7b09d22ae8e47bb95389223a5075eb4228d13","LICENSE":"44c6b5ae5ec3fe2fbc608b00e6f4896f4d2d5c7e525fcbaa3eaa3cf2f3d5a983","README.md":"0079450bb4b013bac065ed1750851e461a3710ebad1f323817da1cb82db0bc4f","src/backend/context.rs":"c0db5f2447de1d6df5aa2812fa342a085e73156a072c221c7379b9a6a9b86786","src/backend/cork_state.rs":"4a0f1afc7d9f333dac89218cc56d7d32fbffb487cd48c1c9a4e03d79cb3b5e28","src/backend/intern.rs":"11ca424e4eb77f8eb9fd5a6717d1e791facf9743156a8534f0016fcf64d57b0f","src/backend/mod.rs":"dfb30ec497d6215e4535e936fea8fe3a407ef24dc1cec43b52c0ffa923d9229c","src/backend/stream.rs":"2dfc61c4eac69624558756d87283496d01f56f44bf311119eff0f1d124cd88f3","src/capi.rs":"fa0fa020f0d0efe55aa0f c3596405e8407bbe2cbe6c7a558345304e6da87994e","src/lib.rs":"b41bbdc562cbfb130ed7c1e53fe69944774f515705341d8ce48a2f82c8c0c2c5"},"package":null} ++{"files":{".editorconfig":"bf047bd1da10cabb99eea666d1e57c321eba4716dccb3e4ed0e2c5fe3ca53858",".github/workflows/build.yml":"477366d58c9dc059dbe4a158a6e910f23a3e9ecac7411f73616e06375583b764","AUTHORS":"0e0ac930a68ce2f6b876126b195add177f0d3886facb9260f4d9b69f1988f0cc","Cargo.toml":"607b9f93ad76d2bc52213b704a6f72b12ff418ab78f757c1b2ead17f63a612ad","LICENSE":"44c6b5ae5ec3fe2fbc608b00e6f4896f4d2d5c7e525fcbaa3eaa3cf2f3d5a983","README.md":"0079450bb4b013bac065ed1750851e461a3710ebad1f323817da1cb82db0bc4f","src/backend/context.rs":"c0db5f2447de1d6df5aa2812fa342a085e73156a072c221c7379b9a6a9b86786","src/backend/cork_state.rs":"4a0f1afc7d9f333dac89218cc56d7d32fbffb487cd48c1c9a4e03d79cb3b5e28","src/backend/intern.rs":"11ca424e4eb77f8eb9fd5a6717d1e791facf9743156a8534f0016fcf64d57b0f","src/backend/mod.rs":"dfb30ec497d6215e4535e936fea8fe3a407ef24dc1cec43b52c0ffa923d9229c","src/backend/stream.rs":"2dfc61c4eac69624558756d87283496d01f56f44bf311119eff0f1d124cd88f3","src/capi.rs":"fa0fa020f0d0efe55aa0f c3596405e8407bbe2cbe6c7a558345304e6da87994e","src/lib.rs":"b41bbdc562cbfb130ed7c1e53fe69944774f515705341d8ce48a2f82c8c0c2c5"},"package":null} diff --git a/third_party/rust/cubeb-pulse/src/backend/stream.rs b/third_party/rust/cubeb-pulse/src/backend/stream.rs --- a/third_party/rust/cubeb-pulse/src/backend/stream.rs +++ b/third_party/rust/cubeb-pulse/src/backend/stream.rs @@ -42,9 +42,9 @@ --- a/third_party/rust/pulse-ffi/.cargo-checksum.json +++ b/third_party/rust/pulse-ffi/.cargo-checksum.json @@ -1,1 +1,1 @@ --{"files":{"Cargo.toml":"d0d7e81366920147911554f68c95567cae0931950c6d96ccc2c986508473642e","src/ffi_funcs.rs":"a16646c5e7c49e94b907a7a404cfcadf3007688005c689cca936f0c2ee2e28e6","src/ffi_types.rs":"2ca56bc3638a40d331e53117a5dd175d0a6e102b1e0eccb9c2adc565c6861a33","src/lib.rs":"6aff308de11954a067d0f6ef95bf3126aabb6d928a5191e91d9a38ebadba91c2"},"package":null} +-{"files":{"Cargo.toml":"e7e3f9eda7a2bd17535bdb03d4d9f12666e9f9b2031876901a3bc5d544273c82","src/ffi_funcs.rs":"a16646c5e7c49e94b907a7a404cfcadf3007688005c689cca936f0c2ee2e28e6","src/ffi_types.rs":"2ca56bc3638a40d331e53117a5dd175d0a6e102b1e0eccb9c2adc565c6861a33","src/lib.rs":"6aff308de11954a067d0f6ef95bf3126aabb6d928a5191e91d9a38ebadba91c2"},"package":null} \ No newline at end of file -+{"files":{"Cargo.toml":"d0d7e81366920147911554f68c95567cae0931950c6d96ccc2c986508473642e","src/ffi_funcs.rs":"a16646c5e7c49e94b907a7a404cfcadf3007688005c689cca936f0c2ee2e28e6","src/ffi_types.rs":"f39a27712b17256583331f7ce5722413d0c7b51d73d8def8f50e839e23dfb411","src/lib.rs":"6aff308de11954a067d0f6ef95bf3126aabb6d928a5191e91d9a38ebadba91c2"},"package":null} ++{"files":{"Cargo.toml":"e7e3f9eda7a2bd17535bdb03d4d9f12666e9f9b2031876901a3bc5d544273c82","src/ffi_funcs.rs":"a16646c5e7c49e94b907a7a404cfcadf3007688005c689cca936f0c2ee2e28e6","src/ffi_types.rs":"f39a27712b17256583331f7ce5722413d0c7b51d73d8def8f50e839e23dfb411","src/lib.rs":"6aff308de11954a067d0f6ef95bf3126aabb6d928a5191e91d9a38ebadba91c2"},"package":null} diff --git a/third_party/rust/pulse-ffi/src/ffi_types.rs b/third_party/rust/pulse-ffi/src/ffi_types.rs --- a/third_party/rust/pulse-ffi/src/ffi_types.rs +++ b/third_party/rust/pulse-ffi/src/ffi_types.rs ++++++ mozilla-silence-no-return-type.patch ++++++ --- /var/tmp/diff_new_pack.aAKqlA/_old 2025-02-05 12:40:30.796766625 +0100 +++ /var/tmp/diff_new_pack.aAKqlA/_new 2025-02-05 12:40:30.800766789 +0100 @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 03aaaefd3c5a3eec8be9b323cd1a799ca33fa13e +# Parent 9307259332078ad93f044dc64f06462d66d80aef diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h @@ -337,7 +337,7 @@ diff --git a/js/src/irregexp/imported/regexp-parser.cc b/js/src/irregexp/imported/regexp-parser.cc --- a/js/src/irregexp/imported/regexp-parser.cc +++ b/js/src/irregexp/imported/regexp-parser.cc -@@ -2779,16 +2779,17 @@ bool MayContainStrings(ClassSetOperandTy +@@ -2780,16 +2780,17 @@ bool MayContainStrings(ClassSetOperandTy return false; case ClassSetOperandType::kCharacterClassEscape: case ClassSetOperandType::kClassStringDisjunction: @@ -599,27 +599,27 @@ VideoSendStream::StreamStats::~StreamStats() = default; std::string VideoSendStream::StreamStats::ToString() const { -diff --git a/third_party/libwebrtc/media/base/codec.cc b/third_party/libwebrtc/media/base/codec.cc ---- a/third_party/libwebrtc/media/base/codec.cc -+++ b/third_party/libwebrtc/media/base/codec.cc -@@ -267,16 +267,17 @@ bool Codec::Matches(const Codec& codec) - (codec.bitrate == 0 || bitrate <= 0 || - bitrate == codec.bitrate) && - ((codec.channels < 2 && channels < 2) || - channels == codec.channels); - - case Type::kVideo: - return IsSameCodecSpecific(name, params, codec.name, codec.params); +diff --git a/third_party/libwebrtc/media/base/codec_comparators.cc b/third_party/libwebrtc/media/base/codec_comparators.cc +--- a/third_party/libwebrtc/media/base/codec_comparators.cc ++++ b/third_party/libwebrtc/media/base/codec_comparators.cc +@@ -189,16 +189,17 @@ bool MatchesWithCodecRules(const Codec& + left_codec.bitrate == right_codec.bitrate) && + ((right_codec.channels < 2 && left_codec.channels < 2) || + left_codec.channels == right_codec.channels); + + case Codec::Type::kVideo: + return IsSameCodecSpecific(left_codec.name, left_codec.params, + right_codec.name, right_codec.params); } -+ return false; // unreached ++ return false; }; return matches_id && matches_type_specific(); } - bool Codec::MatchesRtpCodec(const webrtc::RtpCodec& codec_capability) const { - webrtc::RtpCodecParameters codec_parameters = ToCodecParameters(); - + // Finds a codec in `codecs2` that matches `codec_to_match`, which is + // a member of `codecs1`. If `codec_to_match` is an RED or RTX codec, both + // the codecs themselves and their associated codecs must match. diff --git a/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc b/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc --- a/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc +++ b/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc @@ -738,27 +738,6 @@ cfg, proc_sample_rate_hz(), num_proc_channels()); } } -diff --git a/third_party/libwebrtc/modules/audio_processing/transient/transient_suppressor_impl.cc b/third_party/libwebrtc/modules/audio_processing/transient/transient_suppressor_impl.cc ---- a/third_party/libwebrtc/modules/audio_processing/transient/transient_suppressor_impl.cc -+++ b/third_party/libwebrtc/modules/audio_processing/transient/transient_suppressor_impl.cc -@@ -48,16 +48,17 @@ std::string GetVadModeLabel(TransientSup - switch (vad_mode) { - case TransientSuppressor::VadMode::kDefault: - return "default"; - case TransientSuppressor::VadMode::kRnnVad: - return "RNN VAD"; - case TransientSuppressor::VadMode::kNoVad: - return "no VAD"; - } -+ RTC_CHECK_NOTREACHED(); - } - - } // namespace - - TransientSuppressorImpl::TransientSuppressorImpl(VadMode vad_mode, - int sample_rate_hz, - int detector_rate_hz, - int num_channels) diff --git a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc b/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc --- a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc +++ b/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.aAKqlA/_old 2025-02-05 12:40:30.868769596 +0100 +++ /var/tmp/diff_new_pack.aAKqlA/_new 2025-02-05 12:40:30.872769761 +0100 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="134.0.2" +VERSION="135.0" VERSION_SUFFIX="" -PREV_VERSION="134.0.1" +PREV_VERSION="134.0.2" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"; -RELEASE_TAG="33bb8362cc387e2bfd0f9edaa33b66f9954e12d9" -RELEASE_TIMESTAMP="20250120135430" +RELEASE_TAG="17c38d56ca552e154046a33a3ec8d3bb56ae00a1" +RELEASE_TIMESTAMP="20250130195129"
