commit firefox-esr for openSUSE:Factory

Source-Sync Wed, 30 Apr 2025 10:05:10 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package firefox-esr for openSUSE:Factory 
checked in at 2025-04-30 19:03:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/firefox-esr (Old)
 and      /work/SRC/openSUSE:Factory/.firefox-esr.new.30101 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "firefox-esr"

Wed Apr 30 19:03:05 2025 rev:8 rq:1273446 version:128.10.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/firefox-esr/firefox-esr.changes  2025-04-03 
16:52:08.276587729 +0200
+++ /work/SRC/openSUSE:Factory/.firefox-esr.new.30101/firefox-esr.changes       
2025-04-30 19:03:25.127916111 +0200
@@ -1,0 +2,27 @@
+Tue Apr 29 07:57:14 UTC 2025 - Manfred Hollstein <manfre...@gmx.net>
+
+- Firefox Extended Support Release 128.10.0 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 128.10
+  https://www.mozilla.org/security/advisories/mfsa2025-29
+  MFSA 2025-29 (boo#1241621)
+  * CVE-2025-2817 (bmo#1917536)
+    Privilege escalation in Firefox Updater
+  * MFSA-RESERVE-2025-1937097 (bmo#1937097)
+    WebGL shader attribute memory corruption in Firefox for macOS
+  * MFSA-RESERVE-2025-1958350 (bmo#1958350)
+    Process isolation bypass using `javascript:` URI links in
+    cross-origin frames
+  * MFSA-RESERVE-2025-1949994 (bmo#1949994, bmo#1956698,
+    bmo#1960198)
+    Potential local code execution in "copy as cURL" command
+  * MFSA-RESERVE-2025-1952465 (bmo#1952465)
+    Unsafe attribute access during XPath parsing
+  * MFSA-RESERVE-2025-3 (bmo#1951161, bmo#1952105)
+    Memory safety bugs fixed in Firefox 138, Thunderbird 138,
+    Firefox ESR 128.10, and Thunderbird 128.10
+  * MFSA-RESERVE-2025-7 (bmo#1894100)
+    Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird
+    128.10
+
+-------------------------------------------------------------------

Old:
----
  firefox-128.9.0esr.source.tar.xz
  firefox-128.9.0esr.source.tar.xz.asc
  l10n-128.9.0esr.tar.xz

New:
----
  firefox-128.10.0esr.source.tar.xz
  firefox-128.10.0esr.source.tar.xz.asc
  l10n-128.10.0esr.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ firefox-esr.spec ++++++
--- /var/tmp/diff_new_pack.E074pb/_old  2025-04-30 19:03:29.108082024 +0200
+++ /var/tmp/diff_new_pack.E074pb/_new  2025-04-30 19:03:29.112082190 +0200
@@ -41,8 +41,8 @@
 # major 69
 # mainver %%major.99
 %define major          128
-%define mainver        %major.9.0
-%define orig_version   128.9.0
+%define mainver        %major.10.0
+%define orig_version   128.10.0
 %define orig_suffix    esr
 %define update_channel esr
 %define branding       1

++++++ MozillaFirefox.changes.txt ++++++
--- /var/tmp/diff_new_pack.E074pb/_old  2025-04-30 19:03:29.224086859 +0200
+++ /var/tmp/diff_new_pack.E074pb/_new  2025-04-30 19:03:29.228087025 +0200
@@ -1,4 +1,31 @@
 -------------------------------------------------------------------
+Tue Apr 29 07:57:14 UTC 2025 - Manfred Hollstein <manfre...@gmx.net>
+
+- Firefox Extended Support Release 128.10.0 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 128.10
+  https://www.mozilla.org/security/advisories/mfsa2025-29
+  MFSA 2025-29 (boo#1241621)
+  * CVE-2025-2817 (bmo#1917536)
+    Privilege escalation in Firefox Updater
+  * MFSA-RESERVE-2025-1937097 (bmo#1937097)
+    WebGL shader attribute memory corruption in Firefox for macOS
+  * MFSA-RESERVE-2025-1958350 (bmo#1958350)
+    Process isolation bypass using `javascript:` URI links in
+    cross-origin frames
+  * MFSA-RESERVE-2025-1949994 (bmo#1949994, bmo#1956698,
+    bmo#1960198)
+    Potential local code execution in "copy as cURL" command
+  * MFSA-RESERVE-2025-1952465 (bmo#1952465)
+    Unsafe attribute access during XPath parsing
+  * MFSA-RESERVE-2025-3 (bmo#1951161, bmo#1952105)
+    Memory safety bugs fixed in Firefox 138, Thunderbird 138,
+    Firefox ESR 128.10, and Thunderbird 128.10
+  * MFSA-RESERVE-2025-7 (bmo#1894100)
+    Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird
+    128.10
+
+-------------------------------------------------------------------
 Thu Apr  3 09:40:50 UTC 2025 - Manfred Hollstein <manfre...@gmx.net>
 
 - BuildRequires: clang-devel on Tumbleweed/Factory, which works for

++++++ firefox-128.9.0esr.source.tar.xz -> firefox-128.10.0esr.source.tar.xz 
++++++
/work/SRC/openSUSE:Factory/firefox-esr/firefox-128.9.0esr.source.tar.xz 
/work/SRC/openSUSE:Factory/.firefox-esr.new.30101/firefox-128.10.0esr.source.tar.xz
 differ: char 15, line 1

++++++ firefox-esr.changes.txt ++++++
--- /var/tmp/diff_new_pack.E074pb/_old  2025-04-30 19:03:29.336091528 +0200
+++ /var/tmp/diff_new_pack.E074pb/_new  2025-04-30 19:03:29.344091861 +0200
@@ -1,4 +1,31 @@
 -------------------------------------------------------------------
+Tue Apr 29 07:57:14 UTC 2025 - Manfred Hollstein <manfre...@gmx.net>
+
+- Firefox Extended Support Release 128.10.0 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 128.10
+  https://www.mozilla.org/security/advisories/mfsa2025-29
+  MFSA 2025-29 (boo#1241621)
+  * CVE-2025-2817 (bmo#1917536)
+    Privilege escalation in Firefox Updater
+  * MFSA-RESERVE-2025-1937097 (bmo#1937097)
+    WebGL shader attribute memory corruption in Firefox for macOS
+  * MFSA-RESERVE-2025-1958350 (bmo#1958350)
+    Process isolation bypass using `javascript:` URI links in
+    cross-origin frames
+  * MFSA-RESERVE-2025-1949994 (bmo#1949994, bmo#1956698,
+    bmo#1960198)
+    Potential local code execution in "copy as cURL" command
+  * MFSA-RESERVE-2025-1952465 (bmo#1952465)
+    Unsafe attribute access during XPath parsing
+  * MFSA-RESERVE-2025-3 (bmo#1951161, bmo#1952105)
+    Memory safety bugs fixed in Firefox 138, Thunderbird 138,
+    Firefox ESR 128.10, and Thunderbird 128.10
+  * MFSA-RESERVE-2025-7 (bmo#1894100)
+    Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird
+    128.10
+
+-------------------------------------------------------------------
 Thu Apr  3 09:40:50 UTC 2025 - Manfred Hollstein <manfre...@gmx.net>
 
 - BuildRequires: clang-devel on Tumbleweed/Factory, which works for

++++++ l10n-128.9.0esr.tar.xz -> l10n-128.10.0esr.tar.xz ++++++

++++++ tar_stamps ++++++
--- /var/tmp/diff_new_pack.E074pb/_old  2025-04-30 19:03:29.556100699 +0200
+++ /var/tmp/diff_new_pack.E074pb/_new  2025-04-30 19:03:29.560100866 +0200
@@ -1,11 +1,11 @@
 PRODUCT="firefox"
 CHANNEL="esr128"
-VERSION="128.9.0"
+VERSION="128.10.0"
 VERSION_SUFFIX="esr"
-PREV_VERSION="128.8.1"
+PREV_VERSION="128.9.0"
 PREV_VERSION_SUFFIX="esr"
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr128";
-RELEASE_TAG="3aaf665616b3c0f61839d40a02a9f7ae8778b04c"
-RELEASE_TIMESTAMP="20250327044906"
+RELEASE_TAG="8e875e7de75c05112284e9f6e91927b7bbe36e79"
+RELEASE_TIMESTAMP="20250421121556"

commit firefox-esr for openSUSE:Factory

Reply via email to