Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package firefox-esr for openSUSE:Factory checked in at 2025-04-30 19:03:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/firefox-esr (Old) and /work/SRC/openSUSE:Factory/.firefox-esr.new.30101 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "firefox-esr" Wed Apr 30 19:03:05 2025 rev:8 rq:1273446 version:128.10.0 Changes: -------- --- /work/SRC/openSUSE:Factory/firefox-esr/firefox-esr.changes 2025-04-03 16:52:08.276587729 +0200 +++ /work/SRC/openSUSE:Factory/.firefox-esr.new.30101/firefox-esr.changes 2025-04-30 19:03:25.127916111 +0200 @@ -1,0 +2,27 @@ +Tue Apr 29 07:57:14 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> + +- Firefox Extended Support Release 128.10.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.10 + https://www.mozilla.org/security/advisories/mfsa2025-29 + MFSA 2025-29 (boo#1241621) + * CVE-2025-2817 (bmo#1917536) + Privilege escalation in Firefox Updater + * MFSA-RESERVE-2025-1937097 (bmo#1937097) + WebGL shader attribute memory corruption in Firefox for macOS + * MFSA-RESERVE-2025-1958350 (bmo#1958350) + Process isolation bypass using `javascript:` URI links in + cross-origin frames + * MFSA-RESERVE-2025-1949994 (bmo#1949994, bmo#1956698, + bmo#1960198) + Potential local code execution in "copy as cURL" command + * MFSA-RESERVE-2025-1952465 (bmo#1952465) + Unsafe attribute access during XPath parsing + * MFSA-RESERVE-2025-3 (bmo#1951161, bmo#1952105) + Memory safety bugs fixed in Firefox 138, Thunderbird 138, + Firefox ESR 128.10, and Thunderbird 128.10 + * MFSA-RESERVE-2025-7 (bmo#1894100) + Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird + 128.10 + +------------------------------------------------------------------- Old: ---- firefox-128.9.0esr.source.tar.xz firefox-128.9.0esr.source.tar.xz.asc l10n-128.9.0esr.tar.xz New: ---- firefox-128.10.0esr.source.tar.xz firefox-128.10.0esr.source.tar.xz.asc l10n-128.10.0esr.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ firefox-esr.spec ++++++ --- /var/tmp/diff_new_pack.E074pb/_old 2025-04-30 19:03:29.108082024 +0200 +++ /var/tmp/diff_new_pack.E074pb/_new 2025-04-30 19:03:29.112082190 +0200 @@ -41,8 +41,8 @@ # major 69 # mainver %%major.99 %define major 128 -%define mainver %major.9.0 -%define orig_version 128.9.0 +%define mainver %major.10.0 +%define orig_version 128.10.0 %define orig_suffix esr %define update_channel esr %define branding 1 ++++++ MozillaFirefox.changes.txt ++++++ --- /var/tmp/diff_new_pack.E074pb/_old 2025-04-30 19:03:29.224086859 +0200 +++ /var/tmp/diff_new_pack.E074pb/_new 2025-04-30 19:03:29.228087025 +0200 @@ -1,4 +1,31 @@ ------------------------------------------------------------------- +Tue Apr 29 07:57:14 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> + +- Firefox Extended Support Release 128.10.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.10 + https://www.mozilla.org/security/advisories/mfsa2025-29 + MFSA 2025-29 (boo#1241621) + * CVE-2025-2817 (bmo#1917536) + Privilege escalation in Firefox Updater + * MFSA-RESERVE-2025-1937097 (bmo#1937097) + WebGL shader attribute memory corruption in Firefox for macOS + * MFSA-RESERVE-2025-1958350 (bmo#1958350) + Process isolation bypass using `javascript:` URI links in + cross-origin frames + * MFSA-RESERVE-2025-1949994 (bmo#1949994, bmo#1956698, + bmo#1960198) + Potential local code execution in "copy as cURL" command + * MFSA-RESERVE-2025-1952465 (bmo#1952465) + Unsafe attribute access during XPath parsing + * MFSA-RESERVE-2025-3 (bmo#1951161, bmo#1952105) + Memory safety bugs fixed in Firefox 138, Thunderbird 138, + Firefox ESR 128.10, and Thunderbird 128.10 + * MFSA-RESERVE-2025-7 (bmo#1894100) + Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird + 128.10 + +------------------------------------------------------------------- Thu Apr 3 09:40:50 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> - BuildRequires: clang-devel on Tumbleweed/Factory, which works for ++++++ firefox-128.9.0esr.source.tar.xz -> firefox-128.10.0esr.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/firefox-esr/firefox-128.9.0esr.source.tar.xz /work/SRC/openSUSE:Factory/.firefox-esr.new.30101/firefox-128.10.0esr.source.tar.xz differ: char 15, line 1 ++++++ firefox-esr.changes.txt ++++++ --- /var/tmp/diff_new_pack.E074pb/_old 2025-04-30 19:03:29.336091528 +0200 +++ /var/tmp/diff_new_pack.E074pb/_new 2025-04-30 19:03:29.344091861 +0200 @@ -1,4 +1,31 @@ ------------------------------------------------------------------- +Tue Apr 29 07:57:14 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> + +- Firefox Extended Support Release 128.10.0 ESR + * Fixed: Various security fixes. +- Mozilla Firefox ESR 128.10 + https://www.mozilla.org/security/advisories/mfsa2025-29 + MFSA 2025-29 (boo#1241621) + * CVE-2025-2817 (bmo#1917536) + Privilege escalation in Firefox Updater + * MFSA-RESERVE-2025-1937097 (bmo#1937097) + WebGL shader attribute memory corruption in Firefox for macOS + * MFSA-RESERVE-2025-1958350 (bmo#1958350) + Process isolation bypass using `javascript:` URI links in + cross-origin frames + * MFSA-RESERVE-2025-1949994 (bmo#1949994, bmo#1956698, + bmo#1960198) + Potential local code execution in "copy as cURL" command + * MFSA-RESERVE-2025-1952465 (bmo#1952465) + Unsafe attribute access during XPath parsing + * MFSA-RESERVE-2025-3 (bmo#1951161, bmo#1952105) + Memory safety bugs fixed in Firefox 138, Thunderbird 138, + Firefox ESR 128.10, and Thunderbird 128.10 + * MFSA-RESERVE-2025-7 (bmo#1894100) + Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird + 128.10 + +------------------------------------------------------------------- Thu Apr 3 09:40:50 UTC 2025 - Manfred Hollstein <manfre...@gmx.net> - BuildRequires: clang-devel on Tumbleweed/Factory, which works for ++++++ l10n-128.9.0esr.tar.xz -> l10n-128.10.0esr.tar.xz ++++++ ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.E074pb/_old 2025-04-30 19:03:29.556100699 +0200 +++ /var/tmp/diff_new_pack.E074pb/_new 2025-04-30 19:03:29.560100866 +0200 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="esr128" -VERSION="128.9.0" +VERSION="128.10.0" VERSION_SUFFIX="esr" -PREV_VERSION="128.8.1" +PREV_VERSION="128.9.0" PREV_VERSION_SUFFIX="esr" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr128" -RELEASE_TAG="3aaf665616b3c0f61839d40a02a9f7ae8778b04c" -RELEASE_TIMESTAMP="20250327044906" +RELEASE_TAG="8e875e7de75c05112284e9f6e91927b7bbe36e79" +RELEASE_TIMESTAMP="20250421121556"