Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2025-12-11 18:33:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1939 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Thu Dec 11 18:33:44 2025 rev:472 rq:1321887 version:146.0 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2025-11-28 16:51:47.983424474 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1939/MozillaFirefox.changes 2025-12-11 18:34:43.612803092 +0100 @@ -1,0 +2,47 @@ +Tue Dec 9 06:51:14 UTC 2025 - Wolfgang Rosenauer <[email protected]> + +- Mozilla Firefox 146.0 + https://www.firefox.com/en-US/firefox/146.0/releasenotes/ + MFSA 2025-92 (bsc#1254551) + * CVE-2025-14321 (bmo#1992760) + Use-after-free in the WebRTC: Signaling component + * CVE-2025-14322 (bmo#1996473) + Sandbox escape due to incorrect boundary conditions in the + Graphics: CanvasWebGL component + * CVE-2025-14323 (bmo#1996555) + Privilege escalation in the DOM: Notifications component + * CVE-2025-14324 (bmo#1996840) + JIT miscompilation in the JavaScript Engine: JIT component + * CVE-2025-14325 (bmo#1998050) + JIT miscompilation in the JavaScript Engine: JIT component + * CVE-2025-14326 (bmo#1840666) + Use-after-free in the Audio/Video: GMP component + * CVE-2025-14327 (bmo#1970743) + Spoofing issue in the Downloads Panel component + * CVE-2025-14328 (bmo#1996761) + Privilege escalation in the Netmonitor component + * CVE-2025-14329 (bmo#1997018) + Privilege escalation in the Netmonitor component + * CVE-2025-14330 (bmo#1997503) + JIT miscompilation in the JavaScript Engine: JIT component + * CVE-2025-14331 (bmo#2000218) + Same-origin policy bypass in the Request Handling component + * CVE-2025-14332 (bmo#1963153, bmo#1985058, bmo#1995637, bmo#1997118) + Memory safety bugs fixed in Firefox 146 and Thunderbird 146 + * CVE-2025-14333 (bmo#1966501, bmo#1997639) + Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird + ESR 140.6, Firefox 146 and Thunderbird 146 +- requires + NPSR 4.38.2 + NSS 3.118 + rust-cbindgen 0.29.1 +- switched back using gcc +- rebased patches + +------------------------------------------------------------------- +Sun Nov 30 09:18:17 UTC 2025 - Manfred Hollstein <[email protected]> + +- If clang_build is set, ensure to define CC and CXX accordingly. +- Use clang19-devel on Leap. + +------------------------------------------------------------------- Old: ---- firefox-145.0.2.source.tar.xz firefox-145.0.2.source.tar.xz.asc l10n-145.0.2.tar.xz New: ---- firefox-146.0.source.tar.xz firefox-146.0.source.tar.xz.asc l10n-146.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.9G5TiV/_old 2025-12-11 18:34:57.829399166 +0100 +++ /var/tmp/diff_new_pack.9G5TiV/_new 2025-12-11 18:34:57.833399334 +0100 @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %%major.99 -%define major 145 -%define mainver %major.0.2 -%define orig_version 145.0.2 +%define major 146 +%define mainver %major.0 +%define orig_version 146.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -40,7 +40,7 @@ %define do_profiling 0 # upstream default is clang (to use gcc for large parts set to 0) -%define clang_build 1 +%define clang_build 0 %bcond_with only_print_mozconfig @@ -113,8 +113,8 @@ BuildRequires: libiw-devel BuildRequires: libproxy-devel BuildRequires: makeinfo -BuildRequires: mozilla-nspr-devel >= 4.37 -BuildRequires: mozilla-nss-devel >= 3.117 +BuildRequires: mozilla-nspr-devel >= 4.38.2 +BuildRequires: mozilla-nss-devel >= 3.118 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 12.22.12 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -137,7 +137,7 @@ BuildRequires: python3-devel %endif %endif -BuildRequires: rust-cbindgen >= 0.26 +BuildRequires: rust-cbindgen >= 0.29.1 %if 0%{?suse_version} > 1560 BuildRequires: translate-suse-desktop %endif @@ -152,7 +152,7 @@ BuildRequires: pkgconfig(gconf-2.0) >= 1.2.1 %endif %if 0%{?suse_version} < 1599 -BuildRequires: clang15-devel +BuildRequires: clang19-devel %else %if 0%{?suse_version} < 1699 BuildRequires: clang-devel @@ -395,11 +395,14 @@ export MOZ_TELEMETRY_REPORTING=1 export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system export CFLAGS="%{optflags}" +%if 0%{?clang_build} != 0 +export CC=clang +export CXX=clang++ +%else %if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600 export CC=gcc-13 export CXX=g++-13 %else -%if 0%{?clang_build} == 0 export CC=gcc export CXX=g++ %endif ++++++ firefox-145.0.2.source.tar.xz -> firefox-146.0.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-145.0.2.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1939/firefox-146.0.source.tar.xz differ: char 15, line 1 ++++++ l10n-145.0.2.tar.xz -> l10n-146.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-145.0.2.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1939/l10n-146.0.tar.xz differ: char 15, line 1 ++++++ mozilla-libavcodec58_91.patch ++++++ --- /var/tmp/diff_new_pack.9G5TiV/_old 2025-12-11 18:34:58.605431703 +0100 +++ /var/tmp/diff_new_pack.9G5TiV/_new 2025-12-11 18:34:58.609431871 +0100 @@ -1,15 +1,15 @@ # HG changeset patch -# Parent fdc16b43f28c2e974929ca702563aaac52799654 +# Parent 4fae89dde1a0e5217f5d33fbd2246004e6597843 diff --git a/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp b/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp --- a/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp +++ b/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp -@@ -44,16 +44,18 @@ static const char* sLibs[] = { - "libavcodec.53.dylib", +@@ -47,16 +47,18 @@ static const char* sLibs[] = { #elif defined(XP_OPENBSD) - "libavcodec.so", // OpenBSD hardly controls the major/minor library version + "libavcodec.so", // OpenBSD port controls the major/minor library version // of ffmpeg and update it regulary on ABI/API changes #else + "libavcodec.so.62", "libavcodec.so.61", "libavcodec.so.60", "libavcodec.so.59", ++++++ mozilla-silence-no-return-type.patch ++++++ ++++ 1395 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/MozillaFirefox/mozilla-silence-no-return-type.patch ++++ and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1939/mozilla-silence-no-return-type.patch ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.9G5TiV/_old 2025-12-11 18:34:58.729436903 +0100 +++ /var/tmp/diff_new_pack.9G5TiV/_new 2025-12-11 18:34:58.733437071 +0100 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="145.0.2" +VERSION="146.0" VERSION_SUFFIX="" -PREV_VERSION="145.0.1" +PREV_VERSION="145.0.2" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"; -RELEASE_TAG="c91eb2b65acc555204a0b7f5fbf95b66e9ac5493" -RELEASE_TIMESTAMP="20251124145406" +RELEASE_TAG="212344e658e3366e9515eb50b9fa1889faddbfb5" +RELEASE_TIMESTAMP="20251205151434"
