commit firefox-esr for openSUSE:Factory

Source-Sync Fri, 12 Dec 2025 12:43:27 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package firefox-esr for openSUSE:Factory 
checked in at 2025-12-12 21:41:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/firefox-esr (Old)
 and      /work/SRC/openSUSE:Factory/.firefox-esr.new.1939 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "firefox-esr"

Fri Dec 12 21:41:27 2025 rev:25 rq:1322275 version:140.6.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/firefox-esr/MozillaFirefox.changes       
2025-12-10 15:32:38.871609190 +0100
+++ /work/SRC/openSUSE:Factory/.firefox-esr.new.1939/MozillaFirefox.changes     
2025-12-12 21:43:03.725602020 +0100
@@ -1,0 +2,35 @@
+Thu Dec 11 20:59:32 UTC 2025 - Manfred Hollstein <[email protected]>
+
+* Remove the Build1 tag from the last changes entry; no other change *
+
+- Firefox Extended Support Release 140.6.0 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 140.6
+  https://www.mozilla.org/security/advisories/mfsa2025-94
+  MFSA 2025-94 (boo#1254551)
+  * CVE-2025-14321 (bmo#1992760)
+    Use-after-free in the WebRTC: Signaling component
+  * CVE-2025-14322 (bmo#1996473)
+    Sandbox escape due to incorrect boundary conditions in the
+    Graphics: CanvasWebGL component
+  * CVE-2025-14323 (bmo#1996555)
+    Privilege escalation in the DOM: Notifications component
+  * CVE-2025-14324 (bmo#1996840)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14325 (bmo#1998050)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14328 (bmo#1996761)
+    Privilege escalation in the Netmonitor component
+  * CVE-2025-14329 (bmo#1997018)
+    Privilege escalation in the Netmonitor component
+  * CVE-2025-14330 (bmo#1997503)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14331 (bmo#2000218)
+    Same-origin policy bypass in the Request Handling component
+  * CVE-2025-14333 (bmo#1966501, bmo#1997639)
+    Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird
+    ESR 140.6, Firefox 146 and Thunderbird 146
+- BuildRequires: cargo1.86 and rust1.86
+- BuildRequires: clang19-devel on Leap 15.6
+
+-------------------------------------------------------------------
firefox-esr.changes: same change

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ MozillaFirefox.changes.txt ++++++
--- /var/tmp/diff_new_pack.gVAzRT/_old  2025-12-12 21:43:07.921779059 +0100
+++ /var/tmp/diff_new_pack.gVAzRT/_new  2025-12-12 21:43:07.933779565 +0100
@@ -1,4 +1,39 @@
 -------------------------------------------------------------------
+Thu Dec 11 20:59:32 UTC 2025 - Manfred Hollstein <[email protected]>
+
+* Remove the Build1 tag from the last changes entry; no other change *
+
+- Firefox Extended Support Release 140.6.0 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 140.6
+  https://www.mozilla.org/security/advisories/mfsa2025-94
+  MFSA 2025-94 (boo#1254551)
+  * CVE-2025-14321 (bmo#1992760)
+    Use-after-free in the WebRTC: Signaling component
+  * CVE-2025-14322 (bmo#1996473)
+    Sandbox escape due to incorrect boundary conditions in the
+    Graphics: CanvasWebGL component
+  * CVE-2025-14323 (bmo#1996555)
+    Privilege escalation in the DOM: Notifications component
+  * CVE-2025-14324 (bmo#1996840)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14325 (bmo#1998050)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14328 (bmo#1996761)
+    Privilege escalation in the Netmonitor component
+  * CVE-2025-14329 (bmo#1997018)
+    Privilege escalation in the Netmonitor component
+  * CVE-2025-14330 (bmo#1997503)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14331 (bmo#2000218)
+    Same-origin policy bypass in the Request Handling component
+  * CVE-2025-14333 (bmo#1966501, bmo#1997639)
+    Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird
+    ESR 140.6, Firefox 146 and Thunderbird 146
+- BuildRequires: cargo1.86 and rust1.86
+- BuildRequires: clang19-devel on Leap 15.6
+
+-------------------------------------------------------------------
 Tue Dec  9 08:53:41 UTC 2025 - Manfred Hollstein <[email protected]>
 
 - Firefox Extended Support Release 140.6.0 ESR Build1


++++++ firefox-esr.changes.txt ++++++
--- /var/tmp/diff_new_pack.gVAzRT/_old  2025-12-12 21:43:08.069785303 +0100
+++ /var/tmp/diff_new_pack.gVAzRT/_new  2025-12-12 21:43:08.085785979 +0100
@@ -1,4 +1,39 @@
 -------------------------------------------------------------------
+Thu Dec 11 20:59:32 UTC 2025 - Manfred Hollstein <[email protected]>
+
+* Remove the Build1 tag from the last changes entry; no other change *
+
+- Firefox Extended Support Release 140.6.0 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 140.6
+  https://www.mozilla.org/security/advisories/mfsa2025-94
+  MFSA 2025-94 (boo#1254551)
+  * CVE-2025-14321 (bmo#1992760)
+    Use-after-free in the WebRTC: Signaling component
+  * CVE-2025-14322 (bmo#1996473)
+    Sandbox escape due to incorrect boundary conditions in the
+    Graphics: CanvasWebGL component
+  * CVE-2025-14323 (bmo#1996555)
+    Privilege escalation in the DOM: Notifications component
+  * CVE-2025-14324 (bmo#1996840)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14325 (bmo#1998050)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14328 (bmo#1996761)
+    Privilege escalation in the Netmonitor component
+  * CVE-2025-14329 (bmo#1997018)
+    Privilege escalation in the Netmonitor component
+  * CVE-2025-14330 (bmo#1997503)
+    JIT miscompilation in the JavaScript Engine: JIT component
+  * CVE-2025-14331 (bmo#2000218)
+    Same-origin policy bypass in the Request Handling component
+  * CVE-2025-14333 (bmo#1966501, bmo#1997639)
+    Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird
+    ESR 140.6, Firefox 146 and Thunderbird 146
+- BuildRequires: cargo1.86 and rust1.86
+- BuildRequires: clang19-devel on Leap 15.6
+
+-------------------------------------------------------------------
 Tue Dec  9 08:53:41 UTC 2025 - Manfred Hollstein <[email protected]>
 
 - Firefox Extended Support Release 140.6.0 ESR Build1

commit firefox-esr for openSUSE:Factory

Reply via email to