commit firefox-esr for openSUSE:Factory

Source-Sync Wed, 08 Apr 2026 08:17:01 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package firefox-esr for openSUSE:Factory 
checked in at 2026-04-08 17:14:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/firefox-esr (Old)
 and      /work/SRC/openSUSE:Factory/.firefox-esr.new.21863 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "firefox-esr"

Wed Apr  8 17:14:35 2026 rev:31 rq:1345134 version:140.9.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/firefox-esr/MozillaFirefox.changes       
2026-03-24 18:51:20.528580483 +0100
+++ /work/SRC/openSUSE:Factory/.firefox-esr.new.21863/MozillaFirefox.changes    
2026-04-08 17:14:52.057792567 +0200
@@ -1,0 +2,28 @@
+Tue Apr  7 12:13:24 UTC 2026 - Manfred Hollstein <[email protected]>
+
+- Firefox Extended Support Release 140.9.1 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 140.9.1
+  https://www.mozilla.org/security/advisories/mfsa2026-27
+  MFSA 2026-27 (boo#1261663)
+  * CVE-2026-5732 (bmo#2017867)
+    Incorrect boundary conditions, integer overflow in the
+    Graphics: Text component
+  * CVE-2026-5731 (bmo#2021894, bmo#2022225, bmo#2022252,
+    bmo#2022294, bmo#2023007, bmo#2023130, bmo#2023191,
+    bmo#2023364, bmo#2023829, bmo#2024074, bmo#2024417,
+    bmo#2024433, bmo#2024436, bmo#2024437, bmo#2024453,
+    bmo#2024461, bmo#2024462, bmo#2024472, bmo#2024474,
+    bmo#2024477, bmo#2025364, bmo#2025401, bmo#2025402,
+    bmo#2025472, bmo#2026287, bmo#2026299, bmo#2026305,
+    bmo#2026426)
+    Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR
+    140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and
+    Thunderbird 149.0.2
+  * CVE-2026-5734 (bmo#2022369, bmo#2023026, bmo#2023545,
+    bmo#2023555, bmo#2023958, bmo#2025422, bmo#2025468,
+    bmo#2025492, bmo#2025505)
+    Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird
+    ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
+
+-------------------------------------------------------------------
firefox-esr.changes: same change

Old:
----
  firefox-140.9.0esr.source.tar.xz
  firefox-140.9.0esr.source.tar.xz.asc
  l10n-140.9.0esr.tar.xz

New:
----
  firefox-140.9.1esr.source.tar.xz
  firefox-140.9.1esr.source.tar.xz.asc
  l10n-140.9.1esr.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ firefox-esr.spec ++++++
--- /var/tmp/diff_new_pack.dOy0ai/_old  2026-04-08 17:15:03.798275263 +0200
+++ /var/tmp/diff_new_pack.dOy0ai/_new  2026-04-08 17:15:03.802275427 +0200
@@ -41,8 +41,8 @@
 # major 69
 # mainver %%major.99
 %define major          140
-%define mainver        %major.9.0
-%define orig_version   140.9.0
+%define mainver        %major.9.1
+%define orig_version   140.9.1
 %define orig_suffix    esr
 %define update_channel esr
 %define branding       1

++++++ MozillaFirefox.changes.txt ++++++
--- /var/tmp/diff_new_pack.dOy0ai/_old  2026-04-08 17:15:03.938281019 +0200
+++ /var/tmp/diff_new_pack.dOy0ai/_new  2026-04-08 17:15:03.946281348 +0200
@@ -1,4 +1,32 @@
 -------------------------------------------------------------------
+Tue Apr  7 12:13:24 UTC 2026 - Manfred Hollstein <[email protected]>
+
+- Firefox Extended Support Release 140.9.1 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 140.9.1
+  https://www.mozilla.org/security/advisories/mfsa2026-27
+  MFSA 2026-27 (boo#1261663)
+  * CVE-2026-5732 (bmo#2017867)
+    Incorrect boundary conditions, integer overflow in the
+    Graphics: Text component
+  * CVE-2026-5731 (bmo#2021894, bmo#2022225, bmo#2022252,
+    bmo#2022294, bmo#2023007, bmo#2023130, bmo#2023191,
+    bmo#2023364, bmo#2023829, bmo#2024074, bmo#2024417,
+    bmo#2024433, bmo#2024436, bmo#2024437, bmo#2024453,
+    bmo#2024461, bmo#2024462, bmo#2024472, bmo#2024474,
+    bmo#2024477, bmo#2025364, bmo#2025401, bmo#2025402,
+    bmo#2025472, bmo#2026287, bmo#2026299, bmo#2026305,
+    bmo#2026426)
+    Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR
+    140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and
+    Thunderbird 149.0.2
+  * CVE-2026-5734 (bmo#2022369, bmo#2023026, bmo#2023545,
+    bmo#2023555, bmo#2023958, bmo#2025422, bmo#2025468,
+    bmo#2025492, bmo#2025505)
+    Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird
+    ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
+
+-------------------------------------------------------------------
 Tue Mar 24 07:53:07 UTC 2026 - Manfred Hollstein <[email protected]>
 
 - Firefox Extended Support Release 140.9.0 ESR

++++++ firefox-140.9.0esr.source.tar.xz -> firefox-140.9.1esr.source.tar.xz 
++++++
/work/SRC/openSUSE:Factory/firefox-esr/firefox-140.9.0esr.source.tar.xz 
/work/SRC/openSUSE:Factory/.firefox-esr.new.21863/firefox-140.9.1esr.source.tar.xz
 differ: char 15, line 1

++++++ firefox-esr.changes.txt ++++++
--- /var/tmp/diff_new_pack.dOy0ai/_old  2026-04-08 17:15:04.110288091 +0200
+++ /var/tmp/diff_new_pack.dOy0ai/_new  2026-04-08 17:15:04.118288420 +0200
@@ -1,4 +1,32 @@
 -------------------------------------------------------------------
+Tue Apr  7 12:13:24 UTC 2026 - Manfred Hollstein <[email protected]>
+
+- Firefox Extended Support Release 140.9.1 ESR
+  * Fixed: Various security fixes.
+- Mozilla Firefox ESR 140.9.1
+  https://www.mozilla.org/security/advisories/mfsa2026-27
+  MFSA 2026-27 (boo#1261663)
+  * CVE-2026-5732 (bmo#2017867)
+    Incorrect boundary conditions, integer overflow in the
+    Graphics: Text component
+  * CVE-2026-5731 (bmo#2021894, bmo#2022225, bmo#2022252,
+    bmo#2022294, bmo#2023007, bmo#2023130, bmo#2023191,
+    bmo#2023364, bmo#2023829, bmo#2024074, bmo#2024417,
+    bmo#2024433, bmo#2024436, bmo#2024437, bmo#2024453,
+    bmo#2024461, bmo#2024462, bmo#2024472, bmo#2024474,
+    bmo#2024477, bmo#2025364, bmo#2025401, bmo#2025402,
+    bmo#2025472, bmo#2026287, bmo#2026299, bmo#2026305,
+    bmo#2026426)
+    Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR
+    140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and
+    Thunderbird 149.0.2
+  * CVE-2026-5734 (bmo#2022369, bmo#2023026, bmo#2023545,
+    bmo#2023555, bmo#2023958, bmo#2025422, bmo#2025468,
+    bmo#2025492, bmo#2025505)
+    Memory safety bugs fixed in Firefox ESR 140.9.1, Thunderbird
+    ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2
+
+-------------------------------------------------------------------
 Tue Mar 24 07:53:07 UTC 2026 - Manfred Hollstein <[email protected]>
 
 - Firefox Extended Support Release 140.9.0 ESR

++++++ l10n-140.9.0esr.tar.xz -> l10n-140.9.1esr.tar.xz ++++++

++++++ tar_stamps ++++++
--- /var/tmp/diff_new_pack.dOy0ai/_old  2026-04-08 17:15:04.378299110 +0200
+++ /var/tmp/diff_new_pack.dOy0ai/_new  2026-04-08 17:15:04.382299274 +0200
@@ -1,11 +1,11 @@
 PRODUCT="firefox"
 CHANNEL="esr140"
-VERSION="140.9.0"
+VERSION="140.9.1"
 VERSION_SUFFIX="esr"
-PREV_VERSION="140.8.0"
+PREV_VERSION="140.9.0"
 PREV_VERSION_SUFFIX="esr"
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr140";
-RELEASE_TAG="ad4a5ceb5516151b4014e2af6c1565c68ab330cc"
-RELEASE_TIMESTAMP="20260317093326"
+RELEASE_TAG="cca515379f569261e903f6e84dcdb0ecdbbe821e"
+RELEASE_TIMESTAMP="20260403140708"

commit firefox-esr for openSUSE:Factory

Reply via email to