Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2023-08-12 15:06:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11712 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Sat Aug 12 15:06:14 2023 rev:406 rq:1103536 version:116.0.2 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2023-07-30 20:57:42.803198828 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11712/MozillaFirefox.changes 2023-08-12 15:06:15.098526666 +0200 @@ -1,0 +2,70 @@ +Thu Aug 10 16:32:02 UTC 2023 - Andreas Stieger <andreas.stie...@gmx.de> + +- Mozilla Firefox 116.0.2 + * fixes for other platforms + +------------------------------------------------------------------- +Wed Aug 9 09:52:36 UTC 2023 - Adam Majer <adam.ma...@suse.de> + +- Fix OOM when linking on 32-bit + +------------------------------------------------------------------- +Sat Aug 5 17:46:22 UTC 2023 - Andreas Stieger <andreas.stie...@gmx.de> + +- Mozilla Firefox 116.0.1 + * fixes for other platforms + +------------------------------------------------------------------- +Sat Aug 5 10:04:18 UTC 2023 - Andreas Schwab <sch...@suse.de> + +- ship vaapitest binary for supported archs + +------------------------------------------------------------------- +Fri Aug 4 09:55:05 UTC 2023 - Wolfgang Rosenauer <w...@rosenauer.org> + +- re-enable ppc64le +- ship v4l2test binary for supported archs +- drop obsolete mozilla-bmo1775202.patch + +------------------------------------------------------------------- +Sun Jul 30 19:55:49 UTC 2023 - Wolfgang Rosenauer <w...@rosenauer.org> + +- Mozilla Firefox 116.0 + * https://www.mozilla.org/en-US/firefox/116.0/releasenotes/ + MFSA 2023-29 (bsc#1213746) + * CVE-2023-4045 (bmo#1833876) + Offscreen Canvas could have bypassed cross-origin restrictions + * CVE-2023-4046 (bmo#1837686) + Incorrect value used during WASM compilation + * CVE-2023-4047 (bmo#1839073) + Potential permissions request bypass via clickjacking + * CVE-2023-4048 (bmo#1841368) + Crash in DOMParser due to out-of-memory conditions + * CVE-2023-4049 (bmo#1842658) + Fix potential race conditions when releasing platform objects + * CVE-2023-4050 (bmo#1843038) + Stack buffer overflow in StorageManager + * CVE-2023-4051 (bmo#1821884) + Full screen notification obscured by file open dialog + * CVE-2023-4052 (bmo#1824420) + File deletion and privilege escalation through Firefox uninstaller + * CVE-2023-4053 (bmo#1839079) + Full screen notification obscured by external program + * CVE-2023-4054 (bmo#1840777) + Lack of warning when opening appref-ms files + * CVE-2023-4055 (bmo#1782561) + Cookie jar overflow caused unexpected cookie jar state + * CVE-2023-4056 (bmo#1820587, bmo#1824634, bmo#1839235, + bmo#1842325, bmo#1843847) + Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, + Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 + * CVE-2023-4057 (bmo#1841682) + Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, + and Thunderbird 115.1 + * CVE-2023-4058 (bmo#1819160, bmo#1828024) + Memory safety bugs fixed in Firefox 116 +- require NSS 3.91 +- remove obsolete mozilla-fix-top-level-asm.patch +- re-enable LTO + +------------------------------------------------------------------- Old: ---- firefox-115.0.3.source.tar.xz firefox-115.0.3.source.tar.xz.asc l10n-115.0.3.tar.xz mozilla-bmo1775202.patch mozilla-fix-top-level-asm.patch New: ---- firefox-116.0.2.source.tar.xz firefox-116.0.2.source.tar.xz.asc l10n-116.0.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.t69MZd/_old 2023-08-12 15:06:37.262669853 +0200 +++ /var/tmp/diff_new_pack.t69MZd/_new 2023-08-12 15:06:37.266669879 +0200 @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %%major.99 -%define major 115 -%define mainver %major.0.3 -%define orig_version 115.0.3 +%define major 116 +%define mainver %major.0.2 +%define orig_version 116.0.2 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -58,7 +58,7 @@ %ifarch %ix86 ExclusiveArch: i586 i686 BuildArch: i686 -%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686 -mtune=generic -msse2} +%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -Os -march=i686 -mtune=generic -msse2} %endif %endif %{expand:%%global optflags %(echo "%optflags"|sed -e s/-flto=auto//) } @@ -114,7 +114,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.35 -BuildRequires: mozilla-nss-devel >= 3.90 +BuildRequires: mozilla-nss-devel >= 3.91 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 12.22.12 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -219,7 +219,6 @@ Patch10: mozilla-bmo1504834-part1.patch Patch11: mozilla-bmo1504834-part3.patch Patch12: mozilla-bmo1512162.patch -Patch13: mozilla-fix-top-level-asm.patch Patch14: mozilla-bmo849632.patch Patch15: mozilla-bmo998749.patch Patch17: mozilla-libavcodec58_91.patch @@ -228,8 +227,7 @@ Patch20: one_swizzle_to_rule_them_all.patch Patch21: svg-rendering.patch Patch22: mozilla-partial-revert-1768632.patch -Patch23: mozilla-bmo1775202.patch -Patch24: mozilla-rust-disable-future-incompat.patch +Patch23: mozilla-rust-disable-future-incompat.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch @@ -248,7 +246,7 @@ %if 0%{?devpkg} == 0 Obsoletes: %{name}-devel < %{version} %endif -ExcludeArch: armv6l armv6hl ppc ppc64 ppc64le +ExcludeArch: armv6l armv6hl ppc ppc64 %description Mozilla Firefox is a standalone web browser, designed for standards @@ -382,26 +380,20 @@ %if 0%{?clang_build} == 0 export CC=gcc export CXX=g++ -%if 0%{?gcc_version:%{gcc_version}} >= 12 -export CFLAGS="\$CFLAGS -fimplicit-constexpr" -%endif %endif %endif %ifarch %arm %ix86 # Limit RAM usage during link -export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads" +export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads -Wl,--no-map-whole-files -Wl,--hash-size=31" # A lie to prevent -Wl,--gc-sections being set which requires more memory than 32bit can offer export GC_SECTIONS_BREAKS_DEBUG_RANGES=yes %endif export LDFLAGS="\$LDFLAGS -fPIC -Wl,-z,relro,-z,now" %ifarch ppc64 ppc64le -%if 0%{?clang_build} == 0 -#export CFLAGS="\$CFLAGS -mminimal-toc" -%endif %endif %ifarch %ix86 -# Not enough memory on 32-bit systems, reduce debug info. -export CFLAGS="\$CFLAGS -g1" +# Not enough memory on 32-bit systems, remove debug info. +export CFLAGS="\$CFLAGS -g0" %endif export CXXFLAGS="\$CFLAGS" export MOZCONFIG=$RPM_BUILD_DIR/mozconfig @@ -434,15 +426,13 @@ %ifarch %ix86 %arm ac_add_options --disable-debug-symbols %else -ac_add_options --enable-debug-symbols=-g1 +ac_add_options --enable-debug-symbols=-g0 %endif ac_add_options --disable-install-strip -# building with elf-hack started to fail everywhere with FF73 -#%%if 0%%{?suse_version} > 1549 -%ifarch %arm %ix86 x86_64 -ac_add_options --disable-elf-hack +%ifarch %ix86 %arm +# OOM on 32-bit when ld passed -Wl,-z,pack-relative-relocs +ac_add_options --enable-elf-hack %endif -#%%endif ac_add_options --with-system-nspr ac_add_options --with-system-nss %if 0%{useccache} != 0 @@ -493,7 +483,7 @@ %ifarch x86_64 # LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506) %if 0%{?suse_version} > 1500 -#ac_add_options --enable-lto +ac_add_options --enable-lto %if 0%{?do_profiling} ac_add_options MOZ_PGO=1 %endif @@ -727,8 +717,13 @@ %{progdir}/*.so %{progdir}/glxtest %if 0%{wayland_supported} +%ifarch %{arm} aarch64 %{ix86} x86_64 %{progdir}/vaapitest %endif +%endif +%ifarch aarch64 riscv64 %arm +%{progdir}/v4l2test +%endif %{progdir}/omni.ja %{progdir}/fonts/ %{progdir}/pingsender ++++++ firefox-115.0.3.source.tar.xz -> firefox-116.0.2.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-115.0.3.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11712/firefox-116.0.2.source.tar.xz differ: char 15, line 1 ++++++ l10n-115.0.3.tar.xz -> l10n-116.0.2.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-115.0.3.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11712/l10n-116.0.2.tar.xz differ: char 26, line 1 ++++++ mozilla-kde.patch ++++++ ++++ 1012 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/MozillaFirefox/mozilla-kde.patch ++++ and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11712/mozilla-kde.patch ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.t69MZd/_old 2023-08-12 15:06:37.662672437 +0200 +++ /var/tmp/diff_new_pack.t69MZd/_new 2023-08-12 15:06:37.666672463 +0200 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="115.0.3" +VERSION="116.0.2" VERSION_SUFFIX="" -PREV_VERSION="115.0.2" +PREV_VERSION="116.0.1" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"; -RELEASE_TAG="326212e7271a9c9f0776153095cf48d7153260aa" -RELEASE_TIMESTAMP="20230726201356" +RELEASE_TAG="ae781417692ab706ede947dcb19703aaf10129ea" +RELEASE_TIMESTAMP="20230805021307"
