Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2024-02-27 22:43:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Tue Feb 27 22:43:17 2024 rev:421 rq:1150527 version:123.0 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2024-02-15 20:59:11.237410804 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770/MozillaFirefox.changes 2024-02-27 22:43:22.207708208 +0100 @@ -1,0 +2,40 @@ +Thu Feb 22 11:02:39 UTC 2024 - Wolfgang Rosenauer <w...@rosenauer.org> + +- Mozilla Firefox 123.0 + https://www.mozilla.org/en-US/firefox/123.0/releasenotes/ + MFSA 2024-05 (bsc#1220048) + * CVE-2024-1546 (bmo#1843752) + Out-of-bounds memory read in networking channels + * CVE-2024-1547 (bmo#1877879) + Alert dialog could have been spoofed on another site + * CVE-2024-1554 (bmo#1816390) + fetch could be used to effect cache poisoning + * CVE-2024-1548 (bmo#1832627) + Fullscreen Notification could have been hidden by select element + * CVE-2024-1549 (bmo#1833814) + Custom cursor could obscure the permission dialog + * CVE-2024-1550 (bmo#1860065) + Mouse cursor re-positioned unexpectedly could have led to + unintended permission grants + * CVE-2024-1551 (bmo#1864385) + Multipart HTTP Responses would accept the Set-Cookie header + in response parts + * CVE-2024-1555 (bmo#1873223) + SameSite cookies were not properly respected when opening a + website from an external browser + * CVE-2024-1556 (bmo#1870414) + Invalid memory access in the built-in profiler + * CVE-2024-1552 (bmo#1874502) + Incorrect code generation on 32-bit ARM devices + * CVE-2024-1553 (bmo#1855686, bmo#1867982, bmo#1871498, bmo#1872296, + bmo#1873521, bmo#1873577, bmo#1873597, bmo#1873866, bmo#1874080, + bmo#1874740, bmo#1875795, bmo#1875906, bmo#1876425, bmo#1878211, + bmo#1878286) + Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, + and Thunderbird 115.8 + * CVE-2024-1557 (bmo#1746471, bmo#1848829, bmo#1864011, bmo#1869175, + bmo#1869455, bmo#1869938, bmo#1871606) + Memory safety bugs fixed in Firefox 123 +- requires NSS 3.97 + +------------------------------------------------------------------- Old: ---- firefox-122.0.1.source.tar.xz firefox-122.0.1.source.tar.xz.asc l10n-122.0.1.tar.xz New: ---- firefox-123.0.source.tar.xz firefox-123.0.source.tar.xz.asc l10n-123.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.E4PvwS/_old 2024-02-27 22:43:33.884131500 +0100 +++ /var/tmp/diff_new_pack.E4PvwS/_new 2024-02-27 22:43:33.884131500 +0100 @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %%major.99 -%define major 122 -%define mainver %major.0.1 -%define orig_version 122.0.1 +%define major 123 +%define mainver %major.0 +%define orig_version 123.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -114,7 +114,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.35 -BuildRequires: mozilla-nss-devel >= 3.96.1 +BuildRequires: mozilla-nss-devel >= 3.97 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 12.22.12 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 ++++++ firefox-122.0.1.source.tar.xz -> firefox-123.0.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-122.0.1.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770/firefox-123.0.source.tar.xz differ: char 15, line 1 ++++++ l10n-122.0.1.tar.xz -> l10n-123.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-122.0.1.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1770/l10n-123.0.tar.xz differ: char 26, line 1 ++++++ mozilla-silence-no-return-type.patch ++++++ --- /var/tmp/diff_new_pack.E4PvwS/_old 2024-02-27 22:43:34.168141796 +0100 +++ /var/tmp/diff_new_pack.E4PvwS/_new 2024-02-27 22:43:34.172141941 +0100 @@ -1,5 +1,5 @@ # HG changeset patch -# Parent f5fd2bbd77ef4b6554a7180c9c4768e64aca3b2a +# Parent d1908d68e16e148fcc012caac881a03417eccc7e diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h @@ -505,13 +505,13 @@ diff --git a/third_party/libwebrtc/api/video_codecs/video_codec.cc b/third_party/libwebrtc/api/video_codecs/video_codec.cc --- a/third_party/libwebrtc/api/video_codecs/video_codec.cc +++ b/third_party/libwebrtc/api/video_codecs/video_codec.cc -@@ -113,16 +113,17 @@ const char* CodecTypeToPayloadString(Vid - case kVideoCodecH264: - return kPayloadNameH264; +@@ -126,16 +126,17 @@ const char* CodecTypeToPayloadString(Vid case kVideoCodecMultiplex: return kPayloadNameMultiplex; case kVideoCodecGeneric: return kPayloadNameGeneric; + case kVideoCodecH265: + return kPayloadNameH265; } RTC_CHECK_NOTREACHED(); + return ""; @@ -641,12 +641,12 @@ diff --git a/third_party/libwebrtc/call/rtp_payload_params.cc b/third_party/libwebrtc/call/rtp_payload_params.cc --- a/third_party/libwebrtc/call/rtp_payload_params.cc +++ b/third_party/libwebrtc/call/rtp_payload_params.cc -@@ -400,17 +400,17 @@ absl::optional<FrameDependencyStructure> - } +@@ -405,17 +405,17 @@ absl::optional<FrameDependencyStructure> return structure; } case VideoCodecType::kVideoCodecAV1: case VideoCodecType::kVideoCodecH264: + case VideoCodecType::kVideoCodecH265: case VideoCodecType::kVideoCodecMultiplex: return absl::nullopt; } @@ -920,10 +920,10 @@ diff --git a/third_party/libwebrtc/modules/rtp_rtcp/source/create_video_rtp_depacketizer.cc b/third_party/libwebrtc/modules/rtp_rtcp/source/create_video_rtp_depacketizer.cc --- a/third_party/libwebrtc/modules/rtp_rtcp/source/create_video_rtp_depacketizer.cc +++ b/third_party/libwebrtc/modules/rtp_rtcp/source/create_video_rtp_depacketizer.cc -@@ -33,11 +33,12 @@ std::unique_ptr<VideoRtpDepacketizer> Cr - return std::make_unique<VideoRtpDepacketizerVp9>(); - case kVideoCodecAV1: - return std::make_unique<VideoRtpDepacketizerAv1>(); +@@ -36,11 +36,12 @@ std::unique_ptr<VideoRtpDepacketizer> Cr + case kVideoCodecH265: + // TODO(bugs.webrtc.org/13485): Implement VideoRtpDepacketizerH265. + return nullptr; case kVideoCodecGeneric: case kVideoCodecMultiplex: return std::make_unique<VideoRtpDepacketizerGeneric>(); ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.E4PvwS/_old 2024-02-27 22:43:34.224143827 +0100 +++ /var/tmp/diff_new_pack.E4PvwS/_new 2024-02-27 22:43:34.224143827 +0100 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="122.0.1" +VERSION="123.0" VERSION_SUFFIX="" -PREV_VERSION="122.0" +PREV_VERSION="122.0.1" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"; -RELEASE_TAG="5eb7272884b4ce02cffab7900e41551608885492" -RELEASE_TIMESTAMP="20240205133611" +RELEASE_TAG="d3c71a6fc9a1aecf1fe04f8de2fc0b816588e677" +RELEASE_TIMESTAMP="20240213221259"
