Hello community,
here is the log from the commit of package MozillaFirefox for
openSUSE:Leap:15.2 checked in at 2020-05-12 11:31:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2/MozillaFirefox (Old)
and /work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.2738 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox"
Tue May 12 11:31:28 2020 rev:61 rq:801118 version:68.8.0
Changes:
--------
--- /work/SRC/openSUSE:Leap:15.2/MozillaFirefox/MozillaFirefox.changes
2020-04-20 12:54:56.388676808 +0200
+++
/work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.2738/MozillaFirefox.changes
2020-05-12 11:31:29.711630279 +0200
@@ -1,0 +2,24 @@
+Tue May 5 13:10:26 UTC 2020 - Martin Sirringhaus <[email protected]>
+
+- Firefox Extended Support Release 68.8.0 ESR
+ MFSA 2020-17 (bsc#1171186)
+ * CVE-2020-12387 (bmo#1545345)
+ Use-after-free during worker shutdown
+ * CVE-2020-12388 (bmo#1618911)
+ Sandbox escape with improperly guarded Access Tokens
+ * CVE-2020-12389 (bmo#1554110)
+ Sandbox escape with improperly separated process types
+ * CVE-2020-6831 (bmo#1632241)
+ Buffer overflow in SCTP chunk input validation
+ * CVE-2020-12392 (bmo#1614468)
+ Arbitrary local file access with 'Copy as cURL'
+ * CVE-2020-12393 (bmo#1615471)
+ Devtools' 'Copy as cURL' feature did not fully escape
+ website-controlled data, potentially leading to command
+ injection
+ * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704,
+ bmo#1624098, bmo#1625749, bmo#1626382, bmo#1628076,
+ bmo#1631508)
+ Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
+
+-------------------------------------------------------------------
Old:
----
firefox-68.7.0esr.source.tar.xz
firefox-68.7.0esr.source.tar.xz.asc
l10n-68.7.0esr.tar.xz
New:
----
firefox-68.8.0esr.source.tar.xz
firefox-68.8.0esr.source.tar.xz.asc
l10n-68.8.0esr.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaFirefox.spec ++++++
--- /var/tmp/diff_new_pack.e9qq70/_old 2020-05-12 11:31:43.463659166 +0200
+++ /var/tmp/diff_new_pack.e9qq70/_new 2020-05-12 11:31:43.463659166 +0200
@@ -26,8 +26,8 @@
# major 69
# mainver %major.99
%define major 68
-%define mainver %major.7.0
-%define orig_version 68.7.0
+%define mainver %major.8.0
+%define orig_version 68.8.0
%define orig_suffix esr
%define update_channel esr68
%define branding 1
++++++ firefox-68.7.0esr.source.tar.xz -> firefox-68.8.0esr.source.tar.xz ++++++
/work/SRC/openSUSE:Leap:15.2/MozillaFirefox/firefox-68.7.0esr.source.tar.xz
/work/SRC/openSUSE:Leap:15.2/.MozillaFirefox.new.2738/firefox-68.8.0esr.source.tar.xz
differ: char 15, line 1
++++++ l10n-68.7.0esr.tar.xz -> l10n-68.8.0esr.tar.xz ++++++
++++++ tar_stamps ++++++
--- /var/tmp/diff_new_pack.e9qq70/_old 2020-05-12 11:31:44.055660410 +0200
+++ /var/tmp/diff_new_pack.e9qq70/_new 2020-05-12 11:31:44.055660410 +0200
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="esr68"
-VERSION="68.7.0"
+VERSION="68.8.0"
VERSION_SUFFIX="esr"
-PREV_VERSION="68.6.1"
+PREV_VERSION="68.7.0"
PREV_VERSION_SUFFIX="esr"
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-esr68";
-RELEASE_TAG="1081a5ebf803f8a22ddbe03d73e61e3346243786"
-RELEASE_TIMESTAMP="20200403171148"
+RELEASE_TAG="416007f3bb6c5a70edb59449e5c8fa4e25b318a9"
+RELEASE_TIMESTAMP="20200429190206"
