commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-11-10 13:39:13

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11331 (New)


Package is "MozillaFirefox"

Tue Nov 10 13:39:13 2020 rev:321 rq:847338 version:82.0.3

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-10-26 16:07:51.214469962 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.11331/MozillaFirefox.changes 
2020-11-10 13:40:13.400381712 +0100
@@ -1,0 +2,14 @@
+Mon Nov  9 10:15:52 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 82.0.3
+  MSFA 2020-49
+  * CVE-2020-26950 (bmo#1675905)
+Write side effects in MCallGetProperty opcode not accounted for
+
+---
+Mon Nov  2 09:00:13 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 82.0.2
+  * few bugfixes for introduced regressions
+
+---

Old:

  firefox-82.0.source.tar.xz
  firefox-82.0.source.tar.xz.asc
  l10n-82.0.tar.xz

New:

  firefox-82.0.3.source.tar.xz
  firefox-82.0.3.source.tar.xz.asc
  l10n-82.0.3.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.sesCTj/_old  2020-11-10 13:43:56.031939358 +0100
+++ /var/tmp/diff_new_pack.sesCTj/_new  2020-11-10 13:43:56.031939358 +0100
@@ -30,8 +30,8 @@
 # major 69
 # mainver %major.99
 %define major  82
-%define mainver%major.0
-%define orig_version   82.0
+%define mainver%major.0.3
+%define orig_version   82.0.3
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1

++ firefox-82.0.source.tar.xz -> firefox-82.0.3.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-82.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.11331/firefox-82.0.3.source.tar.xz
 differ: char 15, line 1

++ l10n-82.0.tar.xz -> l10n-82.0.3.tar.xz ++

++ tar_stamps ++
--- /var/tmp/diff_new_pack.sesCTj/_old  2020-11-10 13:43:56.463938500 +0100
+++ /var/tmp/diff_new_pack.sesCTj/_new  2020-11-10 13:43:56.463938500 +0100
@@ -1,11 +1,11 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="82.0"
+VERSION="82.0.3"
 VERSION_SUFFIX=""
-PREV_VERSION=""
+PREV_VERSION="82.0.2"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="bbdea0acf29a60ac9500439691337f3e0e96eb2f"
-RELEASE_TIMESTAMP="20201014125134"
+RELEASE_TAG="861857e7c10478e180cc39a394377a3b1304954b"
+RELEASE_TIMESTAMP="20201108180448"

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-10-26 16:07:50

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3463 (New)


Package is "MozillaFirefox"

Mon Oct 26 16:07:50 2020 rev:320 rq:843274 version:82.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-10-08 13:07:57.662943024 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3463/MozillaFirefox.changes  
2020-10-26 16:07:51.214469962 +0100
@@ -1,0 +2,29 @@
+Thu Oct 15 20:44:47 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 82.0
+  * https://www.mozilla.org/en-US/firefox/82.0/releasenotes/
+  MFSA 2020-45 (bsc#1177872)
+  * CVE-2020-15969 (bmo#1666570)
+Use-after-free in usersctp
+  * CVE-2020-15254 (bmo#1668514)
+Undefined behavior in bounded channel of crossbeam rust crate
+  * CVE-2020-15680 (bmo#1658881)
+Presence of external protocol handlers could be determined
+through image tags
+  * CVE-2020-15681 (bmo#1666568)
+Multiple WASM threads may have overwritten each others' stub
+table entries
+  * CVE-2020-15682 (bmo#1636654)
+The domain associated with the prompt to open an external
+protocol could be spoofed to display the incorrect origin
+  * CVE-2020-15683 (bmo#1576843, bmo#1656987, bmo#1660954,
+bmo#1662760, bmo#1663439, bmo#1666140)
+Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
+  * CVE-2020-15684 (bmo#1653764, bmo#1661402, bmo#1662259,
+bmo#1664257)
+Memory safety bugs fixed in Firefox 82
+- requires
+  * NSPR 4.29
+  * NSS 3.57
+
+---

Old:

  firefox-81.0.1.source.tar.xz
  firefox-81.0.1.source.tar.xz.asc
  l10n-81.0.1.tar.xz

New:

  firefox-82.0.source.tar.xz
  firefox-82.0.source.tar.xz.asc
  l10n-82.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.E5fwhh/_old  2020-10-26 16:08:10.646487847 +0100
+++ /var/tmp/diff_new_pack.E5fwhh/_new  2020-10-26 16:08:10.646487847 +0100
@@ -29,9 +29,9 @@
 # orig_suffix b3
 # major 69
 # mainver %major.99
-%define major  81
-%define mainver%major.0.1
-%define orig_version   81.0.1
+%define major  82
+%define mainver%major.0
+%define orig_version   82.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -100,8 +100,8 @@
 BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.28
-BuildRequires:  mozilla-nss-devel >= 3.56
+BuildRequires:  mozilla-nspr-devel >= 4.29
+BuildRequires:  mozilla-nss-devel >= 3.57
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs10 >= 10.21.0
 %if 0%{?sle_version} >= 12 && 0%{?sle_version} < 15
@@ -109,7 +109,6 @@
 BuildRequires:  python36
 %else
 BuildRequires:  python3 >= 3.5
-BuildRequires:  python3-curses
 BuildRequires:  python3-devel
 %endif
 BuildRequires:  rust >= 1.43
@@ -559,8 +558,13 @@
 %endif
 EOF
 
+%ifarch %ix86
+%define njobs 1
+%else
+%define njobs 0%{?jobs:%jobs}
+%endif
 sed -r '/^(ja-JP-mac|ga-IE|en-US|)$/d;s/ .*$//' 
$RPM_BUILD_DIR/%{srcname}-%{orig_version}/browser/locales/shipped-locales \
-| xargs -n 1 %{?jobs:-P %jobs} -I {} /bin/sh -c '
+| xargs -n 1 %{?njobs:-P %njobs} -I {} /bin/sh -c '
 locale=$1
 cp ${MOZCONFIG}_LANG ${MOZCONFIG}_$locale
 sed -i "s|obj_LANG|obj_$locale|" ${MOZCONFIG}_$locale

++ firefox-81.0.1.source.tar.xz -> firefox-82.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-81.0.1.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.3463/firefox-82.0.source.tar.xz 
differ: char 15, line 1

++ l10n-81.0.1.tar.xz -> l10n-82.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-81.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.3463/l10n-82.0.tar.xz differ: 
char 26, line 1

++ tar_stamps ++
--- /var/tmp/diff_new_pack.E5fwhh/_old  2020-10-26 16:08:11.010488182 +0100
+++ /var/tmp/diff_new_pack.E5fwhh/_new  2020-10-26 16:08:11.010488182 +0100
@@ -1,11 +1,11 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="81.0.1"
+VERSION="82.0"
 VERSION_SUFFIX=""
-PREV_VERSION="81.0"
+PREV_VERSION=""
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="0df30c09d098468f2f4632e62aec0954b6174dc5"
-RELEASE_TIMESTAMP="20200930150533"
+RELEASE_TAG="bbdea0acf29a60ac9500439691337f3e0e96eb2f"
+RELEASE_TIMESTAMP="20201014125134"

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-10-08 13:06:55

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.4249 (New)


Package is "MozillaFirefox"

Thu Oct  8 13:06:55 2020 rev:319 rq:839098 version:81.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-09-03 01:08:55.448362387 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.4249/MozillaFirefox.changes  
2020-10-08 13:07:57.662943024 +0200
@@ -1,0 +2,78 @@
+Thu Oct  1 20:00:27 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 81.0.1
+  * https://www.mozilla.org/en-US/firefox/81.0.1/releasenotes/
+- remove obsolete python2 build requires
+
+---
+Wed Sep 30 18:49:10 UTC 2020 - Guillaume GARDET 
+
+- Increase disk requirements in _constraints to match current needs
+
+---
+Fri Sep 18 06:22:40 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 81.0
+  * https://www.mozilla.org/en-US/firefox/81.0/releasenotes
+  MFSA 2020-42 (bsc#1176756)
+  * CVE-2020-15675 (bmo#1654211)
+Use-After-Free in WebGL
+  * CVE-2020-15677 (bmo#1641487)
+Download origin spoofing via redirect
+  * CVE-2020-15676 (bmo#1646140)
+XSS when pasting attacker-controlled data into a
+contenteditable element
+  * CVE-2020-15678 (bmo#1660211)
+When recursing through layers while scrolling, an iterator
+may have become invalid, resulting in a potential use-after-
+free scenario
+  * CVE-2020-15673 (bmo#1648493, bmo#1660800)
+Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3
+  * CVE-2020-15674 (bmo#1656063, bmo#1656064, bmo#1656067, bmo#1660293)
+Memory safety bugs fixed in Firefox 81
+- requires
+  NSPR 4.28
+  NSS 3.56
+- removed obsolete patches
+  * mozilla-system-nspr.patch
+  * mozilla-bmo1661715.patch
+  * mozilla-silence-no-return-type.patch
+- skip post-build-checks for 15.0 and 15.1
+- add revert-795c8762b16b.patch to fix LTO builds with gcc
+  (related to bmo#1644409)
+- require python3-curses as workaround to fix i586 build
+
+---
+Thu Sep 17 11:45:31 UTC 2020 - Guillaume GARDET 
+
+- Use %limit_build macro again for aarch64 and armv7, instead of
+  the new memoryperjob _constraints to use more workers
+
+---
+Sat Sep  5 17:43:26 UTC 2020 - Wolfgang Rosenauer 
+
+- add mozilla-bmo1661715.patch to fix Flash plugin
+
+---
+Wed Sep  2 17:11:19 UTC 2020 - Manfred Hollstein 
+
+- Mozilla Firefox 80.0.1: Bug fixes:
+  * Fixed a performance regression when encountering new intermediate
+CA certificates (bmo#1661543)
+  * Fixed crashes possibly related to GPU resets (bmo#1627616)
+  * Fixed rendering on some sites using WebGL (bmo#1659225)
+  * Fixed the zoom-in keyboard shortcut on Japanese language builds
+(bmo#1661895)
+  * Fixed download issues related to extensions and cookies
+(bmo#1655190)
+- added mozilla-silence-no-return-type.patch
+
+---
+Tue Aug 25 19:30:15 UTC 2020 - Wolfgang Rosenauer 
+
+- more whitelisting (/dev/random) for sandbox in relation to FIPS
+  (bsc#1174284)
+- improve langpack builds to use dedicated objdirs and make it
+  parallel again
+
+---

Old:

  firefox-80.0.source.tar.xz
  firefox-80.0.source.tar.xz.asc
  l10n-80.0.tar.xz
  mozilla-system-nspr.patch

New:

  firefox-81.0.1.source.tar.xz
  firefox-81.0.1.source.tar.xz.asc
  l10n-81.0.1.tar.xz
  revert-795c8762b16b.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.CbNVmm/_old  2020-10-08 13:08:33.198975198 +0200
+++ /var/tmp/diff_new_pack.CbNVmm/_new  2020-10-08 13:08:33.202975201 +0200
@@ -17,6 +17,10 @@
 #
 
 
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150100
+#!BuildIgnore: post-build-checks
+%endif
+
 # changed with every update
 # orig_version vs. mainver: To have beta-builds
 # FF70beta3 would be released as FF69.99
@@ -25,9 +29,9 @@
 # orig_suffix b3
 # major 69
 # mainver %major.99
-%define major  80
-%define mainver%major.0
-%define orig_version   80.0
+%define major  81
+%define mainver%major.0.1
+%define orig_version   81.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -82,6 +86,7 @@
 BuildRequires:  dbus-1-glib-devel
 BuildRequires:  

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-09-03 01:08:36

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3399 (New)


Package is "MozillaFirefox"

Thu Sep  3 01:08:36 2020 rev:318 rq:829621 version:80.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-07-30 09:57:38.383092914 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3399/MozillaFirefox.changes  
2020-09-03 01:08:55.448362387 +0200
@@ -1,0 +2,59 @@
+Sat Aug 22 06:52:01 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 80.0
+  MFSA 2020-36 (bsc#1175686)
+  * CVE-2020-15663 (bmo#1643199)
+Downgrade attack on the Mozilla Maintenance Service could
+have resulted in escalation of privilege
+  * CVE-2020-15664 (bmo#1658214)
+Attacker-induced prompt for extension installation
+  * CVE-2020-12401 (bmo#1631573)
+Timing-attack on ECDSA signature generation
+  * CVE-2020-6829 (bmo#1631583)
+P-384 and P-521 vulnerable to an electro-magnetic side
+channel attack on signature generation
+  * CVE-2020-12400 (bmo#1623116)
+P-384 and P-521 vulnerable to a side channel attack on
+modular inversion
+  * CVE-2020-15665 (bmo#1651636)
+Address bar not reset when choosing to stay on a page after
+the beforeunload dialog is shown
+  * CVE-2020-15666 (bmo#1450853)
+MediaError message property leaks cross-origin response
+status
+  * CVE-2020-15667 (bmo#1653371)
+Heap overflow when processing an update file
+  * CVE-2020-15668 (bmo#1651520)
+Data Race when reading certificate information
+  * CVE-2020-15670 (bmo#1651001, bmo#1651449, bmo#1653626,
+bmo#1656957)
+Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
+- requires
+  * NSPR 4.27
+  * NSS 3.55
+- added mozilla-system-nspr.patch (bmo#1661096)
+- exclude ga-IE locale as it's failing to build
+- rollback parallelize locale build because it breaks bookmarks
+  (boo#1167976)
+- preserve original default bookmark file during langpack build
+  (boo#1167976)
+- add some ccache output during build
+
+---
+Thu Aug 20 13:07:33 UTC 2020 - Martin Liška 
+
+- Use new memoryperjob _constraints instead of %limit_build macro.
+
+---
+Mon Aug 10 09:19:38 UTC 2020 - Wolfgang Rosenauer 
+
+- use ccache for build
+- replace versioned RPM deps with requires_ge
+- parallelize locale build
+
+---
+Thu Aug  6 14:37:16 UTC 2020 - Yunhe Guo 
+
+- Change *.appdata.xml location to latest AppStream standard
+
+---

Old:

  firefox-79.0.source.tar.xz
  firefox-79.0.source.tar.xz.asc
  l10n-79.0.tar.xz

New:

  firefox-80.0.source.tar.xz
  firefox-80.0.source.tar.xz.asc
  l10n-80.0.tar.xz
  mozilla-system-nspr.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.qdlR9o/_old  2020-09-03 01:09:16.348369353 +0200
+++ /var/tmp/diff_new_pack.qdlR9o/_new  2020-09-03 01:09:16.352369354 +0200
@@ -25,9 +25,9 @@
 # orig_suffix b3
 # major 69
 # mainver %major.99
-%define major  79
+%define major  80
 %define mainver%major.0
-%define orig_version   79.0
+%define orig_version   80.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -82,21 +82,21 @@
 BuildRequires:  dbus-1-glib-devel
 BuildRequires:  dejavu-fonts
 BuildRequires:  fdupes
-BuildRequires:  memory-constraints
 %if 0%{?suse_version} <= 1320
 BuildRequires:  gcc9-c++
 %else
 BuildRequires:  gcc-c++
 %endif
 BuildRequires:  cargo >= 1.43
+BuildRequires:  ccache
 BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
 BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.26
-BuildRequires:  mozilla-nss-devel >= 3.54
+BuildRequires:  mozilla-nspr-devel >= 4.27
+BuildRequires:  mozilla-nss-devel >= 3.55
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs10 >= 10.21.0
 BuildRequires:  python-devel
@@ -208,6 +208,7 @@
 Patch26:mozilla-bmo1626236.patch
 Patch27:mozilla-s390x-skia-gradient.patch
 Patch28:mozilla-libavcodec58_91.patch
+Patch29:mozilla-system-nspr.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -216,8 +217,9 @@
 Requires(post):   coreutils shared-mime-info desktop-file-utils
 Requires(postun): shared-mime-info desktop-file-utils
 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-07-30 09:56:32

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3592 (New)


Package is "MozillaFirefox"

Thu Jul 30 09:56:32 2020 rev:317 rq:823315 version:79.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-07-21 15:47:29.408080529 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3592/MozillaFirefox.changes  
2020-07-30 09:57:38.383092914 +0200
@@ -1,0 +2,40 @@
+Thu Jul 23 21:00:34 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 79.0
+  MFSA 2020-30 (bsc#1174538)
+  * CVE-2020-15652 (bmo#1634872)
+Potential leak of redirect targets when loading scripts in a worker
+  * CVE-2020-6514 (bmo#1642792)
+WebRTC data channel leaks internal address to peer
+  * CVE-2020-15655 (bmo#1645204)
+Extension APIs could be used to bypass Same-Origin Policy
+  * CVE-2020-15653 (bmo#1521542)
+Bypassing iframe sandbox when allowing popups
+  * CVE-2020-6463 (bmo#1635293)
+Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
+  * CVE-2020-15656 (bmo#1647293)
+Type confusion for special arguments in IonMonkey
+  * CVE-2020-15658 (bmo#1637745)
+Overriding file type when saving to disk
+  * CVE-2020-15657 (bmo#1644954)
+DLL hijacking due to incorrect loading path
+  * CVE-2020-15654 (bmo#1648333)
+Custom cursor can overlay user interface
+  * CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1638856,
+bmo#1643613, bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646220,
+bmo#1646787, bmo#1649347, bmo#1650811, bmo#1651678)
+Memory safety bugs fixed in Firefox 79
+- updated dependency requirements:
+  * mozilla-nspr >= 4.26
+  * mozilla-nss >= 3.54
+  * rust >= 1.43
+  * rust-cbindgen >= 0.14.3
+- removed obsolete patch
+  mozilla-bmo1463035.patch
+
+---
+Tue Jul 21 21:31:20 UTC 2020 - Wolfgang Rosenauer 
+
+- fixed syntax issue in desktop file (boo#1174360)
+
+---

Old:

  firefox-78.0.2.source.tar.xz
  firefox-78.0.2.source.tar.xz.asc
  l10n-78.0.2.tar.xz
  mozilla-bmo1463035.patch

New:

  firefox-79.0.source.tar.xz
  firefox-79.0.source.tar.xz.asc
  l10n-79.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.UJ8Lgg/_old  2020-07-30 09:58:08.331119763 +0200
+++ /var/tmp/diff_new_pack.UJ8Lgg/_new  2020-07-30 09:58:08.335119767 +0200
@@ -25,9 +25,9 @@
 # orig_suffix b3
 # major 69
 # mainver %major.99
-%define major  78
-%define mainver%major.0.2
-%define orig_version   78.0.2
+%define major  79
+%define mainver%major.0
+%define orig_version   79.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -88,15 +88,15 @@
 %else
 BuildRequires:  gcc-c++
 %endif
-BuildRequires:  cargo >= 1.41
+BuildRequires:  cargo >= 1.43
 BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
 BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.25
-BuildRequires:  mozilla-nss-devel >= 3.53.1
+BuildRequires:  mozilla-nspr-devel >= 4.26
+BuildRequires:  mozilla-nss-devel >= 3.54
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs10 >= 10.21.0
 BuildRequires:  python-devel
@@ -107,8 +107,8 @@
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5
 %endif
-BuildRequires:  rust >= 1.41
-BuildRequires:  rust-cbindgen >= 0.14.1
+BuildRequires:  rust >= 1.43
+BuildRequires:  rust-cbindgen >= 0.14.3
 BuildRequires:  unzip
 BuildRequires:  update-desktop-files
 BuildRequires:  xorg-x11-libXt-devel
@@ -186,7 +186,6 @@
 Patch2: mozilla-kde.patch
 Patch3: mozilla-ntlm-full-path.patch
 Patch4: mozilla-aarch64-startup-crash.patch
-Patch5: mozilla-bmo1463035.patch
 Patch6: mozilla-sandbox-fips.patch
 Patch7: mozilla-fix-aarch64-libopus.patch
 Patch8: mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
@@ -326,7 +325,6 @@
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
-%patch5 -p1
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1

++ MozillaFirefox.desktop ++
--- /var/tmp/diff_new_pack.UJ8Lgg/_old  2020-07-30 09:58:08.451119871 +0200
+++ /var/tmp/diff_new_pack.UJ8Lgg/_new  2020-07-30 09:58:08.451119871 +0200
@@ -15,7 +15,7 @@
 
 [Desktop Action new-window]
 Name=New Window
-Exec==%EXEC --new-windows %u
+Exec=%EXEC --new-window %u
 
 [Desktop Action PrivateBrowsing]
 Name=New Private Browsing Window

++ 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-07-21 15:45:26

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3592 (New)


Package is "MozillaFirefox"

Tue Jul 21 15:45:26 2020 rev:316 rq:821616 version:78.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-07-15 11:37:43.566379028 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3592/MozillaFirefox.changes  
2020-07-21 15:47:29.408080529 +0200
@@ -1,0 +2,9 @@
+Fri Jul 17 15:07:45 UTC 2020 - Wolfgang Rosenauer 
+
+- Add mozilla-libavcodec58_91.patch to link against updated
+  soversion of libavcodec (58.91) with ffmpeg >= 4.3.
+  (patch provided by Atri Bhattacharya 
+- enable MOZ_USE_XINPUT2 for TW (again) (boo#1173320)
+  (Plasma 5.19.3 is now in TW)
+
+---

New:

  mozilla-libavcodec58_91.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.qVeI8e/_old  2020-07-21 15:47:40.204093876 +0200
+++ /var/tmp/diff_new_pack.qVeI8e/_new  2020-07-21 15:47:40.208093881 +0200
@@ -208,6 +208,7 @@
 Patch25:mozilla-bmo998749.patch
 Patch26:mozilla-bmo1626236.patch
 Patch27:mozilla-s390x-skia-gradient.patch
+Patch28:mozilla-libavcodec58_91.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -349,6 +350,7 @@
 %patch25 -p1
 %patch26 -p1
 %patch27 -p1
+%patch28 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1


++ mozilla-libavcodec58_91.patch ++
Index: firefox-78.0.2/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
===
--- firefox-78.0.2.orig/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
+++ firefox-78.0.2/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp
@@ -30,6 +30,7 @@ static FFmpegLibWrapper sLibAV;
 static const char* sLibs[] = {
 // clang-format off
 #if defined(XP_DARWIN)
+  "libavcodec.58.91.dylib",
   "libavcodec.58.dylib",
   "libavcodec.57.dylib",
   "libavcodec.56.dylib",
@@ -37,6 +38,7 @@ static const char* sLibs[] = {
   "libavcodec.54.dylib",
   "libavcodec.53.dylib",
 #else
+  "libavcodec.so.58.91",
   "libavcodec.so.58",
   "libavcodec-ffmpeg.so.58",
   "libavcodec-ffmpeg.so.57",
++ mozilla.sh.in ++
--- /var/tmp/diff_new_pack.qVeI8e/_old  2020-07-21 15:47:40.460094193 +0200
+++ /var/tmp/diff_new_pack.qVeI8e/_new  2020-07-21 15:47:40.460094193 +0200
@@ -97,10 +97,10 @@
 fi
 
 # xinput2 (boo#1173320)
-#source /etc/os-release
-#if [ "$ID" = "opensuse-tumbleweed" ]; then
-#  export MOZ_USE_XINPUT2=1
-#fi
+source /etc/os-release
+if [ "$ID" = "opensuse-tumbleweed" ]; then
+  export MOZ_USE_XINPUT2=1
+fi
 
 ##
 ## To disable the use of Firefox localization handling for

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-07-15 11:32:41

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3060 (New)


Package is "MozillaFirefox"

Wed Jul 15 11:32:41 2020 rev:315 rq:820688 version:78.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-07-06 16:24:17.826242597 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3060/MozillaFirefox.changes  
2020-07-15 11:37:43.566379028 +0200
@@ -1,0 +2,22 @@
+Sat Jul 11 11:08:06 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 78.0.2
+  * Fixed an accessibility regression in reader mode (bmo#1650922)
+  * Made the address bar more resilient to data corruption in the
+user profile (bmo#1649981)
+  * Fixed a regression opening certain external applications (bmo#1650162)
+  MFSA 2020-28
+  * CVE pending (bmo#1644076)
+X-Frame-Options bypass using object or embed tags
+- added desktop file actions
+- do not use XINPUT2 for the moment until Plasma 5.19.3 has landed
+  (boo#1173993)
+- rework langpack integration (boo#1173991)
+  * ship XPIs instead of directories
+  * allow addon sideloading
+  * mark signatures for langpacks non-mandatory
+  * do not autodisable user profile scopes
+- Google API key is not usable for geolocation service
+- fix pipewire support for TW (boo#1172903)
+
+---

Old:

  firefox-78.0.1.source.tar.xz
  firefox-78.0.1.source.tar.xz.asc
  l10n-78.0.1.tar.xz

New:

  firefox-78.0.2.source.tar.xz
  firefox-78.0.2.source.tar.xz.asc
  l10n-78.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.395tvT/_old  2020-07-15 11:38:37.994436275 +0200
+++ /var/tmp/diff_new_pack.395tvT/_new  2020-07-15 11:38:37.998436279 +0200
@@ -26,8 +26,8 @@
 # major 69
 # mainver %major.99
 %define major  78
-%define mainver%major.0.1
-%define orig_version   78.0.1
+%define mainver%major.0.2
+%define orig_version   78.0.2
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -68,11 +68,11 @@
 %else
 %define crashreporter 0
 %endif
-%if 0%{?sle_version} > 150100
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150100
 # pipewire is too old on Leap <15.1
-%define with_pipewire0_3 1
-%else
 %define with_pipewire0_3 0
+%else
+%define with_pipewire0_3 1
 %endif
 
 Name:   %{pkgname}
@@ -476,9 +476,10 @@
 #ac_add_options --enable-chrome-format=jar
 ac_add_options --enable-update-channel=%{update_channel}
 ac_add_options --with-mozilla-api-keyfile=%{SOURCE18}
-ac_add_options --with-google-location-service-api-keyfile=%{SOURCE19}
+#ac_add_options --with-google-location-service-api-keyfile=%{SOURCE19}
 ac_add_options --with-google-safebrowsing-api-keyfile=%{SOURCE19}
 ac_add_options --with-unsigned-addon-scopes=app
+ac_add_options --allow-addon-sideload
 %if %branding
 ac_add_options --enable-official-branding
 %endif
@@ -533,18 +534,18 @@
 | xargs -n 1 -I {} /bin/sh -c '
 locale=$1
 ./mach build langpack-$locale
-cp -rL ../obj/dist/xpi-stage/locale-$locale \
-
%{buildroot}%{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org
+cp -L 
../obj/dist/linux-*/xpi/firefox-%{orig_version}.$locale.langpack.xpi \
+
%{buildroot}%{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org.xpi
 # remove prefs, profile defaults, and hyphenation from langpack
-rm -rf 
%{buildroot}%{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org/defaults
-rm -rf 
%{buildroot}%{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org/hyphenation
+#rm -rf 
%{buildroot}%{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org/defaults
+#rm -rf 
%{buildroot}%{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org/hyphenation
 # check against the fixed common list and sort into the right filelist
 _matched=0
 for _match in ar ca cs da de el en-GB es-AR es-CL es-ES fi fr hu it ja 
ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
 [ "$_match" = "$locale" ] && _matched=1
 done
 [ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
-echo 
%{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org \
+echo 
%{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org.xpi \
 >> %{_tmppath}/translations.$_l10ntarget
 ' -- {}
 %endif
@@ -759,12 +760,12 @@
 %files translations-common -f %{_tmppath}/translations.common
 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-07-06 16:20:26

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3060 (New)


Package is "MozillaFirefox"

Mon Jul  6 16:20:26 2020 rev:314 rq:818643 version:78.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-06-05 20:05:35.768916295 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3060/MozillaFirefox.changes  
2020-07-06 16:24:17.826242597 +0200
@@ -1,0 +2,72 @@
+Wed Jul  1 07:15:02 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 78.0.1
+  * Fixed an issue which could cause installed search engines to not
+be visible when upgrading from a previous release.
+- enable MOZ_USE_XINPUT2 for TW (boo#1173320)
+
+---
+Sun Jun 28 07:17:13 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 78.0
+  * startup notifications now using Gtk instead of libnotify
+  * PDF downloads now show an option to open the PDF directly in Firefox
+  * Protections Dashboard (about:protections)
+  * WebRTC not interrupted by screensaver anymore
+  * disabled TLS 1.0 and 1.1 by default
+  MFSA 2020-24 (bsc#1173576)
+  * CVE-2020-12415 (bmo#1586630)
+AppCache manifest poisoning due to url encoded character processing
+  * CVE-2020-12416 (bmo#1639734)
+Use-after-free in WebRTC VideoBroadcaster
+  * CVE-2020-12417 (bmo#1640737)
+Memory corruption due to missing sign-extension for ValueTags
+on ARM64
+  * CVE-2020-12418 (bmo#1641303)
+Information disclosure due to manipulated URL object
+  * CVE-2020-12419 (bmo#1643874)
+Use-after-free in nsGlobalWindowInner
+  * CVE-2020-12420 (bmo#1643437)
+Use-After-Free when trying to connect to a STUN server
+  * CVE-2020-12402 (bmo#1631597)
+RSA Key Generation vulnerable to side-channel attack
+  * CVE-2020-12421 (bmo#1308251)
+Add-On updates did not respect the same certificate trust
+rules as software updates
+  * CVE-2020-12422 (bmo#1450353)
+Integer overflow in nsJPEGEncoder::emptyOutputBuffer
+  * CVE-2020-12423 (bmo#1642400)
+DLL Hijacking due to searching %PATH% for a library
+  * CVE-2020-12424 (bmo#1562600)
+WebRTC permission prompt could have been bypassed by a
+compromised content process
+  * CVE-2020-12425 (bmo#1634738)
+Out of bound read in Date.parse()
+  * CVE-2020-12426 (bmo#1608068, bmo#1609951, bmo#1631187, bmo#1637682)
+Memory safety bugs fixed in Firefox 78
+- requires
+  * NSS >= 3.53.1
+  * nodejs >= 10.21
+  * Gtk+3 >= 3.14
+- removed obsolete patches
+  * mozilla-s390-bigendian.patch
+  * mozilla-bmo1634646.patch
+- Add mozilla-pipewire-0-3.patch for openSUSE >= 15.2 to build
+  WebRTC with pipewire support to enable screen sharing under
+  Wayland; also add BuildRequires: pkgconfig(libpipewire-0.3)
+  appropriately (boo#1172903).
+- adding SLE12 compatibility in spec file
+- add patches for s390x
+  * mozilla-bmo1602730.patch (bmo#1602730)
+  * mozilla-bmo1626236.patch (bmo#1626236)
+  * mozilla-bmo998749.patch (bmo#998749)
+  * mozilla-s390x-skia-gradient.patch
+- update create-tar.sh
+- Use same _constraints for ppc64 (BE) as ppc64le to avoid oom build failure
+
+---
+Wed Jun 10 07:17:15 UTC 2020 - Guillaume GARDET 
+
+- Exclude armv6, since it is unbuildable since about 3 years
+
+---

Old:

  firefox-77.0.1.source.tar.xz
  firefox-77.0.1.source.tar.xz.asc
  l10n-77.0.1.tar.xz
  mozilla-bmo1634646.patch
  mozilla-s390-bigendian.patch

New:

  firefox-78.0.1.source.tar.xz
  firefox-78.0.1.source.tar.xz.asc
  l10n-78.0.1.tar.xz
  mozilla-bmo1602730.patch
  mozilla-bmo1626236.patch
  mozilla-bmo998749.patch
  mozilla-pipewire-0-3.patch
  mozilla-s390x-skia-gradient.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.n5KVZn/_old  2020-07-06 16:25:34.702478824 +0200
+++ /var/tmp/diff_new_pack.n5KVZn/_new  2020-07-06 16:25:34.706478835 +0200
@@ -18,9 +18,16 @@
 
 
 # changed with every update
-%define major  77
+# orig_version vs. mainver: To have beta-builds
+# FF70beta3 would be released as FF69.99
+# orig_version would be the upstream tar ball
+# orig_version 70.0
+# orig_suffix b3
+# major 69
+# mainver %major.99
+%define major  78
 %define mainver%major.0.1
-%define orig_version   77.0.1
+%define orig_version   78.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -61,6 +68,12 @@
 %else
 %define crashreporter 0
 %endif
+%if 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-06-05 20:04:07

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3606 (New)


Package is "MozillaFirefox"

Fri Jun  5 20:04:07 2020 rev:313 rq:811277 version:77.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-05-14 23:24:06.424890973 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3606/MozillaFirefox.changes  
2020-06-05 20:05:35.768916295 +0200
@@ -1,0 +2,40 @@
+Wed Jun  3 21:39:11 UTC 2020 - Andreas Stieger 
+
+- Mozilla Firefox 77.0.1
+  * Disable automatic selection of DNS over HTTPS providers during
+a test to enable wider deployment in a more controlled way
+(bmo#1642723)
+
+---
+Fri May 29 11:49:36 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 77.0
+  * view and manage web certificates more easily on the new
+about:certificate page
+  * improvements in accessibility
+  * significant improvements to JavaScript debugging
+  MFSA 2020-20 (bsc#1172402)
+  * CVE-2020-12399 (bmo#1631576)
+Timing attack on DSA signatures in NSS library
+(fixed with external NSS >= 3.52.1)
+  * CVE-2020-12405 (bmo#1631618)
+Use-after-free in SharedWorkerService
+  * CVE-2020-12406 (bmo#1639590)
+JavaScript type confusion with NativeTypes
+  * CVE-2020-12407 (bmo#1637112)
+WebRender leaking GPU memory when using border-image CSS
+directive
+  * CVE-2020-12408 (bmo#1623888)
+URL spoofing when using IP addresses
+  * CVE-2020-12409 (bmo#1619305, bmo#1632717)
+Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9
+  * CVE-2020-12411 (bmo#1620972, bmo#1625333)
+Memory safety bugs fixed in Firefox 77
+- requires
+  * NSS >= 3.52.1
+  * rust-cbindgen >= 1.14.1
+  * clang >= 5
+- added mozilla-bmo1634646.patch as part of fixing PGO build
+  (still not working)
+
+---

Old:

  firefox-76.0.1.source.tar.xz
  firefox-76.0.1.source.tar.xz.asc
  l10n-76.0.1.tar.xz

New:

  firefox-77.0.1.source.tar.xz
  firefox-77.0.1.source.tar.xz.asc
  l10n-77.0.1.tar.xz
  mozilla-bmo1634646.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.pS9p2K/_old  2020-06-05 20:08:03.141314210 +0200
+++ /var/tmp/diff_new_pack.pS9p2K/_new  2020-06-05 20:08:03.145314223 +0200
@@ -18,18 +18,18 @@
 
 
 # changed with every update
-%define major  76
+%define major  77
 %define mainver%major.0.1
-%define orig_version   76.0.1
+%define orig_version   77.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
 %define devpkg 1
 
-# disable for FF73 for now as it fails for unknown reason
+# PGO builds do not work in TW currently (bmo#1642410)
 %define do_profiling   0
 
-# always build with GCC as SUSE Security Team requires that
+# upstream default is clang (to use gcc for large parts set to 0)
 %define clang_build 0
 
 # PIE, full relro
@@ -84,14 +84,14 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.25
-BuildRequires:  mozilla-nss-devel >= 3.51.1
+BuildRequires:  mozilla-nss-devel >= 3.52.1
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs10 >= 10.19.0
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5
 BuildRequires:  rust >= 1.41
-BuildRequires:  rust-cbindgen >= 0.13.1
+BuildRequires:  rust-cbindgen >= 0.14.1
 BuildRequires:  startup-notification-devel
 BuildRequires:  unzip
 BuildRequires:  update-desktop-files
@@ -104,6 +104,7 @@
 %if 0%{?suse_version} < 1550
 BuildRequires:  pkgconfig(gconf-2.0) >= 1.2.1
 %endif
+BuildRequires:  clang-devel >= 5
 BuildRequires:  pkgconfig(gdk-x11-2.0)
 BuildRequires:  pkgconfig(glib-2.0) >= 2.22
 BuildRequires:  pkgconfig(gobject-2.0)
@@ -113,12 +114,6 @@
 BuildRequires:  pkgconfig(gtk+-unix-print-3.0)
 BuildRequires:  pkgconfig(libffi)
 BuildRequires:  pkgconfig(libpulse)
-%if 0%{?suse_version} > 1320
-BuildRequires:  llvm-clang-devel >= 3.9.0
-%else
-# this covers the workaround to compile on Leap 42 in OBS
-BuildRequires:  clang4-devel
-%endif
 # libavcodec is required for H.264 support but the
 # openSUSE version is currently not able to play H.264
 # therefore the Packman version is required
@@ -186,6 +181,7 @@
 Patch20:mozilla-fix-top-level-asm.patch
 Patch21:mozilla-bmo1504834-part4.patch
 Patch22:mozilla-bmo849632.patch
+Patch23:mozilla-bmo1634646.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-05-14 23:23:59

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2738 (New)


Package is "MozillaFirefox"

Thu May 14 23:23:59 2020 rev:312 rq:805460 version:76.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-05-07 17:51:10.281354991 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2738/MozillaFirefox.changes  
2020-05-14 23:24:06.424890973 +0200
@@ -1,0 +2,13 @@
+Wed May 13 12:21:13 UTC 2020 - Michel Normand 
+
+- change again _constraints for ppc64le use 
+  and increase limit_build in spec file to reduce max_jobs.
+
+---
+Sat May  9 11:45:39 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 76.0.1
+  * Fixed a bug causing some add-ons such as Amazon Assistant to see
+multiple onConnect events, impairing functionality (bmo#1635637)
+
+---

Old:

  firefox-76.0.source.tar.xz
  firefox-76.0.source.tar.xz.asc
  l10n-76.0.tar.xz

New:

  firefox-76.0.1.source.tar.xz
  firefox-76.0.1.source.tar.xz.asc
  l10n-76.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.KF8Opa/_old  2020-05-14 23:24:28.136938354 +0200
+++ /var/tmp/diff_new_pack.KF8Opa/_new  2020-05-14 23:24:28.140938363 +0200
@@ -19,8 +19,8 @@
 
 # changed with every update
 %define major  76
-%define mainver%major.0
-%define orig_version   76.0
+%define mainver%major.0.1
+%define orig_version   76.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -382,7 +382,11 @@
 echo ""
 cat << EOF
 %else
+%ifarch ppc64 ppc64le
+%limit_build -m 2500
+%else
 %limit_build -m 2000
+%endif
 cat << EOF > $MOZCONFIG
 %endif
 mk_add_options MOZILLA_OFFICIAL=1

++ _constraints ++
--- /var/tmp/diff_new_pack.KF8Opa/_old  2020-05-14 23:24:28.224938546 +0200
+++ /var/tmp/diff_new_pack.KF8Opa/_new  2020-05-14 23:24:28.224938546 +0200
@@ -50,9 +50,9 @@
   
 25
   
-  
+  
 10
-  
+  
 
   
 

++ firefox-76.0.source.tar.xz -> firefox-76.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-76.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2738/firefox-76.0.1.source.tar.xz
 differ: char 15, line 1

++ l10n-76.0.tar.xz -> l10n-76.0.1.tar.xz ++

++ tar_stamps ++
--- /var/tmp/diff_new_pack.KF8Opa/_old  2020-05-14 23:24:28.516939183 +0200
+++ /var/tmp/diff_new_pack.KF8Opa/_new  2020-05-14 23:24:28.516939183 +0200
@@ -1,11 +1,11 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="76.0"
+VERSION="76.0.1"
 VERSION_SUFFIX=""
 PREV_VERSION="76.0"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="cf326ad0bb298ee24b1abd9b1cb6513af4fa04ba"
-RELEASE_TIMESTAMP="20200429185419"
+RELEASE_TAG="e2de5f11bc0afd9a3024d32b83cb9f0ada95717a"
+RELEASE_TIMESTAMP="20200507114007"

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-05-07 17:51:04

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2738 (New)


Package is "MozillaFirefox"

Thu May  7 17:51:04 2020 rev:311 rq:800451 version:76.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-04-13 12:49:23.200540101 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2738/MozillaFirefox.changes  
2020-05-07 17:51:10.281354991 +0200
@@ -1,0 +2,39 @@
+Fri May  1 11:59:58 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 76.0
+  * Lockwise improvements
+  * Improvements in Picture-in-Picture feature
+  * Support Audio Worklets
+  MFSA-2020-16 (bsc#1171186)
+  * CVE-2020-12387 (bmo#1545345)
+Use-after-free during worker shutdown
+  * CVE-2020-12388 (bmo#1618911)
+Sandbox escape with improperly guarded Access Tokens
+  * CVE-2020-12389 (bmo#1554110)
+Sandbox escape with improperly separated process types
+  * CVE-2020-6831 (bmo#1632241)
+Buffer overflow in SCTP chunk input validation
+  * CVE-2020-12390 (bmo#1141959)
+Incorrect serialization of nsIPrincipal.origin for IPv6 addresses
+  * CVE-2020-12391 (bmo#1457100)
+Content-Security-Policy bypass using object elements
+  * CVE-2020-12392 (bmo#1614468)
+Arbitrary local file access with 'Copy as cURL'
+  * CVE-2020-12393 (bmo#1615471)
+Devtools' 'Copy as cURL' feature did not fully escape
+website-controlled data, potentially leading to command injection
+  * CVE-2020-12394 (bmo#1628288)
+URL spoofing in location bar when unfocussed
+  * CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098,
+bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508)
+Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
+  * CVE-2020-12396 (bmo#1339601, bmo#1611938, bmo#1620488,
+bmo#1622291, bmo#1627644)
+Memory safety bugs fixed in Firefox 76
+- requires
+  * NSS >= 3.51.1
+  * nasm >= 2.14
+- removed obsolete patch mozilla-bmo1622013.patch
+- fix URI creation for KDE file selector integration (boo#1160331)
+
+---

Old:

  firefox-75.0.source.tar.xz
  firefox-75.0.source.tar.xz.asc
  l10n-75.0.tar.xz
  mozilla-bmo1622013.patch

New:

  firefox-76.0.source.tar.xz
  firefox-76.0.source.tar.xz.asc
  l10n-76.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.gbsyCN/_old  2020-05-07 17:51:39.133416177 +0200
+++ /var/tmp/diff_new_pack.gbsyCN/_new  2020-05-07 17:51:39.137416185 +0200
@@ -18,9 +18,9 @@
 
 
 # changed with every update
-%define major  75
+%define major  76
 %define mainver%major.0
-%define orig_version   75.0
+%define orig_version   76.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -84,8 +84,8 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.25
-BuildRequires:  mozilla-nss-devel >= 3.51
-BuildRequires:  nasm >= 2.13
+BuildRequires:  mozilla-nss-devel >= 3.51.1
+BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs10 >= 10.19.0
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
@@ -186,7 +186,6 @@
 Patch20:mozilla-fix-top-level-asm.patch
 Patch21:mozilla-bmo1504834-part4.patch
 Patch22:mozilla-bmo849632.patch
-Patch23:mozilla-bmo1622013.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -322,7 +321,6 @@
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
-%patch23 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1
@@ -662,7 +660,6 @@
 %{progdir}/browser/defaults
 %{progdir}/browser/features/
 %{progdir}/browser/chrome/icons
-%{progdir}/browser/blocklist.xml
 %{progdir}/browser/omni.ja
 %dir %{progdir}/distribution/
 %{progdir}/distribution/extensions/

++ firefox-75.0.source.tar.xz -> firefox-76.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-75.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2738/firefox-76.0.source.tar.xz 
differ: char 15, line 1

++ l10n-75.0.tar.xz -> l10n-76.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-75.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.2738/l10n-76.0.tar.xz differ: 
char 26, line 1

++ mozilla-bmo1463035.patch ++
--- /var/tmp/diff_new_pack.gbsyCN/_old  2020-05-07 17:51:39.365416669 +0200
+++ /var/tmp/diff_new_pack.gbsyCN/_new  2020-05-07 17:51:39.365416669 +0200
@@ -3,7 +3,7 @@
 # User Mike Hommey 
 # Date 1526871862 -32400
 # Node ID 94f21505ff13cd089f7129cd24927cf8b31a0f43
-# Parent  

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-04-13 12:49:21

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3248 (New)


Package is "MozillaFirefox"

Mon Apr 13 12:49:21 2020 rev:310 rq:792914 version:75.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-04-05 20:50:15.596994035 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3248/MozillaFirefox.changes  
2020-04-13 12:49:23.200540101 +0200
@@ -1,0 +2,35 @@
+Tue Apr  7 12:18:27 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 75.0
+  * https://www.mozilla.org/en-US/firefox/75.0/releasenotes
+  MFSA 2020-12 (bsc#1168874)
+  * CVE-2020-6821 (bmo#1625404)
+Uninitialized memory could be read when using the WebGL
+copyTexSubImage method
+  * CVE-2020-6822 (bmo#1544181)
+Out of bounds write in GMPDecodeData when processing large images
+  * CVE-2020-6823 (bmo#1614919)
+Malicious Extension could obtain auth codes from OAuth login flows
+  * CVE-2020-6824 (bmo#1621853)
+Generated passwords may be identical on the same site between
+separate private browsing sessions
+  * CVE-2020-6825 (bmo#1572541,bmo#1620193,bmo#1620203)
+Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7
+  * CVE-2020-6826 (bmo#1613009,bmo#1613195,bmo#1616734,bmo#1617488,
+bmo#1619229,bmo#1620719,bmo#1624897)
+Memory safety bugs fixed in Firefox 75
+- removed obsolete patch
+  mozilla-bmo1609538.patch
+- requires
+  * rust >= 1.41
+  * rust-cbindgen >= 0.13.1
+  * mozilla-nss >= 3.51
+  * nodejs10 >= 10.19
+- fix build issue in libvpx for i586 via mozilla-bmo1622013.patch
+
+---
+Mon Apr  6 11:19:24 UTC 2020 - Michel Normand 
+
+- increase _constraints memory for ppc64le
+
+---

Old:

  firefox-74.0.1.source.tar.xz
  firefox-74.0.1.source.tar.xz.asc
  l10n-74.0.1.tar.xz
  mozilla-bmo1609538.patch

New:

  firefox-75.0.source.tar.xz
  firefox-75.0.source.tar.xz.asc
  l10n-75.0.tar.xz
  mozilla-bmo1622013.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.l144RN/_old  2020-04-13 12:49:44.060551852 +0200
+++ /var/tmp/diff_new_pack.l144RN/_new  2020-04-13 12:49:44.064551855 +0200
@@ -18,9 +18,9 @@
 
 
 # changed with every update
-%define major  74
-%define mainver%major.0.1
-%define orig_version   74.0.1
+%define major  75
+%define mainver%major.0
+%define orig_version   75.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -75,7 +75,7 @@
 %else
 BuildRequires:  gcc-c++
 %endif
-BuildRequires:  cargo >= 1.39
+BuildRequires:  cargo >= 1.41
 BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
@@ -84,14 +84,14 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.25
-BuildRequires:  mozilla-nss-devel >= 3.50
+BuildRequires:  mozilla-nss-devel >= 3.51
 BuildRequires:  nasm >= 2.13
-BuildRequires:  nodejs8 >= 8.11
+BuildRequires:  nodejs10 >= 10.19.0
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5
-BuildRequires:  rust >= 1.39
-BuildRequires:  rust-cbindgen >= 0.13.0
+BuildRequires:  rust >= 1.41
+BuildRequires:  rust-cbindgen >= 0.13.1
 BuildRequires:  startup-notification-devel
 BuildRequires:  unzip
 BuildRequires:  update-desktop-files
@@ -186,7 +186,7 @@
 Patch20:mozilla-fix-top-level-asm.patch
 Patch21:mozilla-bmo1504834-part4.patch
 Patch22:mozilla-bmo849632.patch
-Patch23:mozilla-bmo1609538.patch
+Patch23:mozilla-bmo1622013.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch

++ _constraints ++
--- /var/tmp/diff_new_pack.l144RN/_old  2020-04-13 12:49:44.140551898 +0200
+++ /var/tmp/diff_new_pack.l144RN/_new  2020-04-13 12:49:44.140551898 +0200
@@ -42,4 +42,17 @@
   
 
   
+  
+
+  ppc64le
+
+
+  
+25
+  
+  
+10
+  
+
+  
 

++ firefox-74.0.1.source.tar.xz -> firefox-75.0.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-74.0.1.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.3248/firefox-75.0.source.tar.xz 
differ: char 15, line 1

++ l10n-74.0.1.tar.xz -> l10n-75.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-74.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.3248/l10n-75.0.tar.xz differ: 
char 26, line 1

++ 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-04-05 20:49:59

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3248 (New)


Package is "MozillaFirefox"

Sun Apr  5 20:49:59 2020 rev:309 rq:791372 version:74.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-03-26 23:30:34.630716610 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3248/MozillaFirefox.changes  
2020-04-05 20:50:15.596994035 +0200
@@ -1,0 +2,10 @@
+Fri Apr  3 15:23:28 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 74.0.1
+  MFSA 2020-11 (boo#1168630)
+  * CVE-2020-6819 (bmo#1620818)
+Use-after-free while running the nsDocShell destructor
+  * CVE-2020-6820 (bmo#1626728)
+Use-after-free when handling a ReadableStream
+
+---

Old:

  firefox-74.0.source.tar.xz
  firefox-74.0.source.tar.xz.asc
  l10n-74.0.tar.xz

New:

  firefox-74.0.1.source.tar.xz
  firefox-74.0.1.source.tar.xz.asc
  l10n-74.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.uBHC3l/_old  2020-04-05 20:50:41.053018389 +0200
+++ /var/tmp/diff_new_pack.uBHC3l/_new  2020-04-05 20:50:41.053018389 +0200
@@ -19,8 +19,8 @@
 
 # changed with every update
 %define major  74
-%define mainver%major.0
-%define orig_version   74.0
+%define mainver%major.0.1
+%define orig_version   74.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1

++ firefox-74.0.source.tar.xz -> firefox-74.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-74.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.3248/firefox-74.0.1.source.tar.xz
 differ: char 15, line 1

++ l10n-74.0.tar.xz -> l10n-74.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-74.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.3248/l10n-74.0.1.tar.xz differ: 
char 26, line 1

++ tar_stamps ++
--- /var/tmp/diff_new_pack.uBHC3l/_old  2020-04-05 20:50:41.337018661 +0200
+++ /var/tmp/diff_new_pack.uBHC3l/_new  2020-04-05 20:50:41.341018665 +0200
@@ -1,11 +1,11 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="74.0"
+VERSION="74.0.1"
 VERSION_SUFFIX=""
-PREV_VERSION="73.0.1"
+PREV_VERSION="74.0"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="c6e493873ba543907dadabb42b64208a3679d43d"
-RELEASE_TIMESTAMP="20200309095159"
+RELEASE_TAG="63afe468c6a580c6c01623fd60c8393fc2c2a4e0"
+RELEASE_TIMESTAMP="20200403064753"

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-03-26 23:30:31

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3160 (New)


Package is "MozillaFirefox"

Thu Mar 26 23:30:31 2020 rev:308 rq:788189 version:74.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-03-18 12:16:41.571815559 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3160/MozillaFirefox.changes  
2020-03-26 23:30:34.630716610 +0100
@@ -1,0 +2,7 @@
+Wed Mar 25 07:30:39 UTC 2020 - Marcus Meissner 
+
+- mozilla-sandbox-fips.patch: allow /proc/sys/crypto/fips_enabled
+  to be read, as openssl 1.1.1 FIPS aborts if it cannot access it
+  (bsc#1167132)
+
+---

New:

  mozilla-sandbox-fips.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.UbNEbi/_old  2020-03-26 23:30:40.146718602 +0100
+++ /var/tmp/diff_new_pack.UbNEbi/_new  2020-03-26 23:30:40.146718602 +0100
@@ -169,6 +169,7 @@
 Patch3: mozilla-ntlm-full-path.patch
 Patch4: mozilla-aarch64-startup-crash.patch
 Patch5: mozilla-bmo1463035.patch
+Patch6: mozilla-sandbox-fips.patch
 Patch7: mozilla-fix-aarch64-libopus.patch
 Patch8: mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
 Patch9: mozilla-s390-context.patch
@@ -302,6 +303,7 @@
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1


++ mozilla-sandbox-fips.patch ++
From: meiss...@suse.com
Subject: allow Firefox to access addtional process information
Reference: http://bugzilla.suse.com/show_bug.cgi?id=1167132

Index: firefox-74.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
===
--- 
firefox-74.0.orig/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
+++ firefox-74.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
@@ -276,6 +276,7 @@ SandboxBrokerPolicyFactory::SandboxBroke
 
   // Read permissions
   policy->AddPath(rdonly, "/dev/urandom");
+  policy->AddPath(rdonly, "/proc/sys/crypto/fips_enabled");
   policy->AddPath(rdonly, "/proc/cpuinfo");
   policy->AddPath(rdonly, "/proc/meminfo");
   policy->AddDir(rdonly, "/sys/devices/cpu");

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-03-18 12:16:26

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3160 (New)


Package is "MozillaFirefox"

Wed Mar 18 12:16:26 2020 rev:307 rq:784530 version:74.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-02-29 21:20:44.490068501 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.3160/MozillaFirefox.changes  
2020-03-18 12:16:41.571815559 +0100
@@ -1,0 +2,48 @@
+Sat Mar  7 08:51:06 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 74.0
+  * https://www.mozilla.org/en-US/firefox/74.0/releasenotes/
+  MFSA 2020-08 (bsc#1166238)
+  * CVE-2020-6805 (bmo#1610880)
+Use-after-free when removing data about origins
+  * CVE-2020-6806 (bmo#1612308)
+BodyStream::OnInputStreamReady was missing protections against
+state confusion
+  * CVE-2020-6807 (bmo#1614971)
+Use-after-free in cubeb during stream destruction
+  * CVE-2020-6808 (bmo#1247968)
+URL Spoofing via javascript: URL
+  * CVE-2020-6809 (bmo#1420296)
+Web Extensions with the all-urls permission could access local
+files
+  * CVE-2020-6810 (bmo#1432856)
+Focusing a popup while in fullscreen could have obscured the
+fullscreen notification
+  * CVE-2020-6811 (bmo#1607742)
+Devtools' 'Copy as cURL' feature did not fully escape
+website-controlled data, potentially leading to command injection
+  * CVE-2019-20503 (bmo#1613765)
+Out of bounds reads in sctp_load_addresses_from_init
+  * CVE-2020-6812 (bmo#1616661)
+The names of AirPods with personally identifiable information
+were exposed to websites with camera or microphone permission
+  * CVE-2020-6813 (bmo#1605814)
+@import statements in CSS could bypass the Content Security
+Policy nonce feature
+  * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636,
+bmo#1614339)
+Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6
+  * CVE-2020-6815 (bmo#1181957,bmo#1557732,bmo#1557739,bmo#1611457,
+bmo#1612431)
+Memory and script safety bugs fixed in Firefox 74
+- requires
+  * NSPR 4.25
+  * NSS 3.50
+  * rust-cbindgen 0.13.0
+- removed obsolete patches
+  mozilla-bmo1610814.patch
+  mozilla-cubeb-noreturn.patch
+- add mozilla-bmo1609538.patch to fix wayland issues with mutter 3.36
+  (bmo#1609538, boo#1166471)
+
+---

Old:

  firefox-73.0.1.source.tar.xz
  firefox-73.0.1.source.tar.xz.asc
  l10n-73.0.1.tar.xz
  mozilla-bmo1610814.patch
  mozilla-cubeb-noreturn.patch

New:

  firefox-74.0.source.tar.xz
  firefox-74.0.source.tar.xz.asc
  l10n-74.0.tar.xz
  mozilla-bmo1609538.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.q2qbDI/_old  2020-03-18 12:21:35.544054065 +0100
+++ /var/tmp/diff_new_pack.q2qbDI/_new  2020-03-18 12:21:35.544054065 +0100
@@ -18,9 +18,9 @@
 
 
 # changed with every update
-%define major  73
-%define mainver%major.0.1
-%define orig_version   73.0.1
+%define major  74
+%define mainver%major.0
+%define orig_version   74.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -83,15 +83,15 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.24
-BuildRequires:  mozilla-nss-devel >= 3.49.2
+BuildRequires:  mozilla-nspr-devel >= 4.25
+BuildRequires:  mozilla-nss-devel >= 3.50
 BuildRequires:  nasm >= 2.13
 BuildRequires:  nodejs8 >= 8.11
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5
 BuildRequires:  rust >= 1.39
-BuildRequires:  rust-cbindgen >= 0.12.0
+BuildRequires:  rust-cbindgen >= 0.13.0
 BuildRequires:  startup-notification-devel
 BuildRequires:  unzip
 BuildRequires:  update-desktop-files
@@ -169,7 +169,6 @@
 Patch3: mozilla-ntlm-full-path.patch
 Patch4: mozilla-aarch64-startup-crash.patch
 Patch5: mozilla-bmo1463035.patch
-Patch6: mozilla-cubeb-noreturn.patch
 Patch7: mozilla-fix-aarch64-libopus.patch
 Patch8: mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
 Patch9: mozilla-s390-context.patch
@@ -186,7 +185,7 @@
 Patch20:mozilla-fix-top-level-asm.patch
 Patch21:mozilla-bmo1504834-part4.patch
 Patch22:mozilla-bmo849632.patch
-Patch23:mozilla-bmo1610814.patch
+Patch23:mozilla-bmo1609538.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -303,7 +302,6 @@
 %patch3 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-02-29 21:20:30

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092 (New)


Package is "MozillaFirefox"

Sat Feb 29 21:20:30 2020 rev:306 rq:779878 version:73.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-02-25 16:03:34.948260568 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092/MozillaFirefox.changes 
2020-02-29 21:20:44.490068501 +0100
@@ -1,0 +2,11 @@
+Wed Feb 26 08:12:00 UTC 2020 - Wolfgang Rosenauer 
+
+- big endian fixes
+
+---
+Tue Feb 25 14:17:00 UTC 2020 - Guillaume GARDET 
+
+- Fix build on aarch64/armv7 with:
+  * mozilla-bmo1610814.patch (boo#1164845, bmo#1610814)
+
+---
@@ -10 +21 @@
-(bmo#1614535)
+(bmo#1614535, boo#1164646)

New:

  mozilla-bmo1610814.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.jw9xvH/_old  2020-02-29 21:21:03.994107098 +0100
+++ /var/tmp/diff_new_pack.jw9xvH/_new  2020-02-29 21:21:03.994107098 +0100
@@ -186,6 +186,7 @@
 Patch20:mozilla-fix-top-level-asm.patch
 Patch21:mozilla-bmo1504834-part4.patch
 Patch22:mozilla-bmo849632.patch
+Patch23:mozilla-bmo1610814.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -321,6 +322,7 @@
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
+%patch23 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1


++ mozilla-bmo1504834-part2.patch ++
--- /var/tmp/diff_new_pack.jw9xvH/_old  2020-02-29 21:21:05.850110771 +0100
+++ /var/tmp/diff_new_pack.jw9xvH/_new  2020-02-29 21:21:05.850110771 +0100
@@ -23,7 +23,7 @@
 +
  void ConvolutionFilter::ConvolveHorizontally(const uint8_t* aSrc, uint8_t* 
aDst,
   bool aHasAlpha) {
-+#if MOZ_BIG_ENDIAN
++#if MOZ_BIG_ENDIAN()
 +int outputSize = mFilter->numValues();
 +
 +// Input size isn't handed in, so we have to calculate it quickly
@@ -40,7 +40,7 @@
 +
SkOpts::convolve_horizontally(aSrc, *mFilter, aDst, aHasAlpha);
 +
-+#if MOZ_BIG_ENDIAN
++#if MOZ_BIG_ENDIAN()
 +ByteSwapArray((uint8_t*)aSrc, inputSize);
 +ByteSwapArray(aDst, outputSize);
 +#endif
@@ -52,7 +52,7 @@
auto filterValues =
mFilter->FilterForValue(aRowIndex, , );
 +
-+#if MOZ_BIG_ENDIAN
++#if MOZ_BIG_ENDIAN()
 +  for (int filterY = 0; filterY < filterLength; filterY++) {
 +  // Skia only knows LE, so we have to swizzle the input
 +ByteSwapArray(aSrc[filterY], aRowSize);
@@ -62,7 +62,7 @@
SkOpts::convolve_vertically(filterValues, filterLength, aSrc, aRowSize, 
aDst,
aHasAlpha);
 +
-+#if MOZ_BIG_ENDIAN
++#if MOZ_BIG_ENDIAN()
 +  // After skia is finished, we swizzle back to BE, in case
 +  // the input is used again somewhere else
 +  for (int filterY = 0; filterY < filterLength; filterY++) {

++ mozilla-bmo1504834-part4.patch ++
--- /var/tmp/diff_new_pack.jw9xvH/_old  2020-02-29 21:21:05.858110787 +0100
+++ /var/tmp/diff_new_pack.jw9xvH/_new  2020-02-29 21:21:05.858110787 +0100
@@ -17,7 +17,7 @@
SkCanvas::kPreserveLCDText_SaveLayerFlag |
(aCopyBackground ? SkCanvas::kInitWithPrevious_SaveLayerFlag : 0));
  
-+#if MOZ_BIG_ENDIAN
++#if MOZ_BIG_ENDIAN()
 +  // Pushing a layer where an aMask is defined produces wrong output.
 +  // We _should_ endian swap the data, but I couldn't find a workable way to 
do so
 +  // Therefore I deactivate those layers in the meantime.

++ mozilla-bmo1610814.patch ++

# HG changeset patch
# User Andrew Osmond 
# Date 1579706360 0
# Node ID b3d8b08265b800165d684281d19ac845a8ff9a66
# Parent  50c371b37a9fcd994a5866db73bd0d078e19f95d
Bug 1610814 - Fix NEON compile error with gcc and RGB unpacking. r=lsalzman

This patch makes us use the correct intrinsic for loading a uint8x16
register. It is not entirely clear why clang accepts this without
complaint but beyond the types, it should be equivalent.

Differential Revision: https://phabricator.services.mozilla.com/D60667

diff --git a/gfx/2d/SwizzleNEON.cpp b/gfx/2d/SwizzleNEON.cpp
--- a/gfx/2d/SwizzleNEON.cpp
+++ b/gfx/2d/SwizzleNEON.cpp
@@ -407,25 +407,25 @@ void UnpackRowRGB24_NEON(const uint8_t* 
   }
 
   uint8x16_t alpha = vreinterpretq_u8_u32(vdupq_n_u32(0xFF00));
 
   // Process all 4-pixel chunks as one vector.
   src -= 4 * 3;
   dst -= 4 * 4;
   while (src >= aSrc) {
-uint8x16_t px = vld1q_u16(reinterpret_cast(src));
+uint8x16_t px = vld1q_u8(src);
 // 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-02-25 16:02:36

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092 (New)


Package is "MozillaFirefox"

Tue Feb 25 16:02:36 2020 rev:305 rq:777864 version:73.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-02-14 16:29:31.367325748 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092/MozillaFirefox.changes 
2020-02-25 16:03:34.948260568 +0100
@@ -1,0 +2,12 @@
+Thu Feb 20 13:40:59 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 73.0.1
+  * Resolved problems connecting to the RBC Royal Bank website
+(bmo#1613943)
+  * Fixed Firefox unexpectedly exiting when leaving Print Preview mode
+(bmo#1611133)
+  * Fixed crashes when playing encrypted content on some Linux systems
+(bmo#1614535)
+- start in wayland mode when running under wayland session
+
+---

Old:

  firefox-73.0.source.tar.xz
  firefox-73.0.source.tar.xz.asc
  l10n-73.0.tar.xz

New:

  firefox-73.0.1.source.tar.xz
  firefox-73.0.1.source.tar.xz.asc
  l10n-73.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.RYmnGS/_old  2020-02-25 16:04:04.144316814 +0100
+++ /var/tmp/diff_new_pack.RYmnGS/_new  2020-02-25 16:04:04.148316815 +0100
@@ -19,8 +19,8 @@
 
 # changed with every update
 %define major  73
-%define mainver%major.0
-%define orig_version   73.0
+%define mainver%major.0.1
+%define orig_version   73.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1

++ firefox-73.0.source.tar.xz -> firefox-73.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-73.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092/firefox-73.0.1.source.tar.xz
 differ: char 15, line 1

++ l10n-73.0.tar.xz -> l10n-73.0.1.tar.xz ++

++ mozilla.sh.in ++
--- /var/tmp/diff_new_pack.RYmnGS/_old  2020-02-25 16:04:04.464316905 +0100
+++ /var/tmp/diff_new_pack.RYmnGS/_new  2020-02-25 16:04:04.468316906 +0100
@@ -81,6 +81,12 @@
 # disable Gnome crash dialog (doesn't make sense anyway)
 export GNOME_DISABLE_CRASH_DIALOG=1
 
+# Wayland
+# $XDG_SESSION_TYPE should contain either x11 or wayland
+if [ "$XDG_SESSION_TYPE" = "wayland" ]; then
+  export MOZ_ENABLE_WAYLAND=1
+fi
+
 # enable xinput2 (boo#1032003)
 # breaks too many things right now (boo#1053959)
 #export MOZ_USE_XINPUT2=1

++ tar_stamps ++
--- /var/tmp/diff_new_pack.RYmnGS/_old  2020-02-25 16:04:04.492316914 +0100
+++ /var/tmp/diff_new_pack.RYmnGS/_new  2020-02-25 16:04:04.492316914 +0100
@@ -1,11 +1,11 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="73.0"
+VERSION="73.0.1"
 VERSION_SUFFIX=""
 PREV_VERSION="73.0"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="816e7f29478180f322fb4731df776d3b7854f0f8"
-RELEASE_TIMESTAMP="20200207195153"
+RELEASE_TAG="5b0905233e5d29d9fbad98c1380030387cda5dd9"
+RELEASE_TIMESTAMP="20200217142647"

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-02-14 16:29:09

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092 (New)


Package is "MozillaFirefox"

Fri Feb 14 16:29:09 2020 rev:304 rq:773730 version:73.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-02-06 13:06:21.580275244 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092/MozillaFirefox.changes 
2020-02-14 16:29:31.367325748 +0100
@@ -1,0 +2,40 @@
+Sun Feb  9 07:45:00 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 73.0
+  * Added support for setting a default zoom level applicable for all
+web content
+  * High-contrast mode has been updated to allow background images
+  * Improved audio quality when playing back audio at a faster or
+slower speed
+  * Added NextDNS as alternative option for DNS over HTTPS
+  MFSA 2020-05 (bsc#1163368)
+  * CVE-2020-6796 (bmo#1610426)
+Missing bounds check on shared memory read in the parent process
+  * CVE-2020-6797 (bmo#1596668) (MacOS X only)
+Extensions granted downloads.open permission could open arbitrary
+applications on Mac OSX
+  * CVE-2020-6798 (bmo#1602944)
+Incorrect parsing of template tag could result in JavaScript injection
+  * CVE-2020-6799 (bmo#1606596) (Windows only)
+Arbitrary code execution when opening pdf links from other
+applications, when Firefox is configured as default pdf reader
+  * CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
+bmo#1608580,bmo#1608785,bmo#1605777)
+Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
+  * CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
+Memory safety bugs fixed in Firefox 73
+- updated requirements
+  * rust >= 1.39
+  * NSS >= 3.49.2
+  * rust-cbindgen >= 0.12.0
+- rebased patches
+- removed obsolete patch
+  * mozilla-bmo1601707.patch
+- switched to cairo-gtk3-wayland build
+  (to fully enable wayland MOZ_ENABLE_WAYLAND=1 needs to be set)
+- disabled elfhack due to failing packager
+  https://github.com/openSUSE/firefox-maintenance/issues/28
+- disabled PGO due to build failure
+  https://github.com/openSUSE/firefox-maintenance/issues/29
+
+---

Old:

  firefox-72.0.2.source.tar.xz
  firefox-72.0.2.source.tar.xz.asc
  l10n-72.0.2.tar.xz
  mozilla-bmo1601707.patch

New:

  firefox-73.0.source.tar.xz
  firefox-73.0.source.tar.xz.asc
  l10n-73.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.aK16hN/_old  2020-02-14 16:29:57.567339969 +0100
+++ /var/tmp/diff_new_pack.aK16hN/_new  2020-02-14 16:29:57.567339969 +0100
@@ -2,7 +2,7 @@
 # spec file for package MozillaFirefox
 #
 # Copyright (c) 2020 SUSE LLC
-#   2006-2019 Wolfgang Rosenauer 
+#   2006-2020 Wolfgang Rosenauer 
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,14 +18,17 @@
 
 
 # changed with every update
-%define major  72
-%define mainver%major.0.2
-%define orig_version   72.0.2
+%define major  73
+%define mainver%major.0
+%define orig_version   73.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
 %define devpkg 1
 
+# disable for FF73 for now as it fails for unknown reason
+%define do_profiling   0
+
 # always build with GCC as SUSE Security Team requires that
 %define clang_build 0
 
@@ -72,7 +75,7 @@
 %else
 BuildRequires:  gcc-c++
 %endif
-BuildRequires:  cargo >= 1.37
+BuildRequires:  cargo >= 1.39
 BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
@@ -81,14 +84,14 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.24
-BuildRequires:  mozilla-nss-devel >= 3.48
+BuildRequires:  mozilla-nss-devel >= 3.49.2
 BuildRequires:  nasm >= 2.13
 BuildRequires:  nodejs8 >= 8.11
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5
-BuildRequires:  rust >= 1.37
-BuildRequires:  rust-cbindgen >= 0.9.1
+BuildRequires:  rust >= 1.39
+BuildRequires:  rust-cbindgen >= 0.12.0
 BuildRequires:  startup-notification-devel
 BuildRequires:  unzip
 BuildRequires:  update-desktop-files
@@ -183,7 +186,6 @@
 Patch20:mozilla-fix-top-level-asm.patch
 Patch21:mozilla-bmo1504834-part4.patch
 Patch22:mozilla-bmo849632.patch
-Patch23:mozilla-bmo1601707.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-02-06 13:06:19

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092 (New)


Package is "MozillaFirefox"

Thu Feb  6 13:06:19 2020 rev:303 rq:769385 version:72.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-01-24 14:11:26.938415267 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092/MozillaFirefox.changes 
2020-02-06 13:06:21.580275244 +0100
@@ -1,0 +2,6 @@
+Tue Jan 28 07:30:16 UTC 2020 - Stasiek Michalski 
+
+- Use a symbolic icon from branding internals
+- Pixmaps no longer required for the desktops
+
+---



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.iu9dZu/_old  2020-02-06 13:06:26.972278178 +0100
+++ /var/tmp/diff_new_pack.iu9dZu/_new  2020-02-06 13:06:26.976278180 +0100
@@ -576,10 +576,11 @@
 #
 mkdir -p %{buildroot}%{_datadir}/mozilla/extensions/%{firefox_appid}
 mkdir -p %{buildroot}%{_libdir}/mozilla/extensions/%{firefox_appid}
-mkdir -p %{buildroot}/usr/share/pixmaps/
-ln -sf %{progdir}/browser/chrome/icons/default/default128.png 
%{buildroot}/usr/share/pixmaps/%{progname}.png
-ln -sf %{progdir}/browser/chrome/icons/default/default128.png 
%{buildroot}/usr/share/pixmaps/%{progname}-gnome.png
 %if %branding
+# Install symbolic icon for GNOME
+mkdir -p %{buildroot}%{gnome_dir}/share/icons/hicolor/symbolic/apps/
+cp 
%{_builddir}/%{srcname}-%{orig_version}/browser/branding/official/content/identity-icons-brand.svg
 \
+   
%{buildroot}%{gnome_dir}/share/icons/hicolor/symbolic/apps/%{progname}-symbolic.svg
 for size in 16 22 24 32 48 64 128 256; do
 %else
 for size in 16 32 48; do
@@ -693,7 +694,6 @@
 %endif
 %{_datadir}/applications/%{desktop_file_name}.desktop
 %{_datadir}/mime/packages/%{progname}.xml
-%{_datadir}/pixmaps/firefox*
 %dir %{_datadir}/mozilla
 %dir %{_datadir}/mozilla/extensions
 %dir %{_datadir}/mozilla/extensions/%{firefox_appid}

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-01-24 14:11:15

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092 (New)


Package is "MozillaFirefox"

Fri Jan 24 14:11:15 2020 rev:302 rq:766431 version:72.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2020-01-11 14:38:34.089149846 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092/MozillaFirefox.changes 
2020-01-24 14:11:26.938415267 +0100
@@ -1,0 +2,19 @@
+Wed Jan 22 10:30:21 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 72.0.2
+  * Various stability fixes
+  * Fixed issues opening files with spaces in their path (bmo#1601905)
+  * Fixed a hang opening about:logins when a master password is set
+(bmo#1606992)
+  * Fixed a web compatibility issue with CSS Shadow Parts which
+shipped in Firefox 72 (bmo#1604989)
+  * Fixed inconsistent playback performance for fullscreen 1080p
+videos on some systems (bmo#1608485)
+
+---
+Tue Jan 21 12:59:54 UTC 2020 - Guillaume GARDET 
+
+- Fix build for aarch64/ppc64le (do not update config.sub file
+  for libbacktrace)
+
+---

Old:

  firefox-72.0.1.source.tar.xz
  firefox-72.0.1.source.tar.xz.asc
  l10n-72.0.1.tar.xz

New:

  firefox-72.0.2.source.tar.xz
  firefox-72.0.2.source.tar.xz.asc
  l10n-72.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.aDnViA/_old  2020-01-24 14:11:50.030423083 +0100
+++ /var/tmp/diff_new_pack.aDnViA/_new  2020-01-24 14:11:50.034423084 +0100
@@ -19,8 +19,8 @@
 
 # changed with every update
 %define major  72
-%define mainver%major.0.1
-%define orig_version   72.0.1
+%define mainver%major.0.2
+%define orig_version   72.0.2
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -324,8 +324,14 @@
 %patch101 -p1
 %patch102 -p1
 %endif # only_print_mozconfig
+# Save config.sub to restore it (for aarch64/ppc64le) later, as it is checked 
with a checksum
+cp ./third_party/rust/backtrace-sys/src/libbacktrace/config.sub 
./third_party/rust/backtrace-sys/src/libbacktrace/config.sub.save
+cp ./third_party/rust/backtrace-sys/src/libbacktrace/config.guess 
./third_party/rust/backtrace-sys/src/libbacktrace/config.guess.save
 
 %build
+# Restore config.sub file
+mv ./third_party/rust/backtrace-sys/src/libbacktrace/config.sub.save 
./third_party/rust/backtrace-sys/src/libbacktrace/config.sub
+mv ./third_party/rust/backtrace-sys/src/libbacktrace/config.guess.save 
./third_party/rust/backtrace-sys/src/libbacktrace/config.guess
 %if !%{with only_print_mozconfig}
 # no need to add build time to binaries
 modified="$(sed -n '/^/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")"

++ firefox-72.0.1.source.tar.xz -> firefox-72.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-72.0.1.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.26092/firefox-72.0.2.source.tar.xz
 differ: char 15, line 1

++ l10n-72.0.1.tar.xz -> l10n-72.0.2.tar.xz ++

++ tar_stamps ++
--- /var/tmp/diff_new_pack.aDnViA/_old  2020-01-24 14:11:50.338423187 +0100
+++ /var/tmp/diff_new_pack.aDnViA/_new  2020-01-24 14:11:50.342423189 +0100
@@ -1,11 +1,11 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="72.0.1"
+VERSION="72.0.2"
 VERSION_SUFFIX=""
-PREV_VERSION="72.0"
+PREV_VERSION="72.0.1"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release;
-RELEASE_TAG="8260da04c9b13f7c0e9cc6984a75e689b5fcb8c8"
-RELEASE_TIMESTAMP="20200107212822"
+RELEASE_TAG="25e0edbb0a613c3bf794c93ba3aa0985d29d5ef4"
+RELEASE_TIMESTAMP="20200117190643"

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2020-01-11 14:37:56

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.6675 (New)


Package is "MozillaFirefox"

Sat Jan 11 14:37:56 2020 rev:301 rq:762071 version:72.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-12-30 13:49:09.129351992 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.6675/MozillaFirefox.changes  
2020-01-11 14:38:34.089149846 +0100
@@ -1,0 +2,35 @@
+Wed Jan  8 08:19:12 UTC 2020 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 72.0.1
+  MFSA 2020-03 (bsc#1160498)
+  * CVE-2019-17026 (bmo#1607443)
+IonMonkey type confusion with StoreElementHole and FallibleStoreElement
+- Mozilla Firefox 72.0
+  * block fingerprinting scripts by default
+  * new notification pop-ups
+  * Picture-in-picture video
+  MFSA 2020-01 (bsc#1160305)
+  * CVE-2019-17016 (bmo#1599181)
+Bypass of @namespace CSS sanitization during pasting
+  * CVE-2019-17017 (bmo#1603055)
+Type Confusion in XPCVariant.cpp
+  * CVE-2019-17020 (bmo#1597645)
+Content Security Policy not applied to XSL stylesheets applied
+to XML documents
+  * CVE-2019-17022 (bmo#1602843)
+CSS sanitization does not escape HTML tags
+  * CVE-2019-17023 (bmo#1590001) (fixed in NSS FIXME)
+NSS may negotiate TLS 1.2 or below after a TLS 1.3
+HelloRetryRequest had been sent
+  * CVE-2019-17024 (bmo#1507180,bmo#1595470,bmo#1598605,bmo#1601826)
+Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
+  * CVE-2019-17025 (bmo#1328295,bmo#1328300,bmo#1590447,bmo#1590965
+bmo#1595692,bmo#1597321,bmo#1597481)
+Memory safety bugs fixed in Firefox 72
+- update create-tar.sh to skip compare-locales
+- requires NSPR 4.24 and NSS 3.48
+- removed usage of browser-plugins convention for NPAPI plugins
+  from start wrapper and changed the RPM macro to the
+  /usr/$LIB/mozilla/plugins location (boo#1160302)
+
+---

Old:

  firefox-71.0.source.tar.xz
  firefox-71.0.source.tar.xz.asc
  l10n-71.0.tar.xz

New:

  firefox-72.0.1.source.tar.xz
  firefox-72.0.1.source.tar.xz.asc
  l10n-72.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.wdCFIg/_old  2020-01-11 14:38:54.593157957 +0100
+++ /var/tmp/diff_new_pack.wdCFIg/_new  2020-01-11 14:38:54.597157959 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package MozillaFirefox
 #
-# Copyright (c) 2019 SUSE LLC
+# Copyright (c) 2020 SUSE LLC
 #   2006-2019 Wolfgang Rosenauer 
 #
 # All modifications and additions to the file contributed by third parties
@@ -18,9 +18,9 @@
 
 
 # changed with every update
-%define major  71
-%define mainver%major.0
-%define orig_version   71.0
+%define major  72
+%define mainver%major.0.1
+%define orig_version   72.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
@@ -80,8 +80,8 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.23
-BuildRequires:  mozilla-nss-devel >= 3.47.1
+BuildRequires:  mozilla-nspr-devel >= 4.24
+BuildRequires:  mozilla-nss-devel >= 3.48
 BuildRequires:  nasm >= 2.13
 BuildRequires:  nodejs8 >= 8.11
 BuildRequires:  python-devel
@@ -150,7 +150,7 @@
 Source11:   firefox.1
 Source12:   mozilla-get-app-id
 Source13:   spellcheck.js
-Source14:   
https://github.com/openSUSE/firefox-scripts/raw/d414e38/create-tar.sh
+Source14:   
https://github.com/openSUSE/firefox-scripts/raw/8a54002/create-tar.sh
 Source15:   firefox-appdata.xml
 Source16:   %{name}.changes
 # Set up API keys, see http://www.chromium.org/developers/how-tos/api-keys
@@ -603,7 +603,7 @@
 %%firefox_version%{version}
 %%firefox_mainver%{mainver}
 %%firefox_mozillapath%%{_libdir}/%{progname}
-%%firefox_pluginsdir %%{_libdir}/browser-plugins
+%%firefox_pluginsdir %%{_libdir}/mozilla/plugins
 %%firefox_appid  \{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}
 %%firefox_extdir %%(if [ "%%_target_cpu" = "noarch" ]; then echo 
%%{_datadir}/mozilla/extensions/%%{firefox_appid}; else echo 
%%{_libdir}/mozilla/extensions/%%{firefox_appid}; fi)
 

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.wdCFIg/_old  2020-01-11 14:38:54.661157984 +0100
+++ /var/tmp/diff_new_pack.wdCFIg/_new  2020-01-11 14:38:54.661157984 +0100
@@ -14,7 +14,7 @@
 RELEASE_TAG="" # Needs only to be set if no tar-ball can be downloaded
 PREV_VERSION="60.6.3" # Prev. version only 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-12-30 13:48:21

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.6675 (New)


Package is "MozillaFirefox"

Mon Dec 30 13:48:21 2019 rev:300 rq:757910 version:71.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-11-04 17:02:52.980035172 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.6675/MozillaFirefox.changes  
2019-12-30 13:49:09.129351992 +0100
@@ -1,0 +2,50 @@
+Mon Dec  2 08:24:05 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 71.0
+  * Improvements to Lockwise, our integrated password manager
+  * More information about Enhanced Tracking Protection in action
+  * Native MP3 decoding on Windows, Linux, and macOS
+  * Configuration page (about:config) reimplemented in HTML
+  * New kiosk mode functionality, which allows maximum screen space
+for customer-facing displays
+  MFSA 2019-36
+  * CVE-2019-11756 (bmo#1508776)
+Use-after-free of SFTKSession object
+  * CVE-2019-17008 (bmo#1546331)
+Use-after-free in worker destruction
+  * CVE-2019-13722 (bmo#1580156) (Windows only)
+Stack corruption due to incorrect number of arguments in WebRTC code
+  * CVE-2019-17014 (bmo#1322864)
+Dragging and dropping a cross-origin resource, incorrectly loaded
+as an image, could result in information disclosure
+  * CVE-2019-17010 (bmo#1581084)
+Use-after-free when performing device orientation checks
+  * CVE-2019-17005 (bmo#1584170)
+Buffer overflow in plain text serializer
+  * CVE-2019-17011 (bmo#1591334)
+Use-after-free when retrieving a document in antitracking
+  * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
+bmo#1580288, bmo#1585760, bmo#1592502)
+Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
+  * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
+bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
+bmo#1594181)
+Memory safety bugs fixed in Firefox 71
+- requires
+  NSPR >= 4.23
+  NSS >= 3.47.1
+  rust/cargo >= 1.37
+- reactivate webrtc for platforms where it was disabled
+- updated create-tar.sh to cover buildid and origin repo information
+  -> removed obsolete source-stamp.txt
+- removed obsolete patches
+  mozilla-bmo1511604.patch
+  mozilla-openaes-decl.patch
+- changed locale building procedure
+  * removed obsolete compare-locales.tar.xz
+- added mozilla-bmo1601707.patch to fix gcc/LTO builds
+  (bmo#1601707, boo#1158466)
+- added mozilla-bmo849632.patch to fix big endian issues in skia
+  used for WebGL
+
+---

Old:

  compare-locales.tar.xz
  firefox-70.0.1.source.tar.xz
  firefox-70.0.1.source.tar.xz.asc
  l10n-70.0.1.tar.xz
  mozilla-bmo1511604.patch
  mozilla-openaes-decl.patch
  source-stamp.txt

New:

  firefox-71.0.source.tar.xz
  firefox-71.0.source.tar.xz.asc
  l10n-71.0.tar.xz
  mozilla-bmo1601707.patch
  mozilla-bmo849632.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.mwdLRH/_old  2019-12-30 13:49:53.289388095 +0100
+++ /var/tmp/diff_new_pack.mwdLRH/_new  2019-12-30 13:49:53.309388102 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package MozillaFirefox
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LLC
 #   2006-2019 Wolfgang Rosenauer 
 #
 # All modifications and additions to the file contributed by third parties
@@ -18,14 +18,13 @@
 
 
 # changed with every update
-%define major  70
-%define mainver%major.0.1
-%define orig_version   70.0.1
+%define major  71
+%define mainver%major.0
+%define orig_version   71.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
 %define devpkg 1
-%define releasedate20191030021342
 
 # always build with GCC as SUSE Security Team requires that
 %define clang_build 0
@@ -73,7 +72,7 @@
 %else
 BuildRequires:  gcc-c++
 %endif
-BuildRequires:  cargo >= 1.36
+BuildRequires:  cargo >= 1.37
 BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
@@ -81,14 +80,14 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.22
-BuildRequires:  mozilla-nss-devel >= 3.46.1
+BuildRequires:  mozilla-nspr-devel >= 4.23
+BuildRequires:  mozilla-nss-devel >= 3.47.1
 BuildRequires:  nasm >= 2.13
 BuildRequires:  nodejs8 >= 8.11
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-11-04 17:02:50

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2990 (New)


Package is "MozillaFirefox"

Mon Nov  4 17:02:50 2019 rev:299 rq:744799 version:70.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-10-17 12:16:39.032021079 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2990/MozillaFirefox.changes  
2019-11-04 17:02:52.980035172 +0100
@@ -1,0 +2,56 @@
+Fri Nov  1 14:16:39 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 70.0.1
+  * Fix for an issue that caused some websites or page elements using
+dynamic JavaScript to fail to load. (bmo#1592136)
+  * Title bar no longer shows in full screen view (bmo#1588747)
+- added mozilla-bmo1504834-part4.patch to fix some visual issues on
+  big endian platforms
+
+---
+Sun Oct 20 20:19:31 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 70.0
+  * more privacy protections from Enhanced Tracking Protection
+  * Firefox Lockwise passwordmanager
+  * Improvements to core engine components, for better browsing on more sites
+  * Improved privacy and security indicators
+  MFSA 2019-34
+  * CVE-2018-6156 (bmo#1480088)
+Heap buffer overflow in FEC processing in WebRTC
+  * CVE-2019-15903 (bmo#1584907)
+Heap overflow in expat library in XML_GetCurrentLineNumber
+  * CVE-2019-11757 (bmo#1577107)
+Use-after-free when creating index updates in IndexedDB
+  * CVE-2019-11759 (bmo#1577953)
+Stack buffer overflow in HKDF output
+  * CVE-2019-11760 (bmo#1577719)
+Stack buffer overflow in WebRTC networking
+  * CVE-2019-11761 (bmo#1561502)
+Unintended access to a privileged JSONView object
+  * CVE-2019-11762 (bmo#1582857)
+document.domain-based origin isolation has same-origin-property violation
+  * CVE-2019-11763 (bmo#1584216)
+Incorrect HTML parsing results in XSS bypass technique
+  * CVE-2019-11765 (bmo#1562582)
+Incorrect permissions could be granted to a website
+  * CVE-2019-17000 (bmo#1441468)
+CSP bypass using object tag with data: URI
+  * CVE-2019-17001 (bmo#1587976)
+CSP bypass using object tag when script-src 'none' is specified
+  * CVE-2019-17002 (bmo#1561056)
+upgrade-insecure-requests was not being honored for links dragged and 
dropped
+  * CVE-2019-11764 (bmo#1558522, bmo#1577061, bmo#1548044, bmo#1571223,
+bmo#1573048, bmo#1578933, bmo#1575217, bmo#1583684, bmo#1586845, 
bmo#1581950,
+bmo#1583463, bmo#1586599)
+Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
+- requires
+rust/cargo >= 1.36
+NSPR >= 4.22
+NSS >= 3.46.1
+rust-cbindgen >= 0.9.1
+- removed obsolete patches
+mozilla-bmo1573381.patch
+mozilla-nestegg-big-endian.patch
+
+---

Old:

  firefox-69.0.3.source.tar.xz
  firefox-69.0.3.source.tar.xz.asc
  l10n-69.0.3.tar.xz
  mozilla-bmo1573381.patch
  mozilla-nestegg-big-endian.patch

New:

  firefox-70.0.1.source.tar.xz
  firefox-70.0.1.source.tar.xz.asc
  l10n-70.0.1.tar.xz
  mozilla-bmo1504834-part4.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.rHck7E/_old  2019-11-04 17:03:31.176076085 +0100
+++ /var/tmp/diff_new_pack.rHck7E/_new  2019-11-04 17:03:31.180076089 +0100
@@ -18,14 +18,14 @@
 
 
 # changed with every update
-%define major  69
-%define mainver%major.0.3
-%define orig_version   69.0.3
+%define major  70
+%define mainver%major.0.1
+%define orig_version   70.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
 %define devpkg 1
-%define releasedate20191009172106
+%define releasedate20191030021342
 
 # always build with GCC as SUSE Security Team requires that
 %define clang_build 0
@@ -73,7 +73,7 @@
 %else
 BuildRequires:  gcc-c++
 %endif
-BuildRequires:  cargo >= 1.35
+BuildRequires:  cargo >= 1.36
 BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
@@ -81,15 +81,15 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.21
-BuildRequires:  mozilla-nss-devel >= 3.45
+BuildRequires:  mozilla-nspr-devel >= 4.22
+BuildRequires:  mozilla-nss-devel >= 3.46.1
 BuildRequires:  nasm >= 2.13
 BuildRequires:  nodejs8 >= 8.11
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5
-BuildRequires:  rust >= 1.35
-BuildRequires:  rust-cbindgen >= 0.9.0

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-10-17 12:16:37

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2352 (New)


Package is "MozillaFirefox"

Thu Oct 17 12:16:37 2019 rev:298 rq:738119 version:69.0.3

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-10-11 15:12:03.436971158 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2352/MozillaFirefox.changes  
2019-10-17 12:16:39.032021079 +0200
@@ -1,0 +2,8 @@
+Sun Oct 13 08:58:12 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 69.0.3
+  * Fixed Yahoo mail users being prompted to download files when
+clicking on emails (bmo#1582848)
+- devel package build can easily be disabled now
+
+---

Old:

  firefox-69.0.2.source.tar.xz
  firefox-69.0.2.source.tar.xz.asc
  l10n-69.0.2.tar.xz

New:

  firefox-69.0.3.source.tar.xz
  firefox-69.0.3.source.tar.xz.asc
  l10n-69.0.3.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.lAepll/_old  2019-10-17 12:17:02.391962474 +0200
+++ /var/tmp/diff_new_pack.lAepll/_new  2019-10-17 12:17:02.395962464 +0200
@@ -19,13 +19,13 @@
 
 # changed with every update
 %define major  69
-%define mainver%major.0.2
-%define orig_version   69.0.2
+%define mainver%major.0.3
+%define orig_version   69.0.3
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20191001234643
-%define source_prefix  firefox-%{orig_version}
+%define devpkg 1
+%define releasedate20191009172106
 
 # always build with GCC as SUSE Security Team requires that
 %define clang_build 0
@@ -45,6 +45,7 @@
 # general build definitions
 %define progname firefox
 %define pkgname  MozillaFirefox
+%define srcname  firefox
 %define appname  Firefox
 %define progdir %{_prefix}/%_lib/%{progname}
 %define gnome_dir %{_prefix}
@@ -139,7 +140,7 @@
 Group:  Productivity/Networking/Web/Browsers
 Url:http://www.mozilla.org/
 %if !%{with only_print_mozconfig}
-Source: 
http://ftp.mozilla.org/pub/%{progname}/releases/%{version}%{orig_suffix}/source/firefox-%{orig_version}%{orig_suffix}.source.tar.xz
+Source: 
http://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/source/%{srcname}-%{orig_version}%{orig_suffix}.source.tar.xz
 Source1:MozillaFirefox.desktop
 Source2:MozillaFirefox-rpmlintrc
 Source3:mozilla.sh.in
@@ -154,14 +155,14 @@
 Source13:   spellcheck.js
 Source14:   
https://github.com/openSUSE/firefox-scripts/raw/master/create-tar.sh
 Source15:   firefox-appdata.xml
-Source16:   MozillaFirefox.changes
+Source16:   %{name}.changes
 # Set up API keys, see http://www.chromium.org/developers/how-tos/api-keys
 # Note: these are for the openSUSE Firefox builds ONLY. For your own 
distribution,
 # please get your own set of keys.
 Source18:   mozilla-api-key
 Source19:   google-api-key
-Source20:   
https://ftp.mozilla.org/pub/%{progname}/releases/%{version}%{orig_suffix}/source/%{progname}-%{orig_version}%{orig_suffix}.source.tar.xz.asc
-Source21:   
https://ftp.mozilla.org/pub/%{progname}/releases/%{version}%{orig_suffix}/KEY#/mozilla.keyring
+Source20:   
https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/source/%{srcname}-%{orig_version}%{orig_suffix}.source.tar.xz.asc
+Source21:   
https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/KEY#/mozilla.keyring
 # Gecko/Toolkit
 Patch1: mozilla-nongnome-proxies.patch
 Patch2: mozilla-kde.patch
@@ -194,15 +195,16 @@
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 Requires(post):   coreutils shared-mime-info desktop-file-utils
 Requires(postun): shared-mime-info desktop-file-utils
-%if %branding
-Requires:   %{name}-branding > 44.0
-%endif
+Requires:   %{name}-branding >= 68
 Requires:   mozilla-nspr >= %(rpm -q --queryformat '%%{VERSION}' 
mozilla-nspr)
 Requires:   mozilla-nss >= %(rpm -q --queryformat '%%{VERSION}' 
mozilla-nss)
 Recommends: libcanberra0
 Recommends: libpulse0
 # addon leads to startup crash (bnc#908892)
 Obsoletes:  tracker-miner-firefox < 0.15
+%if 0%{?devpkg} == 0
+Obsoletes:  %{name}-devel < %{version}
+%endif
 # libproxy's mozjs pacrunner crashes FF (bnc#759123)
 %if 0%{?suse_version} < 1220
 Obsoletes:  libproxy1-pacrunner-mozjs <= 0.4.7
@@ -214,6 +216,7 @@
 compliance and performance.  Its functionality can be enhanced via a
 plethora of extensions.
 
+%if 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-10-11 15:11:48

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2352 (New)


Package is "MozillaFirefox"

Fri Oct 11 15:11:48 2019 rev:297 rq:735118 version:69.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-09-25 02:06:39.345579510 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.2352/MozillaFirefox.changes  
2019-10-11 15:12:03.436971158 +0200
@@ -1,0 +2,18 @@
+Thu Oct  3 08:40:05 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 69.0.2
+  * Fixed a crash when editing files on Office 365 websites (bmo#1579858)
+  * Fixed a Linux-only crash when changing the playback speed while
+watching YouTube videos (bmo#158)
+- updated supported locale list
+- Allow to build without profile guided optimizations (boo#1040589)
+  (contributed by Bernhard Wiedemann)
+- Make build verbose (contributed by Martin Liška)
+- remove obsolete kde.js setting (boo#1151186) and related patch
+  firefox-add-kde.js-in-order-to-survive-PGO-build.patch
+- update create-tar.sh to latest revision and adjusted tar_stamps
+- add mozilla-fix-top-level-asm.patch to fix LTO build (w/o PGO)
+- extension preferences moved from branding package to core package
+  (packaging but not branding specific)
+
+---

Old:

  firefox-69.0.1.source.tar.xz
  firefox-69.0.1.source.tar.xz.asc
  firefox-add-kde.js-in-order-to-survive-PGO-build.patch
  kde.js
  l10n-69.0.1.tar.xz

New:

  firefox-69.0.2.source.tar.xz
  firefox-69.0.2.source.tar.xz.asc
  l10n-69.0.2.tar.xz
  mozilla-fix-top-level-asm.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.kNTktV/_old  2019-10-11 15:12:47.232850764 +0200
+++ /var/tmp/diff_new_pack.kNTktV/_new  2019-10-11 15:12:47.236850753 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  69
-%define mainver%major.0.1
-%define orig_version   69.0.1
+%define mainver%major.0.2
+%define orig_version   69.0.2
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190917135527
+%define releasedate20191001234643
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that
@@ -93,7 +93,9 @@
 BuildRequires:  unzip
 BuildRequires:  update-desktop-files
 BuildRequires:  xorg-x11-libXt-devel
+%if 0%{?do_profiling}
 BuildRequires:  xvfb-run
+%endif
 BuildRequires:  yasm
 BuildRequires:  zip
 %if 0%{?suse_version} < 1550
@@ -143,7 +145,6 @@
 Source3:mozilla.sh.in
 Source4:tar_stamps
 Source5:source-stamp.txt
-Source6:kde.js
 Source7:l10n-%{orig_version}%{orig_suffix}.tar.xz
 Source8:firefox-mimeinfo.xml
 Source9:firefox.js
@@ -185,10 +186,10 @@
 Patch21:mozilla-bmo1554971.patch
 Patch22:mozilla-nestegg-big-endian.patch
 Patch23:mozilla-bmo1512162.patch
+Patch24:mozilla-fix-top-level-asm.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
-Patch103:   firefox-add-kde.js-in-order-to-survive-PGO-build.patch
 %endif # only_print_mozconfig
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 Requires(post):   coreutils shared-mime-info desktop-file-utils
@@ -239,7 +240,7 @@
 %package translations-other
 Summary:Extra translations for %{appname}
 Group:  System/Localization
-Provides:   
locale(%{name}:ach;af;an;as;ast;az;bg;bn_BD;bn_IN;br;bs;cak;cy;dsb;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gn;gu_IN;he;hi_IN;hr;hsb;hy_AM;id;is;ka;kab;kk;km;kn;lij;lt;lv;mai;mk;ml;mr;ms;ne-NP;nn_NO;oc;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;te;th;tr;uk;uz;vi;xh)
+Provides:   
locale(%{name}:ach;af;an;ast;az;be;bg;bn;br;bs;cak;cy;dsb;en_CA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gn;gu_IN;he;hi_IN;hr;hsb;hy_AM;ia;id;is;ka;kab;kk;km;kn;lij;lt;lv;mk;mr;ms;my;ne_NP;nn_NO;oc;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;te;th;tr;uk;ur;uz;vi;xh)
 Requires:   %{name} = %{version}
 Obsoletes:  %{name}-translations < %{version}-%{release}
 
@@ -321,10 +322,10 @@
 %patch21 -p1
 %patch22 -p1
 %patch23 -p1
+%patch24 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1
-%patch103 -p1
 %endif # only_print_mozconfig
 
 %build
@@ -448,16 +449,18 @@
 ac_add_options --disable-webrtc
 %endif
 # mitigation/workaround for bmo#1512162
-%ifarch ppc64le s390x
+%ifarch s390x
 ac_add_options --enable-optimize="-O1"
 %endif
 %ifarch x86_64
 # LTO needs newer toolchain stack only (at least 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-09-25 02:06:37

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948 (New)


Package is "MozillaFirefox"

Wed Sep 25 02:06:37 2019 rev:296 rq:732086 version:69.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-09-17 13:34:44.925868309 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948/MozillaFirefox.changes  
2019-09-25 02:06:39.345579510 +0200
@@ -1,0 +2,18 @@
+Thu Sep 19 13:31:16 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 69.0.1
+  * Fixed external programs launching in the background when clicking
+a link from inside Firefox to launch them (bmo#1570845)
+  * Usability improvements to the Add-ons Manager for users with
+screen readers (bmo#1567600)
+  * Fixed the Captive Portal notification bar not being dismissable
+in some situations after login is complete (bmo#1578633)
+  * Fixed the maximum size of fonts in Reader Mode when zoomed (bmo#1578454)
+  * Fixed missing stacks in the Developer Tools Performance section
+(bmo#1578354)
+  MFSA 2019-31
+  * CVE-2019-11754 (bmo#1580506)
+Pointer Lock is enabled with no user notification
+- disable DOH by default
+
+---

Old:

  firefox-69.0.source.tar.xz
  firefox-69.0.source.tar.xz.asc
  l10n-69.0.tar.xz

New:

  firefox-69.0.1.source.tar.xz
  firefox-69.0.1.source.tar.xz.asc
  l10n-69.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.X0mckQ/_old  2019-09-25 02:07:13.069582210 +0200
+++ /var/tmp/diff_new_pack.X0mckQ/_new  2019-09-25 02:07:13.093582212 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  69
-%define mainver%major.0
-%define orig_version   69.0
+%define mainver%major.0.1
+%define orig_version   69.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190827005903
+%define releasedate20190917135527
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that

++ compare-locales.tar.xz ++

++ firefox-69.0.source.tar.xz -> firefox-69.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-69.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948/firefox-69.0.1.source.tar.xz
 differ: char 15, line 1

++ firefox.js ++
--- /var/tmp/diff_new_pack.X0mckQ/_old  2019-09-25 02:07:13.805582269 +0200
+++ /var/tmp/diff_new_pack.X0mckQ/_new  2019-09-25 02:07:13.805582269 +0200
@@ -1,3 +1,5 @@
 pref("intl.locale.requested", "");
 pref("browser.preferences.instantApply", true);
 pref("geo.wifi.uri", 
"https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%;);
+/* Disable DoH by default */
+pref("network.trr.mode", 5);

++ l10n-69.0.tar.xz -> l10n-69.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-69.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948/l10n-69.0.1.tar.xz differ: 
char 26, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.X0mckQ/_old  2019-09-25 02:07:14.893582356 +0200
+++ /var/tmp/diff_new_pack.X0mckQ/_new  2019-09-25 02:07:14.905582357 +0200
@@ -1,2 +1,2 @@
-REV=cce4622026ab8e0130a0afc03f829f9b19ca38c2
+REV=bf6ea738ba073f1a70554799a749235136afc93a
 REPO=http://hg.mozilla.org/releases/mozilla-release

++ tar_stamps ++
--- /var/tmp/diff_new_pack.X0mckQ/_old  2019-09-25 02:07:15.025582367 +0200
+++ /var/tmp/diff_new_pack.X0mckQ/_new  2019-09-25 02:07:15.029582367 +0200
@@ -1,8 +1,8 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="69.0"
+VERSION="69.0.1"
 VERSION_SUFFIX=""
-FF_RELEASE_TAG="cce4622026ab8e0130a0afc03f829f9b19ca38c2"
+FF_RELEASE_TAG="bf6ea738ba073f1a70554799a749235136afc93a"
 TB_RELEASE_TAG=""
 PREV_VERSION=""
 PREV_VERSION_SUFFIX=""

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-09-17 13:34:43

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948 (New)


Package is "MozillaFirefox"

Tue Sep 17 13:34:43 2019 rev:295 rq:730473 version:69.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-09-07 11:27:19.742479998 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948/MozillaFirefox.changes  
2019-09-17 13:34:44.925868309 +0200
@@ -1,0 +2,47 @@
+Thu Sep  5 13:02:39 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 69.0
+  * Enhanced Tracking Protection (ETP) for stronger privacy protections
+  * Block Autoplay feature is enhanced to give users the option to block
+any video
+  * Users in the US or using the en-US browser, can get a new “New Tab”
+page experience connecting to the best of Pocket's content.
+  * Support for the Web Authentication HmacSecret extension via
+Windows Hello introduced.
+  * Support for receiving multiple video codecs with this release makes
+it easier for WebRTC conferencing services to mix video from
+different clients.
+  MFSA 2019-25 (boo#1149324)
+  * CVE-2019-11741 (bmo#1539595)
+Isolate addons.mozilla.org and accounts.firefox.com
+  * CVE-2019-5849 (bmo#1555838)
+Out-of-bounds read in Skia
+  * CVE-2019-11737 (bmo#1388015)
+Content security policy directives ignore port and path if host is a 
wildcard
+  * CVE-2019-11734 (bmo#1352875,bmo#1536227,bmo#1557208,bmo#1560641)
+Memory safety bugs fixed in Firefox 69
+  * CVE-2019-11735 (bmo#1561404,bmo#1561484,bmo#1568047,bmo#1561912,
+bmo#1565744,bmo#1568858,bmo#1570358)
+Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1
+  * CVE-2019-11740 (bmo#1563133,bmo#1573160)
+Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 
60.9
+- requires
+  * rust/cargo >= 1.35
+  * rust-cbindgen >= 0.9.0
+  * mozilla-nss >= 3.45
+- rebased patches
+
+---
+Wed Sep  4 15:38:40 UTC 2019 - Wolfgang Rosenauer 
+
+- added a bunch of patches mainly for big endian platforms
+  * mozilla-bmo1504834-part1.patch
+  * mozilla-bmo1504834-part2.patch
+  * mozilla-bmo1504834-part3.patch
+  * mozilla-bmo1511604.patch
+  * mozilla-bmo1554971.patch
+  * mozilla-bmo1573381.patch
+  * mozilla-nestegg-big-endian.patch
+  * mozilla-bmo1512162.patch
+
+---

Old:

  firefox-68.1.0esr.source.tar.xz
  firefox-68.1.0esr.source.tar.xz.asc
  l10n-68.1.0esr.tar.xz

New:

  firefox-69.0.source.tar.xz
  firefox-69.0.source.tar.xz.asc
  l10n-69.0.tar.xz
  mozilla-bmo1504834-part1.patch
  mozilla-bmo1504834-part2.patch
  mozilla-bmo1504834-part3.patch
  mozilla-bmo1511604.patch
  mozilla-bmo1512162.patch
  mozilla-bmo1554971.patch
  mozilla-bmo1573381.patch
  mozilla-nestegg-big-endian.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.ZgJnn8/_old  2019-09-17 13:35:19.473862800 +0200
+++ /var/tmp/diff_new_pack.ZgJnn8/_new  2019-09-17 13:35:19.473862800 +0200
@@ -18,13 +18,13 @@
 
 
 # changed with every update
-%define major  68
-%define mainver%major.1.0
-%define orig_version   68.1.0
-%define orig_suffixesr
-%define update_channel esr68
+%define major  69
+%define mainver%major.0
+%define orig_version   69.0
+%define orig_suffix%{nil}
+%define update_channel release
 %define branding   1
-%define releasedate20190826132627
+%define releasedate20190827005903
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that
@@ -33,6 +33,8 @@
 # PIE, full relro
 %define build_hardened 1
 
+%bcond_with only_print_mozconfig
+
 # Firefox only supports i686
 %ifarch %ix86
 ExclusiveArch:  i586 i686
@@ -70,7 +72,7 @@
 %else
 BuildRequires:  gcc-c++
 %endif
-BuildRequires:  cargo >= 1.34
+BuildRequires:  cargo >= 1.35
 BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
@@ -79,14 +81,14 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.21
-BuildRequires:  mozilla-nss-devel >= 3.44.1
+BuildRequires:  mozilla-nss-devel >= 3.45
 BuildRequires:  nasm >= 2.13
-BuildRequires:  nodejs >= 8.11
+BuildRequires:  nodejs8 >= 8.11
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5
-BuildRequires:  rust >= 1.34
-BuildRequires:  rust-cbindgen >= 0.8.7
+BuildRequires:  rust >= 1.35
+BuildRequires:  rust-cbindgen >= 0.9.0
 BuildRequires: 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-09-07 11:27:17

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948 (New)


Package is "MozillaFirefox"

Sat Sep  7 11:27:17 2019 rev:294 rq:728229 version:68.1.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-08-27 15:22:17.832813357 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948/MozillaFirefox.changes  
2019-09-07 11:27:19.742479998 +0200
@@ -1,0 +2,44 @@
+Fri Aug 30 20:49:11 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 68.1.0
+  MFSA 2019-26
+  * CVE-2019-11751 (bmo#1572838; Windows only)
+Malicious code execution through command line parameters
+  * CVE-2019-11746 (bmo#1564449)
+Use-after-free while manipulating video
+  * CVE-2019-11744 (bmo#1562033)
+XSS by breaking out of title and textarea elements using innerHTML
+  * CVE-2019-11742 (bmo#1559715)
+Same-origin policy violation with SVG filters and canvas to steal
+cross-origin images
+  * CVE-2019-11736 (bmo#1551913, bmo#1552206; Windows only))
+File manipulation and privilege escalation in Mozilla Maintenance Service
+  * CVE-2019-11753 (bmo#1574980; Windows only)
+Privilege escalation with Mozilla Maintenance Service in custom
+Firefox installation location
+  * CVE-2019-11752 (bmo#1501152)
+Use-after-free while extracting a key value in IndexedDB
+  * CVE-2019-9812 (bmo#1538008, bmo#1538015)
+Sandbox escape through Firefox Sync
+  * CVE-2019-11743 (bmo#1560495)
+Cross-origin access to unload event attributes
+  * CVE-2019-11748 (bmo#1564588)
+Persistence of WebRTC permissions in a third party context
+  * CVE-2019-11749 (bmo#1565374)
+Camera information available without prompting using getUserMedia
+  * CVE-2019-11750 (bmo#1568397)
+Type confusion in Spidermonkey
+  * CVE-2019-11738 (bmo#1452037)
+Content security policy bypass through hash-based sources in directives
+  * CVE-2019-11747 (bmo#1564481)
+'Forget about this site' removes sites from pre-loaded HSTS list
+  * CVE-2019-11735i (bmo#1561404,bmo#1561484,bmo#1568047,bmo#1561912,
+bmo#1565744,bmo#1568858,bmo#1570358)
+Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1
+  * CVE-2019-11740 (bmo#1563133,bmo#1573160)
+Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 
60.9
+- switched package to ESR branch
+- added mozilla-bmo1568145.patch to make builds reproducible
+- removed upstreamed patch mozilla-gcc-internal-compiler-error.patch
+
+---

Old:

  firefox-68.0.2.source.tar.xz
  firefox-68.0.2.source.tar.xz.asc
  l10n-68.0.2.tar.xz
  mozilla-gcc-internal-compiler-error.patch

New:

  firefox-68.1.0esr.source.tar.xz
  firefox-68.1.0esr.source.tar.xz.asc
  l10n-68.1.0esr.tar.xz
  mozilla-bmo1568145.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.nieSBl/_old  2019-09-07 11:27:46.38247 +0200
+++ /var/tmp/diff_new_pack.nieSBl/_new  2019-09-07 11:27:46.386476665 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  68
-%define mainver%major.0.2
-%define orig_version   68.0.2
-%define orig_suffix%{nil}
-%define update_channel release
+%define mainver%major.1.0
+%define orig_version   68.1.0
+%define orig_suffixesr
+%define update_channel esr68
 %define branding   1
-%define releasedate20190813150448
+%define releasedate20190826132627
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that
@@ -134,7 +134,7 @@
 License:MPL-2.0
 Group:  Productivity/Networking/Web/Browsers
 Url:http://www.mozilla.org/
-Source: 
http://ftp.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{orig_version}%{orig_suffix}.source.tar.xz
+Source: 
http://ftp.mozilla.org/pub/firefox/releases/%{version}%{orig_suffix}/source/firefox-%{orig_version}%{orig_suffix}.source.tar.xz
 Source1:MozillaFirefox.desktop
 Source2:MozillaFirefox-rpmlintrc
 Source3:mozilla.sh.in
@@ -156,7 +156,7 @@
 # please get your own set of keys.
 Source18:   mozilla-api-key
 Source19:   google-api-key
-Source20:   
https://ftp.mozilla.org/pub/%{progname}/releases/%{version}/source/%{progname}-%{orig_version}%{orig_suffix}.source.tar.xz.asc
+Source20:   
https://ftp.mozilla.org/pub/%{progname}/releases/%{version}%{orig_suffix}/source/%{progname}-%{orig_version}%{orig_suffix}.source.tar.xz.asc
 Source21:   mozilla.keyring
 # Gecko/Toolkit
 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-08-27 15:22:10

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948 (New)


Package is "MozillaFirefox"

Tue Aug 27 15:22:10 2019 rev:293 rq:724714 version:68.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-08-08 14:22:30.752357244 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948/MozillaFirefox.changes  
2019-08-27 15:22:17.832813357 +0200
@@ -1,0 +2,27 @@
+Sun Aug 18 17:29:25 UTC 2019 - Andreas Stieger 
+
+- Mozilla Firefox 68.0.2:
+  * Fixed a bug causing some special characters to be cut off from
+the end of the search terms when searching from the URL bar
+(bmo#1560228)
+  * Allow fonts to be loaded via file:// URLs when opening a page
+locally (bmo#1565942)
+  * Printing emails from the Outlook web app no longer prints only
+the header and footer (bmo#1567105)
+  * Fixed a bug causing some images not to be displayed on reload,
+including on Google Maps (bmo# 1565542)
+  * Fixed an error when starting external applications configured
+as URI handlers (bmo#1567614)
+  MFSA 2019-24 (boo#1145665)
+  * CVE-2019-11733: Stored passwords in 'Saved Logins' can be
+copied without master password entry (bmo#1565780)
+- drop fix-build-after-y2038-changes-in-glibc.patch, upstream
+
+---
+Fri Aug 16 16:49:24 UTC 2019 - Jonathan Brielmaier 
+
+- Fix crash when typing in the URL bar on ppc64le (bmo#1512162).
+  The upstream patch doesn't resolve the issue on TW, but compiling
+  with -O1 does. Do this until we have a proper fix.
+
+---

Old:

  firefox-68.0.1.source.tar.xz
  firefox-68.0.1.source.tar.xz.asc
  fix-build-after-y2038-changes-in-glibc.patch
  l10n-68.0.1.tar.xz

New:

  firefox-68.0.2.source.tar.xz
  firefox-68.0.2.source.tar.xz.asc
  l10n-68.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.gulSBH/_old  2019-08-27 15:23:13.148785517 +0200
+++ /var/tmp/diff_new_pack.gulSBH/_new  2019-08-27 15:23:13.152785515 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  68
-%define mainver%major.0.1
-%define orig_version   68.0.1
+%define mainver%major.0.2
+%define orig_version   68.0.2
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190717172542
+%define releasedate20190813150448
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that
@@ -174,7 +174,6 @@
 Patch13:mozilla-reduce-rust-debuginfo.patch
 Patch14:mozilla-ppc-altivec_static_inline.patch
 Patch15:mozilla-bmo1005535.patch
-Patch16:fix-build-after-y2038-changes-in-glibc.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -301,7 +300,6 @@
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
-%patch16 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1
@@ -414,6 +412,10 @@
 %ifarch aarch64 %arm s390x
 ac_add_options --disable-webrtc
 %endif
+# mitigation/workaround for bmo#1512162
+%ifarch ppc64le
+ac_add_options --enable-optimize="-O1"
+%endif
 %ifarch x86_64
 # LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506)
 %if 0%{?suse_version} > 1500

++ compare-locales.tar.xz ++

++ firefox-68.0.1.source.tar.xz -> firefox-68.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-68.0.1.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948/firefox-68.0.2.source.tar.xz
 differ: char 15, line 1

++ l10n-68.0.1.tar.xz -> l10n-68.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-68.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.7948/l10n-68.0.2.tar.xz differ: 
char 26, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.gulSBH/_old  2019-08-27 15:23:13.496785342 +0200
+++ /var/tmp/diff_new_pack.gulSBH/_new  2019-08-27 15:23:13.496785342 +0200
@@ -1,2 +1,2 @@
-REV=837bbcb850cd58eb07c7f6437078d5229986967c
+REV=7ece03f6971968eede29275477502309bbe399da
 REPO=http://hg.mozilla.org/releases/mozilla-release

++ tar_stamps ++
--- /var/tmp/diff_new_pack.gulSBH/_old  2019-08-27 15:23:13.524785328 +0200
+++ /var/tmp/diff_new_pack.gulSBH/_new  2019-08-27 15:23:13.524785328 +0200
@@ -1,8 +1,8 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="68.0.1"
+VERSION="68.0.2"
 VERSION_SUFFIX=""
-FF_RELEASE_TAG="837bbcb850cd58eb07c7f6437078d5229986967c"

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-08-08 14:22:22

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.9556 (New)


Package is "MozillaFirefox"

Thu Aug  8 14:22:22 2019 rev:292 rq:721224 version:68.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-07-22 12:18:43.787690511 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.9556/MozillaFirefox.changes  
2019-08-08 14:22:30.752357244 +0200
@@ -1,0 +2,5 @@
+Thu Aug  1 14:25:02 UTC 2019 - Guillaume GARDET 
+
+- Update build constraints to fix arm builds
+
+---



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.sdxvQH/_old  2019-08-08 14:22:37.372356232 +0200
+++ /var/tmp/diff_new_pack.sdxvQH/_new  2019-08-08 14:22:37.372356232 +0200
@@ -350,7 +350,7 @@
 %endif
 export CXXFLAGS="$CFLAGS"
 export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
-%limit_build -m 1500
+%limit_build -m 2000
 cat << EOF > $MOZCONFIG
 mk_add_options MOZILLA_OFFICIAL=1
 mk_add_options BUILD_OFFICIAL=1

++ _constraints ++
--- /var/tmp/diff_new_pack.sdxvQH/_old  2019-08-08 14:22:37.448356221 +0200
+++ /var/tmp/diff_new_pack.sdxvQH/_new  2019-08-08 14:22:37.448356221 +0200
@@ -2,7 +2,7 @@
 
   
 
-  22
+  24
 
 
   8
@@ -12,11 +12,23 @@
 
   armv6l
   armv7l
+
+
+  
+12
+  
+  
+5
+  
+
+  
+  
+
   aarch64
 
 
   
-9
+12
   
 
   

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-07-22 12:18:41

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.4126 (New)


Package is "MozillaFirefox"

Mon Jul 22 12:18:41 2019 rev:291 rq:717184 version:68.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-06-24 21:50:58.44987 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.4126/MozillaFirefox.changes  
2019-07-22 12:18:43.787690511 +0200
@@ -1,0 +2,109 @@
+Fri Jul 19 08:11:27 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 68.0.1
+  * Fixed missing Full Screen button when watching videos in full
+screen mode on HBO GO (bmo#1562837)
+  * Fixed a bug causing incorrect messages to appear for some
+locales when sites try to request the use of the Storage
+Access API (bmo#1558503)
+  * Users in Russian regions may have their default search engine
+changed (bmo#1565315)
+  * Built-in search engines in some locales do not function
+correctly (bmo#1565779)
+  * SupportMenu policy doesn't always work (bmo#1553290)
+  * Allow the privacy.file_unique_origin pref to be controlled by
+policy (bmo#1563759)
+
+---
+Thu Jul 11 10:51:39 UTC 2019 - Jiri Slaby 
+
+- add fix-build-after-y2038-changes-in-glibc.patch
+
+---
+Wed Jul 10 13:47:41 UTC 2019 - Bernhard Wiedemann 
+
+- Generate langpacks sequentially to avoid file corruption
+  from racy file writes (boo#1137970)
+
+---
+Mon Jul  8 13:30:35 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 68.0
+  * Dark mode in reader view
+  * Improved extension security and discovery
+  * Cryptomining and fingerprinting protections are added to strict
+content blocking settings in Privacy & Security preferences
+  * Camera and microphone access now require an HTTPS connection
+  MFSA 2019-21 (bsc#1140868)
+  * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
+Sandbox escape via installation of malicious languagepack
+  * CVE-2019-11711 (bmo#1552541)
+Script injection within domain through inner window reuse
+  * CVE-2019-11712 (bmo#1543804)
+Cross-origin POST requests can be made with NPAPI plugins by
+following 308 redirects
+  * CVE-2019-11713 (bmo#1528481)
+Use-after-free with HTTP/2 cached stream
+  * CVE-2019-11714 (bmo#1542593)
+NeckoChild can trigger crash when accessed off of main thread
+  * CVE-2019-11729 (bmo#1515342)
+Empty or malformed p256-ECDH public keys may trigger a segmentation fault
+  * CVE-2019-11715 (bmo#123)
+HTML parsing error can contribute to content XSS
+  * CVE-2019-11716 (bmo#1552632)
+globalThis not enumerable until accessed
+  * CVE-2019-11717 (bmo#1548306)
+Caret character improperly escaped in origins
+  * CVE-2019-11718 (bmo#1408349)
+Activity Stream writes unsanitized content to innerHTML
+  * CVE-2019-11719 (bmo#1540541)
+Out-of-bounds read when importing curve25519 private key
+  * CVE-2019-11720 (bmo#1556230)
+Character encoding XSS vulnerability
+  * CVE-2019-11721 (bmo#1256009)
+Domain spoofing through unicode latin 'kra' character
+  * CVE-2019-11730 (bmo#1558299)
+Same-origin policy treats all files in a directory as having the
+same-origin
+  * CVE-2019-11723 (bmo#1528335)
+Cookie leakage during add-on fetching across private browsing boundaries
+  * CVE-2019-11724 (bmo#1512511)
+Retired site input.mozilla.org has remote troubleshooting permissions
+  * CVE-2019-11725 (bmo#1483510)
+Websocket resources bypass safebrowsing protections
+  * CVE-2019-11727 (bmo#1552208)
+PKCS#1 v1.5 signatures can be used for TLS 1.3
+  * CVE-2019-11728 (bmo#1552993)
+Port scanning through Alt-Svc header
+  * CVE-2019-11710 (bmo#1549768, bmo#1548611, bmo#1533842, bmo#1537692,
+bmo#1540590, bmo#1551907, bmo#1510345, bmo#1535482, bmo#1535848,
+bmo#1547472, bmo#1547760, bmo#1507696, bmo#1544180)
+Memory safety bugs fixed in Firefox 68
+  * CVE-2019-11709 (bmo#1547266, bmo#1540759, bmo#1548822, bmo#1550498
+bmo#1515052, bmo#1539219, bmo#1547757, bmo#1550498, bmo#1533522)
+Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8
+- requires
+  * NSS 3.44.1
+  * rust/cargo 1.34
+  * rust-cbindgen 0.8.7
+- rebased patches
+  * mozilla-aarch64-startup-crash.patch
+  * mozilla-kde.patch
+  * mozilla-nongnome-proxies.patch
+  * firefox-kde.patch
+- use new create-tar.sh and add tar_stamps for package definitions
+- added patches imported from SLE flavour
+  * mozilla-gcc-internal-compiler-error.patch
+  * mozilla-bmo1005535.patch
+  * 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-06-24 21:50:57

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.4615 (New)


Package is "MozillaFirefox"

Mon Jun 24 21:50:57 2019 rev:290 rq:711215 version:67.0.4

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-05-27 08:29:25.179280682 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.4615/MozillaFirefox.changes  
2019-06-24 21:50:58.44987 +0200
@@ -1,0 +2,54 @@
+Thu Jun 20 06:20:59 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 67.0.4
+  MFSA 2019-19 (boo#1138872)
+  * CVE-2019-11708 (bmo#1559858)
+sandbox escape using Prompt:Open
+
+---
+Tue Jun 18 18:36:15 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 67.0.3
+  MFSA 2019-18 (boo#1138614)
+  * CVE-2019-11707 (bmo#1544386)
+Type confusion in Array.pop
+
+---
+Thu Jun 12 14:56:32 UTC 2019 - Manfred Hollstein 
+
+- Mozilla Firefox 67.0.2
+  * Fixed: Fix JavaScript error ("TypeError: data is null in
+PrivacyFilter.jsm") in console which may significantly degrade
+sessionstore reliability and performance (bmo#1553413)
+  * Fixed: Proxy authentication dialog box repeatedly pops up
+asking to authenticate after upgrading to Firefox 67 (bmo#1548804)
+  * Fixed: Pearson MyCloud breaks if FIDO U2F is not Chrome's
+implementation (bmo#1551282)
+  * Fixed: Starting in safe mode on Linux or macOS causes Firefox
+to think on the subsequent launch that the profile is too
+recent to be used with this version of Firefox (bmo#1556612)
+  * Fixed: Linux distribution users can't easily install/use
+additional/different languages using the built-in preferences
+UI (bmo#1554744)
+  * Fixed: Developer tools users can't copy the href/src content
+from various HTML tags via the context menu in the Inspector
+markup view (bmo#1552275)
+  * Fixed: Custom home page is broken with clearing data on shutdown
+settings applied (bmo#1554167)
+  * Fixed: Performance-regression for eclipse RAP based applications
+(bmo#1555962)
+  * Fixed: macOS 10.15 crash fix (bmo#1556076)
+  * Fixed: Can't start two downloads in parallel via 
+anymore (bmo#1542912)
+
+---
+Thu Jun  6 06:49:51 UTC 2019 - Manfred Hollstein 
+
+- Mozilla Firefox 67.0.1
+  * enable enhanced tracking protection by default for new users
+  * upgrade of Facebook container to version 2.0
+  * new version of Firefox Lockwise (password management)
+  * new version of Firefox Monitor
+  * Firefox Send improvements
+
+---

Old:

  firefox-67.0.source.tar.xz
  firefox-67.0.source.tar.xz.asc
  l10n-67.0.tar.xz

New:

  firefox-67.0.4.source.tar.xz
  firefox-67.0.4.source.tar.xz.asc
  l10n-67.0.4.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.k6NV7t/_old  2019-06-24 21:51:18.656010674 +0200
+++ /var/tmp/diff_new_pack.k6NV7t/_new  2019-06-24 21:51:18.700010708 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  67
-%define mainver%major.0
-%define orig_version   67.0
+%define mainver%major.0.4
+%define orig_version   67.0.4
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190516215225
+%define releasedate20190619235627
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.k6NV7t/_old  2019-06-24 21:51:20.412012040 +0200
+++ /var/tmp/diff_new_pack.k6NV7t/_new  2019-06-24 21:51:20.436012060 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="2a7896ba9aa5d982abe01f859d771d411fda8101"
-VERSION="67.0"
+RELEASE_TAG="ea5154beddff08b919697e3bed6f38cfe3a3d82f"
+VERSION="67.0.4"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-67.0.source.tar.xz -> firefox-67.0.4.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-67.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.4615/firefox-67.0.4.source.tar.xz
 differ: char 15, line 1

++ l10n-67.0.tar.xz -> l10n-67.0.4.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-67.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.4615/l10n-67.0.4.tar.xz differ: 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-05-27 08:29:14

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148 (New)


Package is "MozillaFirefox"

Mon May 27 08:29:14 2019 rev:289 rq:705211 version:67.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-05-12 11:32:52.553778090 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/MozillaFirefox.changes  
2019-05-27 08:29:25.179280682 +0200
@@ -1,0 +2,85 @@
+Sun May 19 20:40:30 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 67.0
+  * Firefox 67 will be able to run different Firefox installs side by side
+
https://blog.nightly.mozilla.org/2019/01/14/moving-to-a-profile-per-install-architecture/
+  * Tabs can now be pinned from the Page Actions menu in the address bar
+  * Users can block known cryptominers and fingerprinters in the
+Custom settings or their Content Blocking preferences
+  * The Import Data from Another Browser feature is now also available
+from the File menu
+  * Firefox will now protect you against running older versions which
+can lead to data corruption and stability issues
+  * Easier access to your list of saved logins from the main menu and
+login autocomplete
+  * We’ve added a toolbar menu for your Firefox Account to provide more
+transparency for when you are synced, sharing data across devices
+and with Firefox. Personalize the appearance of the menu with your
+own avatar
+  * Enable FIDO U2F API, and permit registrations for Google Accounts
+  * Enabled AV1 support on Linux
+  MFSA 2019-13 (boo#1135824)
+  * CVE-2019-9815 (bmo#1546544)
+Disable hyperthreading on content JavaScript threads on macOS
+  * CVE-2019-9816 (bmo#1536768)
+Type confusion with object groups and UnboxedObjects
+  * CVE-2019-9817 (bmo#1540221)
+Stealing of cross-domain images using canvas
+  * CVE-2019-9818 (bmo#1542581) (Windows only)
+Use-after-free in crash generation server
+  * CVE-2019-9819 (bmo#1532553)
+Compartment mismatch with fetch API
+  * CVE-2019-9820 (bmo#1536405)
+Use-after-free of ChromeEventHandler by DocShell
+  * CVE-2019-9821 (bmo#1539125)
+Use-after-free in AssertWorkerThread
+  * CVE-2019-11691 (bmo#1542465)
+Use-after-free in XMLHttpRequest
+  * CVE-2019-11692 (bmo#1544670)
+Use-after-free removing listeners in the event listener manager
+  * CVE-2019-11693 (bmo#1532525)
+Buffer overflow in WebGL bufferdata on Linux
+  * CVE-2019-7317 (bmo#1542829)
+Use-after-free in png_image_free of libpng library
+  * CVE-2019-11694 (bmo#1534196) (Windows only)
+Uninitialized memory memory leakage in Windows sandbox
+  * CVE-2019-11695 (bmo#1445844)
+Custom cursor can render over user interface outside of web content
+  * CVE-2019-11696 (bmo#1392955)
+Java web start .JNLP files are not recognized as executable files
+for download prompts
+  * CVE-2019-11697 (bmo#1440079)
+Pressing key combinations can bypass installation prompt delays and
+install extensions
+  * CVE-2019-11698 (bmo#1543191)
+Theft of user history data through drag and drop of hyperlinks
+to and from bookmarks
+  * CVE-2019-11700 (bmo#1549833) (Windows only)
+res: protocol can be used to open known local files
+  * CVE-2019-11699 (bmo#1528939)
+Incorrect domain name highlighting during page navigation
+  * CVE-2019-11701 (bmo#1518627)
+webcal: protocol default handler loads vulnerable web page
+  * CVE-2019-9814 (bmo#1527592, bmo#1534536, bmo#1520132, bmo#1543159,
+bmo#1539393, bmo#1459932, bmo#1459182, bmo#1516425)
+Memory safety bugs fixed in Firefox 67
+  * CVE-2019-9800 (bmo#1540166, bmo#1534593, bmo#1546327, bmo#1540136,
+bmo#1538736, bmo#1538042, bmo#1535612, bmo#1499719, bmo#1499108,
+bmo#1538619, bmo#1535194, bmo#1516325, bmo#1542324, bmo#1542097,
+bmo#1532465, bmo#1533554, bmo#1541580)
+Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
+- requires
+  * rust/cargo >= 1.32
+  * mozilla-nspr >= 4.21
+  * mozilla-nss >= 3.43
+  * rust-cbindgen >= 0.8.2
+- rebased patches
+- KDE integration for default browser detection is broken in this revision
+
+---
+Fri May 17 12:04:49 UTC 2019 - Guillaume GARDET 
+
+- Fix armv7 build with:
+  * mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch
+
+---

Old:

  firefox-66.0.5.source.tar.xz
  firefox-66.0.5.source.tar.xz.asc
  l10n-66.0.5.tar.xz

New:

  firefox-67.0.source.tar.xz
  firefox-67.0.source.tar.xz.asc
  l10n-67.0.tar.xz
  mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-05-12 11:32:41

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148 (New)


Package is "MozillaFirefox"

Sun May 12 11:32:41 2019 rev:288 rq:702059 version:66.0.5

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-05-06 21:14:09.296574091 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/MozillaFirefox.changes  
2019-05-12 11:32:52.553778090 +0200
@@ -1,0 +2,7 @@
+Fri May 10 10:30:05 UTC 2019 - Manfred Hollstein 
+
+- Mozilla Firefox 66.0.5
+  * Fixed: Further improvements to re-enable web extensions which
+had been disabled for users with a master password set (bmo#1549249)
+
+---

Old:

  firefox-66.0.4.source.tar.xz
  firefox-66.0.4.source.tar.xz.asc
  l10n-66.0.4.tar.xz

New:

  firefox-66.0.5.source.tar.xz
  firefox-66.0.5.source.tar.xz.asc
  l10n-66.0.5.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.woNxbG/_old  2019-05-12 11:33:14.365841944 +0200
+++ /var/tmp/diff_new_pack.woNxbG/_new  2019-05-12 11:33:14.369841956 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  66
-%define mainver%major.0.4
-%define orig_version   66.0.4
+%define mainver%major.0.5
+%define orig_version   66.0.5
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190504212614
+%define releasedate20190507012018
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.woNxbG/_old  2019-05-12 11:33:14.497842331 +0200
+++ /var/tmp/diff_new_pack.woNxbG/_new  2019-05-12 11:33:14.497842331 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="848b15028562c6757748070f637e0e4f0bbb5f65"
-VERSION="66.0.4"
+RELEASE_TAG="96d2576eae4baf0aa961b4f5a1dadd26bb8ee823"
+VERSION="66.0.5"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-66.0.4.source.tar.xz -> firefox-66.0.5.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-66.0.4.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/firefox-66.0.5.source.tar.xz
 differ: char 15, line 1

++ l10n-66.0.4.tar.xz -> l10n-66.0.5.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-66.0.4.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/l10n-66.0.5.tar.xz differ: 
char 25, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.woNxbG/_old  2019-05-12 11:33:14.645842764 +0200
+++ /var/tmp/diff_new_pack.woNxbG/_new  2019-05-12 11:33:14.645842764 +0200
@@ -1,2 +1,2 @@
-REV=848b15028562
+REV=96d2576eae4b
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-05-06 21:14:06

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148 (New)


Package is "MozillaFirefox"

Mon May  6 21:14:06 2019 rev:287 rq:700898 version:66.0.4

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-04-15 12:35:02.414089150 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/MozillaFirefox.changes  
2019-05-06 21:14:09.296574091 +0200
@@ -1,0 +2,7 @@
+Sun May  5 20:21:02 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 66.0.4 (boo#1134126)
+  * fix extension certificate chain
+
https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/
+
+---

Old:

  firefox-66.0.3.source.tar.xz
  firefox-66.0.3.source.tar.xz.asc
  l10n-66.0.3.tar.xz

New:

  firefox-66.0.4.source.tar.xz
  firefox-66.0.4.source.tar.xz.asc
  l10n-66.0.4.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.eeafhd/_old  2019-05-06 21:14:34.796644123 +0200
+++ /var/tmp/diff_new_pack.eeafhd/_new  2019-05-06 21:14:34.796644123 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  66
-%define mainver%major.0.3
-%define orig_version   66.0.3
+%define mainver%major.0.4
+%define orig_version   66.0.4
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190409195917
+%define releasedate20190504212614
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.eeafhd/_old  2019-05-06 21:14:34.920644459 +0200
+++ /var/tmp/diff_new_pack.eeafhd/_new  2019-05-06 21:14:34.920644459 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="37ecfd08ffee9924609121aaec3f101598f8a84e"
-VERSION="66.0.3"
+RELEASE_TAG="848b15028562c6757748070f637e0e4f0bbb5f65"
+VERSION="66.0.4"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-66.0.3.source.tar.xz -> firefox-66.0.4.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-66.0.3.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/firefox-66.0.4.source.tar.xz
 differ: char 15, line 1

++ l10n-66.0.3.tar.xz -> l10n-66.0.4.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-66.0.3.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.5148/l10n-66.0.4.tar.xz differ: 
char 25, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.eeafhd/_old  2019-05-06 21:14:35.108644969 +0200
+++ /var/tmp/diff_new_pack.eeafhd/_new  2019-05-06 21:14:35.108644969 +0200
@@ -1,2 +1,2 @@
-REV=37ecfd08ffee
+REV=848b15028562
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-04-15 12:34:52

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.17052 (New)


Package is "MozillaFirefox"

Mon Apr 15 12:34:52 2019 rev:286 rq:693917 version:66.0.3

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-04-02 09:19:37.328571534 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.17052/MozillaFirefox.changes 
2019-04-15 12:35:02.414089150 +0200
@@ -1,0 +2,13 @@
+Thu Apr 11 09:16:17 UTC 2019 - Manfred Hollstein 
+
+- Mozilla Firefox 66.0.3
+  * Fixed: Address bar on tablets running Windows 10 now behaves
+correctly (bmo#1498973)
+  * Fixed: Performance issues with some HTML5 games (bmo#1537609)
+  * Fixed a bug with keypress events in IBM cloud applications
+(bmo#1538970)
+  * Fix for keypress events in some Microsoft cloud applications
+(bmo#1539618)
+  * Changed: Updated Baidu search plugin
+
+---

Old:

  firefox-66.0.2.source.tar.xz
  firefox-66.0.2.source.tar.xz.asc
  l10n-66.0.2.tar.xz

New:

  firefox-66.0.3.source.tar.xz
  firefox-66.0.3.source.tar.xz.asc
  l10n-66.0.3.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.naP2x7/_old  2019-04-15 12:35:28.618106965 +0200
+++ /var/tmp/diff_new_pack.naP2x7/_new  2019-04-15 12:35:28.618106965 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  66
-%define mainver%major.0.2
-%define orig_version   66.0.2
+%define mainver%major.0.3
+%define orig_version   66.0.3
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190326175229
+%define releasedate20190409195917
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.naP2x7/_old  2019-04-15 12:35:28.766107065 +0200
+++ /var/tmp/diff_new_pack.naP2x7/_new  2019-04-15 12:35:28.766107065 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="ed39a05717aaba84fa217aada9bc2ce77cf98e11"
-VERSION="66.0.2"
+RELEASE_TAG="37ecfd08ffee9924609121aaec3f101598f8a84e"
+VERSION="66.0.3"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-66.0.2.source.tar.xz -> firefox-66.0.3.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-66.0.2.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.17052/firefox-66.0.3.source.tar.xz
 differ: char 15, line 1

++ l10n-66.0.2.tar.xz -> l10n-66.0.3.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-66.0.2.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.17052/l10n-66.0.3.tar.xz differ: 
char 26, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.naP2x7/_old  2019-04-15 12:35:29.010107231 +0200
+++ /var/tmp/diff_new_pack.naP2x7/_new  2019-04-15 12:35:29.010107231 +0200
@@ -1,2 +1,2 @@
-REV=ed39a05717aa
+REV=37ecfd08ffee
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-04-02 09:19:23

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.25356 (New)


Package is "MozillaFirefox"

Tue Apr  2 09:19:23 2019 rev:285 rq:690057 version:66.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-03-27 16:12:43.739647259 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.25356/MozillaFirefox.changes 
2019-04-02 09:19:37.328571534 +0200
@@ -1,0 +2,25 @@
+Thu Mar 28 19:01:41 UTC 2019 - Manfred Hollstein 
+
+- Mozilla Firefox 66.0.2
+  * Fixed Web compatibility issues with Office 365, iCloud and
+IBM WebMail caused by recent changes to the handling of
+keyboard events (bmo#1538966)
+  * Crash fixes (bmo#1521370, bmo#1539118)
+
+---
+Thu Mar 28 09:58:36 UTC 2019 - Guillaume GARDET 
+
+- Add patch to fix aarch64 build:
+  * mozilla-fix-aarch64-libopus.patch (bmo#1539737)
+
+---
+Fri Mar 22 22:22:08 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 66.0.1
+  MFSA 2019-09 (bsc#1130262)
+  * CVE-2019-9810 (bmo#1537924)
+IonMonkey MArraySlice has incorrect alias information
+  * CVE-2019-9813 (bmo#1538006)
+Ionmonkey type confusion with __proto__ mutations
+
+---

Old:

  firefox-66.0.source.tar.xz
  firefox-66.0.source.tar.xz.asc
  l10n-66.0.tar.xz

New:

  firefox-66.0.2.source.tar.xz
  firefox-66.0.2.source.tar.xz.asc
  l10n-66.0.2.tar.xz
  mozilla-fix-aarch64-libopus.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.xEuUWh/_old  2019-04-02 09:20:01.904583782 +0200
+++ /var/tmp/diff_new_pack.xEuUWh/_new  2019-04-02 09:20:01.908583786 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  66
-%define mainver%major.0
-%define orig_version   66.0
+%define mainver%major.0.2
+%define orig_version   66.0.2
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190314174725
+%define releasedate20190326175229
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that
@@ -163,6 +163,7 @@
 Patch7: mozilla-aarch64-startup-crash.patch
 Patch9: mozilla-bmo1463035.patch
 Patch10:mozilla-cubeb-noreturn.patch
+Patch11:mozilla-fix-aarch64-libopus.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -269,6 +270,7 @@
 %patch7 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.xEuUWh/_old  2019-04-02 09:20:02.088583954 +0200
+++ /var/tmp/diff_new_pack.xEuUWh/_new  2019-04-02 09:20:02.092583958 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="164a57c0cdf0088e786e6b966e34fdd3799671d1"
-VERSION="66.0"
+RELEASE_TAG="ed39a05717aaba84fa217aada9bc2ce77cf98e11"
+VERSION="66.0.2"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-66.0.source.tar.xz -> firefox-66.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-66.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.25356/firefox-66.0.2.source.tar.xz
 differ: char 15, line 1

++ l10n-66.0.tar.xz -> l10n-66.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-66.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.25356/l10n-66.0.2.tar.xz differ: 
char 25, line 1

++ mozilla-fix-aarch64-libopus.patch ++
--- firefox-66.0.1.orig/media/libopus/silk/arm/arm_silk_map.c   2019-03-22 
06:05:57.0 +0100
+++ firefox-66.0.1/media/libopus/silk/arm/arm_silk_map.c2019-03-28 
09:35:28.604948775 +0100
@@ -28,7 +28,7 @@ POSSIBILITY OF SUCH DAMAGE.
 # include "config.h"
 #endif
 
-#include "main_FIX.h"
+#include "../fixed/main_FIX.h"
 #include "NSQ.h"
 #include "SigProc_FIX.h"
 
++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.xEuUWh/_old  2019-04-02 09:20:02.312584165 +0200
+++ /var/tmp/diff_new_pack.xEuUWh/_new  2019-04-02 09:20:02.312584165 +0200
@@ -1,2 +1,2 @@
-REV=164a57c0cdf0
+REV=ed39a05717aa
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-03-27 16:12:40

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.25356 (New)


Package is "MozillaFirefox"

Wed Mar 27 16:12:40 2019 rev:284 rq:686793 version:66.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-03-08 11:02:09.912533496 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.25356/MozillaFirefox.changes 
2019-03-27 16:12:43.739647259 +0100
@@ -1,0 +2,80 @@
+Sun Mar 17 10:08:51 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 66.0
+  * Increased content processes to 8
+  * Added capability to search through open tabs from the tab overflow menu
+  * New backend for the storage.local WebExtensions API, providing
+I/O performance improvements when the extension updates a small
+subset of the stored data
+  * WebExtension keyboard shortcuts can now be managed or overridden
+from about:addons
+  * Improved scrolling behavior: Firefox will now attempt to keep content
+from jumping around while a page is loading by supporting scroll
+anchoring
+  * New about:privatebrowsing with search
+  * A certificate error page now notifies the user of the name of the
+certificate issuer that breaks HTTPs connections on intercepted
+connections to help troubleshooting possible anti-virus software
+issues.
+  * Fixed an performance issue some Linux users experienced with the
+Downloads panel (bmo#1517101)
+  * Firefox now blocks all autoplay media with sound by default. Users
+can add individual sites to an exceptions list or turn the blocking
+off.
+  * System title bar is hidden by default to match Gnome guideline
+  MFSA 2019-07 (bsc#1129821)
+  * CVE-2019-9790 (bmo#1525145)
+Use-after-free when removing in-use DOM elements
+  * CVE-2019-9791 (bmo#1530958)
+Type inference is incorrect for constructors entered through on-stack
+replacement with IonMonkey
+  * CVE-2019-9792 (bmo#1532599)
+IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
+  * CVE-2019-9793 (bmo#1528829)
+Improper bounds checks when Spectre mitigations are disabled
+  * CVE-2019-9794 (bmo#1530103) (Windows only)
+Command line arguments not discarded during execution
+  * CVE-2019-9795 (bmo#1514682)
+Type-confusion in IonMonkey JIT compiler
+  * CVE-2019-9796 (bmo#1531277)
+Use-after-free with SMIL animation controller
+  * CVE-2019-9797 (bmo#1528909)
+Cross-origin theft of images with createImageBitmap
+  * CVE-2019-9798 (bmo#1527534) (Android only)
+Library is loaded from world writable APITRACE_LIB location
+  * CVE-2019-9799 (bmo#1505678)
+Information disclosure via IPC channel messages
+  * CVE-2019-9801 (bmo#1527717) (Windows only)
+Windows programs that are not 'URL Handlers' are exposed to web content
+  * CVE-2019-9802 (bmo#1415508)
+Chrome process information leak
+  * CVE-2019-9803 (bmo#1515863, bmo#1437009)
+Upgrade-Insecure-Requests incorrectly enforced for same-origin navigation
+  * CVE-2019-9804 (bmo#1518026) (MacOS only)
+Code execution through 'Copy as cURL' in Firefox Developer Tools on macOS
+  * CVE-2019-9805 (bmo#1521360)
+Potential use of uninitialized memory in Prio
+  * CVE-2019-9806 (bmo#1525267)
+Denial of service through successive FTP authorization prompts
+  * CVE-2019-9807 (bmo#1362050)
+Text sent through FTP connection can be incorporated into alert messages
+  * CVE-2019-9809 (bmo#1282430, bmo#1523249)
+Denial of service through FTP modal alert error messages
+  * CVE-2019-9808 (bmo#1434634)
+WebRTC permissions can display incorrect origin with data: and blob: URLs
+  * CVE-2019-9789 bmo#1520483, bmo#1522987, bmo#1528199, bmo#1519337,
+bmo#1525549, bmo#1516179, bmo#1518524, bmo#1518331, bmo#1526579,
+bmo#1512567, bmo#1524335, bmo#1448505, bmo#1518821
+Memory safety bugs fixed in Firefox 66
+  * CVE-2019-9788 bmo#1518001, bmo#1521304, bmo#1521214, bmo#1506665,
+bmo#1516834, bmo#1518774, bmo#1524755, bmo#1523362, bmo#1524214, 
bmo#1529203
+Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6
+- updated build/runtime requirements
+  * mozilla-nss >= 3.42.1
+  * cargo/rust >= 1.31
+  * rust-cbindgen >= 0.6.8
+  * nasm >= 2.13 (new)
+- removed obsolete patch
+  * mozilla-bmo256180.patch
+
+---

Old:

  firefox-65.0.1.source.tar.xz
  firefox-65.0.1.source.tar.xz.asc
  l10n-65.0.1.tar.xz
  mozilla-bmo256180.patch

New:

  firefox-66.0.source.tar.xz
  firefox-66.0.source.tar.xz.asc
  l10n-66.0.tar.xz



Other differences:
--
++ 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-03-08 11:02:03

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833 (New)


Package is "MozillaFirefox"

Fri Mar  8 11:02:03 2019 rev:283 rq:682354 version:65.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-02-25 17:46:24.682881527 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833/MozillaFirefox.changes 
2019-03-08 11:02:09.912533496 +0100
@@ -1,0 +2,6 @@
+Tue Mar  5 10:17:01 UTC 2019 - Stephan Kulow 
+
+- Do not hardcode nodejs8 but leave the prefer to the distribution
+  (Tumbleweed staging wants to switch to nodejs10)
+
+---



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.EjHC70/_old  2019-03-08 11:02:17.780532241 +0100
+++ /var/tmp/diff_new_pack.EjHC70/_new  2019-03-08 11:02:17.784532240 +0100
@@ -79,7 +79,7 @@
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.20
 BuildRequires:  mozilla-nss-devel >= 3.41
-BuildRequires:  nodejs8 >= 8.11
+BuildRequires:  nodejs >= 8.11
 BuildRequires:  python-devel
 BuildRequires:  python2-xml
 BuildRequires:  python3 >= 3.5

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-02-25 17:46:18

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833 (New)


Package is "MozillaFirefox"

Mon Feb 25 17:46:18 2019 rev:282 rq:676563 version:65.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2019-02-06 15:44:40.183359346 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833/MozillaFirefox.changes 
2019-02-25 17:46:24.682881527 +0100
@@ -1,0 +2,35 @@
+Fri Feb 15 13:45:57 UTC 2019 - Guillaume GARDET 
+
+- Update _constraints to avoid 'no space left' error seen on aarch64
+
+---
+Wed Feb 13 07:17:28 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 65.0.1
+  * Fixed accidental requests to addons.mozilla.org when an addon
+recommendation doorhanger is shown (bmo#1526387)
+  * Improved playback of interactive Netflix videos (bmo#1524500)
+  * Fixed incorrect sizing of the "Clear Recent History" window in
+some situations (bmo#1523696)
+  * Fixed audio & video delays while making WebRTC calls
+(bmo#1521577, bmo#1523817)
+  * Fixed video sizing problems during some WebRTC calls (bmo#1520200)
+  * Fixed looping CONNECT requests when using WebSockets over HTTP/2
+from behind a proxy server (bmo#1523427)
+  * Fixed the "Enter" key not working on password entry fields for
+certain Linux distributions (bmo#1523635)
+  MFSA 2019-04 (bsc#1125330)
+  * CVE-2018-18356 bmo#1525817
+Use-after-free in Skia
+  * CVE-2019-5785 bmo#1525433
+Integer overflow in Skia
+  * CVE-2018-18511 bmo#1526218
+Cross-origin theft of images with ImageBitmapRenderingContext
+
+---
+Wed Feb 13 06:12:43 UTC 2019 - Martin Liška 
+
+- Enable LTO only for latest new toolchain (boo#1125038) for x86_64
+  (with increased memory constraints)
+
+---

Old:

  firefox-65.0.source.tar.xz
  firefox-65.0.source.tar.xz.asc
  l10n-65.0.tar.xz

New:

  firefox-65.0.1.source.tar.xz
  firefox-65.0.1.source.tar.xz.asc
  l10n-65.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.dDrNvc/_old  2019-02-25 17:46:50.958870736 +0100
+++ /var/tmp/diff_new_pack.dDrNvc/_new  2019-02-25 17:46:50.966870733 +0100
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  65
-%define mainver%major.0
-%define orig_version   65.0
+%define mainver%major.0.1
+%define orig_version   65.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20190124174741
+%define releasedate2019021125
 %define source_prefix  firefox-%{orig_version}
 
 # always build with GCC as SUSE Security Team requires that
@@ -380,6 +380,12 @@
 %ifarch aarch64 %arm s390x
 ac_add_options --disable-webrtc
 %endif
+%ifarch x86_64
+# LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506)
+%if 0%{?suse_version} > 1500
+ac_add_options --enable-lto
+%endif
+%endif
 EOF
 ./mach build
 

++ _constraints ++
--- /var/tmp/diff_new_pack.dDrNvc/_old  2019-02-25 17:46:51.058870695 +0100
+++ /var/tmp/diff_new_pack.dDrNvc/_new  2019-02-25 17:46:51.058870695 +0100
@@ -2,7 +2,7 @@
 
   
 
-  20
+  22
 
 
   8
@@ -20,4 +20,14 @@
   
 
   
+  
+
+  x86_64
+
+
+  
+16
+  
+
+  
 

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.dDrNvc/_old  2019-02-25 17:46:51.134870664 +0100
+++ /var/tmp/diff_new_pack.dDrNvc/_new  2019-02-25 17:46:51.134870664 +0100
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="896611703c2b8f04f596ebcb09e612b7ab06eea3"
-VERSION="65.0"
+RELEASE_TAG="1ea7b51ef5bb91bdc34fb7406fd4d35ed7961363"
+VERSION="65.0.1"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-65.0.source.tar.xz -> firefox-65.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-65.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833/firefox-65.0.1.source.tar.xz
 differ: char 15, line 1

++ l10n-65.0.tar.xz -> l10n-65.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-65.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833/l10n-65.0.1.tar.xz differ: 
char 26, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.dDrNvc/_old  2019-02-25 17:46:51.334870582 +0100
+++ 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2019-02-06 15:44:38

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833 (New)


Package is "MozillaFirefox"

Wed Feb  6 15:44:38 2019 rev:281 rq:670835 version:65.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-12-19 13:28:05.601034995 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833/MozillaFirefox.changes 
2019-02-06 15:44:40.183359346 +0100
@@ -1,0 +2,73 @@
+Sat Jan 26 22:37:01 UTC 2019 - Wolfgang Rosenauer 
+
+- Mozilla Firefox 65.0
+  * Enhanced tracking protection
+  * allow switching of UI locales within preferences
+  * support for the WebP image format
+  * "top"-like about:performance
+  MFSA 2019-01 (bsc#1122983)
+  * CVE-2018-18500 bmo#1510114
+Use-after-free parsing HTML5 stream
+  * CVE-2018-18503 bmo#1509442
+Memory corruption with Audio Buffer
+  * CVE-2018-18504 bmo#1496413
+Memory corruption and out-of-bounds read of texture client
+  * CVE-2018-18505 bmo#1497749
+Privilege escalation through IPC channel messages
+  * CVE-2018-18506 bmo#1503393
+Proxy Auto-Configuration file can define localhost access to be proxied
+  * CVE-2018-18502 bmo#1499426 bmo#1480090 bmo#1472990 bmo#1514762
+bmo#1501482 bmo#1505887 bmo#1508102 bmo#1508618 bmo#1511580
+bmo#1493497 bmo#1510145 bmo#1516289 bmo#1506798 bmo#1512758
+Memory safety bugs fixed in Firefox 65
+  * CVE-2018-18501 bmo#1512450 bmo#1517542 bmo#1513201 bmo#1460619
+bmo#1502871 bmo#1516738 bmo#1516514
+Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5
+- requires
+  NSS 3.41
+  rust/carge 1.30
+  rust-cbindgen 0.6.7
+- rebased patches
+- remove workaround for build memory consumption on i586; other
+  mitigations meanwhile introduced (mainly parallelity) will be
+  sufficient
+  mozilla-reduce-files-per-UnifiedBindings.patch
+
+---
+Tue Jan 15 14:32:03 UTC 2019 - Martin Liška 
+
+- Increase disk constraint.
+
+---
+Mon Jan 14 12:12:12 UTC 2019 - Martin Liška 
+
+- Remove -v from mach build in order to work-around bmo#1500436.
+
+---
+Fri Jan 11 15:07:14 UTC 2019 - Martin Liška 
+
+- Set %clang_build to false on all architectures
+- Do not use -fno-delete-null-pointer-checks and -fno-strict-aliasing:
+  it should not be needed anymore
+- Do not overwrite enable-optimize and when possible
+  enable --enable-debug-symbols.
+- Add -v to mach in order to make build verbose.
+
+---
+Wed Jan  9 22:40:14 UTC 2019 - astie...@suse.com
+
+- Mozilla Firefox 64.0.2:
+  * Update the Japanese translation for missing strings (bmo#1513259)
+  * Properly restore column sizes in developer tools inspector (bmo#1503175)
+  * Fixed video stuttering on Youtube (bmo#1513511)
+  * Fix updates for some lightweight themes (bmo#1508777)
+
+---
+Tue Dec 18 14:46:41 UTC 2018 - Guillaume GARDET 
+
+- Enable build_hardened for all architectures
+- Switch back aarch64 to clang as '-fPIC' fixes bmo#1513605
+- Remove obolete '--enable-pie' as -pie is always enabled for
+  gcc and clang
+
+---

Old:

  firefox-64.0.source.tar.xz
  firefox-64.0.source.tar.xz.asc
  l10n-64.0.tar.xz
  mozilla-reduce-files-per-UnifiedBindings.patch

New:

  firefox-65.0.source.tar.xz
  firefox-65.0.source.tar.xz.asc
  l10n-65.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.jIEnbY/_old  2019-02-06 15:45:05.139344152 +0100
+++ /var/tmp/diff_new_pack.jIEnbY/_new  2019-02-06 15:45:05.143344149 +0100
@@ -1,8 +1,8 @@
 #
 # spec file for package MozillaFirefox
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
-#   2006-2018 Wolfgang Rosenauer
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+#   2006-2019 Wolfgang Rosenauer
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,29 +18,20 @@
 
 
 # changed with every update
-%define major  64
+%define major  65
 %define mainver%major.0
-%define orig_version   64.0
+%define orig_version   65.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20181206201918
+%define releasedate 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-12-19 13:28:04

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833 (New)


Package is "MozillaFirefox"

Wed Dec 19 13:28:04 2018 rev:280 rq:657819 version:64.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-11-28 11:11:17.539076355 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.28833/MozillaFirefox.changes 
2018-12-19 13:28:05.601034995 +0100
@@ -1,0 +2,70 @@
+Wed Dec 12 17:33:29 UTC 2018 - Guillaume GARDET 
+
+- Switch aarch64 builds back to gcc, not clang (bmo#1513605)
+- Switch %arm builds back to gcc, not clang to avoid OOM
+- Fix build flags when clang is not used
+- Fix flags for clang ppc64 builds
+
+---
+Tue Dec 11 08:45:56 UTC 2018 - Wolfgang Rosenauer 
+
+- update to Firefox 64.0
+  * Better recommendations: You may see suggestions in regular browsing
+mode for new and relevant Firefox features, services, and extensions
+based on how you use the web (for US users only)
+  * Enhanced tab management: You can now select multiple tabs from the
+tab bar and close, move, bookmark, or pin them quickly and easily
+  * Easier performance management: The new Task Manager page found at
+about:performance lets you see how much energy each open tab consumes
+and provides access to close tabs to conserve power
+  * Improved performance for Mac and Linux users, by enabling link time
+optimization (Clang LTO).
+  * Added option to remove add-ons using the context menu on their
+toolbar buttons
+  * RSS feed preview and live bookmarks are available only via add-ons
+  * TLS certificates issued by Symantec are no longer trusted by Firefox.
+Website operators are strongly encouraged to replace any remaining
+Symantec TLS certificates as soon as possible
+  MFSA 2018-29 (bsc#1119105)
+  * CVE-2018-12407 bmo#1505973
+Buffer overflow with ANGLE library when using VertexBuffer11 module
+  * CVE-2018-17466 bmo#1488295
+Buffer overflow and out-of-bounds read in ANGLE library with
+TextureStorage11
+  * CVE-2018-18492 bmo#1499861
+Use-after-free with select element
+  * CVE-2018-18493 bmo#1504452
+Buffer overflow in accelerated 2D canvas with Skia
+  * CVE-2018-18494 bmo#1487964
+Same-origin policy violation using location attribute and
+performance.getEntries to steal cross-origin URLs
+  * CVE-2018-18495 bmo#1427585
+WebExtension content scripts can be loaded in about: pages
+  * CVE-2018-18496 bmo#1422231 (Windows only)
+Embedded feed preview page can be abused for clickjacking
+  * CVE-2018-18497 bmo#1488180
+WebExtensions can load arbitrary URLs through pipe separators
+  * CVE-2018-18498 bmo#1500011
+Integer overflow when calculating buffer sizes for images
+  * CVE-2018-12406 bmo#1456947 bmo#1475669 bmo#1504816 bmo#1502886
+bmo#1500064 bmo#1500310 bmo#1500696 bmo#1498765 bmo#1499198 bmo#1434490
+bmo#1481745 bmo#1458129
+Memory safety bugs fixed in Firefox 64
+  * CVE-2018-12405 bmo#1494752 bmo#1503326 bmo#1505181 bmo#1500759
+bmo#1504365 bmo#1506640 bmo#1503082 bmo#1502013 bmo#1510471
+Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4
+- requires
+  * rust/cargo >= 1.29
+  * mozilla-nss >= 3.40.1
+  * rust-cbindgen >= 0.6.4
+- rebased patches
+- removed obsolete patch
+  * mozilla-bmo1491289.patch
+- now uses clang primarily for compilation
+
+---
+Wed Nov 28 11:07:18 UTC 2018 - Guillaume GARDET 
+
+- Remove --disable-elf-hack when not available: on aarch64 and ppc64*
+
+---

Old:

  firefox-63.0.3.source.tar.xz
  firefox-63.0.3.source.tar.xz.asc
  l10n-63.0.3.tar.xz
  mozilla-bmo1491289.patch

New:

  firefox-64.0.source.tar.xz
  firefox-64.0.source.tar.xz.asc
  l10n-64.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Stuiuh/_old  2018-12-19 13:28:59.904964040 +0100
+++ /var/tmp/diff_new_pack.Stuiuh/_new  2018-12-19 13:28:59.908964035 +0100
@@ -18,17 +18,29 @@
 
 
 # changed with every update
-%define major  63
-%define mainver%major.0.3
-%define orig_version   63.0.3
+%define major  64
+%define mainver%major.0
+%define orig_version   64.0
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20181114214635
+%define releasedate20181206201918
 %define source_prefix  firefox-%{orig_version}
 
+# use 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-11-28 11:10:42

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new.19453 (New)


Package is "MozillaFirefox"

Wed Nov 28 11:10:42 2018 rev:279 rq:651985 version:63.0.3

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-10-09 15:51:47.194451891 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.19453/MozillaFirefox.changes 
2018-11-28 11:11:17.539076355 +0100
@@ -1,0 +2,96 @@
+Mon Nov 26 09:46:02 UTC 2018 - Guillaume GARDET 
+
+- Clean-up %arm build
+
+---
+Sun Nov 18 11:01:21 UTC 2018 - manfre...@gmx.net
+
+- update to Firefox 63.0.3
+  * Games using WebGL (created in Unity) get stuck after very short
+time of gameplay (bmo#1502748)
+  * Slow page loading for some users with specific proxy configurations
+(bmo#1495024)
+  * Disable HTTP response throttling by default for causing bugs with
+videos in background tabs (bmo#1503354)
+  * Opening magnet links no longer works (bmo#1498934)
+  * Crash fixes (bmo#1498510, bmo#1503424)
+- removed mozilla-newer-cbindgen.patch; no longer needed
+
+---
+Thu Nov  8 14:59:13 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 63.0.1
+  * Snippets are not loaded due to missing element (bmo#1503047)
+  * Print preview always shows 30& scale when it is actually
+Shrink To Fit (bmo#1501952)
+  * Dialog displayed when closing multiple windows shows unreplaced
+%1$S placeholder in Japanese and potentially other locales
+(bmo#1500823)
+
+---
+Mon Oct 29 14:07:51 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 63.0
+  * WebExtensions now run in their own process on Linux
+  * The Ctrl+Tab shortcut now displays thumbnail previews of your
+tabs and cycles through tabs in recently used order. This new
+default behavior is activated only in new profiles and can be
+changed in preferences.
+  * Added support for Web Components custom elements and shadow DOM
+  MFSA 2018-26 (bsc#1112852)
+  * CVE-2018-12391 (bmo#1478843) (Android-only)
+HTTP Live Stream audio data is accessible cross-origin
+  * CVE-2018-12392 (bmo#1492823)
+Crash with nested event loops
+  * CVE-2018-12393 (bmo#1495011) (only affects non-64-bit archs)
+Integer overflow during Unicode conversion while loading JavaScript
+  * CVE-2018-12395 (bmo#1467523)
+WebExtension bypass of domain restrictions through header rewriting
+  * CVE-2018-12396 (bmo#1483602)
+WebExtension content scripts can execute in disallowed contexts
+  * CVE-2018-12397 (bmo#1487478)
+Missing warning prompt when WebExtension requests local file access
+  * CVE-2018-12398 (bmo#1460538, bmo#1488061)
+CSP bypass through stylesheet injection in resource URIs
+  * CVE-2018-12399 (bmo#1490276)
+Spoofing of protocol registration notification bar
+  * CVE-2018-12400 (bmo#1448305) (Android only)
+Favicons are cached in private browsing mode on Firefox for Android
+  * CVE-2018-12401 (bmo#1422456)
+DOS attack through special resource URI parsing
+  * CVE-2018-12402 (bmo#1469916)
+SameSite cookies leak when pages are explicitly saved
+  * CVE-2018-12403 (bmo#1484753)
+Mixed content warning is not displayed when HTTPS page loads a favicon 
over HTTP
+  * CVE-2018-12388 (bmo#1472639, bmo#1485698, bmo#1301547, bmo#1471427,
+bmo#1379411, bmo#1482122, bmo#1486314, bmo#1487167)
+Memory safety bugs fixed in Firefox 63
+  * CVE-2018-12390 (bmo#1487098, bmo#1487660, bmo#1490234, bmo#1496159,
+bmo#1443748, bmo#1496340, bmo#1483905, bmo#1493347, bmo#1488803,
+bmo#1498701, bmo#1498482, bmo#1442010, bmo#1495245, bmo#1483699,
+bmo#1469486, bmo#1484905, bmo#1490561, bmo#1492524, bmo#1481844)
+Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
+- requires NSPR 4.20, NSS 3.39 and Rust 1.28
+- latest rust does not provide rust-std so stop requiring it
+- requires rust-cbindgen >= 0.6.2 to build
+- requires nodejs >= 8.11 to build
+- added mozilla-bmo1491289.patch to fix system NSS build (bmo#1491289)
+- added mozilla-cubeb-noreturn.patch to fix non-return function
+- added mozilla-newer-cbindgen.patch to fix build with cbindgen 0.6.7
+- disable elfhack for TW and newer due to build errors
+- removed obsolete patches
+  * mozilla-no-return.patch
+  * mozilla-no-stdcxx-check.patch
+
+---
+Thu Oct 25 14:39:04 UTC 2018 - guillaume.gar...@opensuse.org
+
+- Update _constraints for armv6/7
+

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-10-09 15:51:35

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Oct  9 15:51:35 2018 rev:278 rq:639752 version:62.0.3

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-10-02 19:43:32.798068842 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-10-09 15:51:47.194451891 +0200
@@ -1,0 +2,11 @@
+Tue Oct  2 21:28:31 UTC 2018 - astie...@suse.com
+
+- Mozilla Firefox 62.0.3:
+  MFSA 2018-24
+  * CVE-2018-12386 (bsc#1110506, bmo#1493900)
+Type confusion in JavaScript allowed remote code execution
+  * CVE-2018-12387 (bsc#1110507, bmo#1493903)
+Array.prototype.push stack pointer vulnerability may enable
+exploits in the sandboxed content process
+
+---

Old:

  firefox-62.0.2.source.tar.xz
  firefox-62.0.2.source.tar.xz.asc
  l10n-62.0.2.tar.xz

New:

  firefox-62.0.3.source.tar.xz
  firefox-62.0.3.source.tar.xz.asc
  l10n-62.0.3.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.nv7COZ/_old  2018-10-09 15:53:01.506363923 +0200
+++ /var/tmp/diff_new_pack.nv7COZ/_new  2018-10-09 15:53:01.506363923 +0200
@@ -13,18 +13,18 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 
 
 # changed with every update
 %define major  62
-%define mainver%major.0.2
-%define orig_version   62.0.2
+%define mainver%major.0.3
+%define orig_version   62.0.3
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate2018092100
+%define releasedate2018100200
 %define source_prefix  firefox-%{orig_version}
 
 # PIE, full relro (x86_64 for now)

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.nv7COZ/_old  2018-10-09 15:53:01.630363776 +0200
+++ /var/tmp/diff_new_pack.nv7COZ/_new  2018-10-09 15:53:01.630363776 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="150c70d39363b57ea4e92fbbd900b338f09177d6"
-VERSION="62.0.2"
+RELEASE_TAG="c9ed11ae5c79df3dcb69075e1c9da0317d1ecb1b"
+VERSION="62.0.3"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-62.0.2.source.tar.xz -> firefox-62.0.3.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-62.0.2.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-62.0.3.source.tar.xz 
differ: char 15, line 1

++ l10n-62.0.2.tar.xz -> l10n-62.0.3.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-62.0.2.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-62.0.3.tar.xz differ: char 
15, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.nv7COZ/_old  2018-10-09 15:53:01.786363591 +0200
+++ /var/tmp/diff_new_pack.nv7COZ/_new  2018-10-09 15:53:01.786363591 +0200
@@ -1,2 +1,2 @@
-REV=150c70d39363
+REV=c9ed11ae5c79
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-10-02 19:43:30

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Oct  2 19:43:30 2018 rev:277 rq:637781 version:62.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-08-17 23:58:15.422029698 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-10-02 19:43:32.798068842 +0200
@@ -1,0 +2,64 @@
+Sat Sep 22 09:03:53 UTC 2018 - astie...@suse.com
+
+- Mozilla Firefox 62.0.2:
+  MFSA 2018-22
+  * CVE-2018-12385 (boo#1109363, bmo#1490585)
+Crash in TransportSecurityInfo due to cached data
+  * Unvisited bookmarks can once again be autofilled in the address
+bar
+  * Fix WebGL rendering issues
+  * Fix fallback on startup when a language pack is missing
+  * Avoid crash when sharing a profile with newer (as yet
+unreleased) versions of Firefox
+  * Do not undo removal of search engines when using a language
+pack
+  * Fixed rendering of some web sites
+  * Restored compatibility with some sites using deprecated TLS
+settings
+- disable rust debug symbols to fix build on %ix86
+
+---
+Mon Sep  3 10:47:43 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 62.0
+  * Firefox Home (the default New Tab) now allows users to display
+up to 4 rows of top sites, Pocket stories, and highlights
+  * "Reopen in Container" tab menu option appears for users with
+Containers that lets them choose to reopen a tab in a different
+container
+  * In advance of removing all trust for Symantec-issued certificates
+in Firefox 63, a preference was added that allows users to distrust
+certificates issued by Symantec. To use this preference, go to
+about:config in the address bar and set the preference
+"security.pki.distrust_ca_policy" to 2.
+  * Support for CSS Shapes, allowing for richer web page layouts.
+This goes hand in hand with a brand new Shape Path Editor in the
+CSS inspector.
+  * CSS Variable Fonts (OpenType Font Variations) support, which makes
+it possible to create beautiful typography with a single font file
+  * Added Canadian English (en-CA) locale
+  MFSA 2018-20 (bsc#1107343)
+  * CVE-2018-12377 (bmo#1470260)
+Use-after-free in refresh driver timers
+  * CVE-2018-12378 (bmo#1459383)
+Use-after-free in IndexedDB
+  * CVE-2018-12379 (bmo#1473113) (updater is disabled for us)
+Out-of-bounds write with malicious MAR file
+  * CVE-2017-16541 (bmo#1412081)
+Proxy bypass using automount and autofs
+  * CVE-2018-12381 (bmo#1435319)
+Dragging and dropping Outlook email message results in page navigation
+  * CVE-2018-12382 (bmo#1479311) (Android only)
+Addressbar spoofing with javascript URI on Firefox for Android
+  * CVE-2018-12383 (bmo#1475775)
+Setting a master password post-Firefox 58 does not delete
+unencrypted previously stored passwords
+  * CVE-2018-12375
+Memory safety bugs fixed in Firefox 62
+  * CVE-2018-12376
+Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
+- requires NSS >= 3.38
+- removed obsolete patch
+  mozilla-bmo1464766.patch
+
+---

Old:

  firefox-61.0.2.source.tar.xz
  firefox-61.0.2.source.tar.xz.asc
  l10n-61.0.2.tar.xz
  mozilla-bmo1464766.patch

New:

  firefox-62.0.2.source.tar.xz
  firefox-62.0.2.source.tar.xz.asc
  l10n-62.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.bBasZo/_old  2018-10-02 19:44:09.854031214 +0200
+++ /var/tmp/diff_new_pack.bBasZo/_new  2018-10-02 19:44:09.858031211 +0200
@@ -13,18 +13,18 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
 # changed with every update
-%define major  61
+%define major  62
 %define mainver%major.0.2
-%define orig_version   61.0.2
+%define orig_version   62.0.2
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20180807170231
+%define releasedate2018092100
 %define source_prefix  firefox-%{orig_version}
 
 # PIE, full relro (x86_64 for now)
@@ -75,7 +75,7 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.19
-BuildRequires:  mozilla-nss-devel >= 3.37.3
+BuildRequires: 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-08-17 23:58:11

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Fri Aug 17 23:58:11 2018 rev:276 rq:628536 version:61.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-07-13 10:18:51.918277492 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-08-17 23:58:15.422029698 +0200
@@ -1,0 +2,11 @@
+Thu Aug  9 14:22:00 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 61.0.2
+  * Improved website rendering with the Retained Display List feature
+enabled (bmo#1474402)
+  * Fixed broken DevTools panels with certain extensions installed
+(bmo#1474379)
+  * Fixed a crash for users with some accessibility tools enabled
+(bmo#1474007)
+
+---

Old:

  firefox-61.0.1.source.tar.xz
  firefox-61.0.1.source.tar.xz.asc
  l10n-61.0.1.tar.xz

New:

  firefox-61.0.2.source.tar.xz
  firefox-61.0.2.source.tar.xz.asc
  l10n-61.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.k7w2bo/_old  2018-08-17 23:59:30.066251741 +0200
+++ /var/tmp/diff_new_pack.k7w2bo/_new  2018-08-17 23:59:30.102251848 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  61
-%define mainver%major.0.1
-%define orig_version   61.0.1
+%define mainver%major.0.2
+%define orig_version   61.0.2
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20180705003100
+%define releasedate20180807170231
 %define source_prefix  firefox-%{orig_version}
 
 # PIE, full relro (x86_64 for now)

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.k7w2bo/_old  2018-08-17 23:59:31.478255944 +0200
+++ /var/tmp/diff_new_pack.k7w2bo/_new  2018-08-17 23:59:31.490255979 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_61_0_1_RELEASE"
-VERSION="61.0.1"
+RELEASE_TAG="FIREFOX_61_0_2_RELEASE"
+VERSION="61.0.2"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-61.0.1.source.tar.xz -> firefox-61.0.2.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-61.0.1.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-61.0.2.source.tar.xz 
differ: char 15, line 1

++ l10n-61.0.1.tar.xz -> l10n-61.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-61.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-61.0.2.tar.xz differ: char 
8, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.k7w2bo/_old  2018-08-17 23:59:32.906260195 +0200
+++ /var/tmp/diff_new_pack.k7w2bo/_new  2018-08-17 23:59:32.906260195 +0200
@@ -1,2 +1,2 @@
-REV=7d280b7e277b
+REV=975058795980
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-07-13 10:18:47

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Fri Jul 13 10:18:47 2018 rev:275 rq:621751 version:61.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-07-04 23:51:24.428138834 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-07-13 10:18:51.918277492 +0200
@@ -1,0 +2,16 @@
+Mon Jul  9 07:22:09 UTC 2018 - astie...@suse.com
+
+- Mozilla Firefox 61.0.1:
+  * Fix missing content on the New Tab Page and the Home section of
+the Preferences page (bmo#1471375)
+  * Fixed loss of bookmarks under rare circumstances when upgrading
+from Firefox 60 (bmo#1472127)
+  * Improved playback of Twitch 1080p video streams (bmo#1469257)
+  * Web pages no longer lose focus when a browser popup window is
+opened (bmo#1471415)
+  * Re-allowed downloading files from FTP sites via the "Save Link
+As" option when linked from HTTP pages (bmo#1470295)
+  * Fixed extensions being unable to override the default homepage
+in certain situations (bmo#1466846)
+
+---

Old:

  firefox-61.0.source.tar.xz
  firefox-61.0.source.tar.xz.asc
  l10n-61.0.tar.xz

New:

  firefox-61.0.1.source.tar.xz
  firefox-61.0.1.source.tar.xz.asc
  l10n-61.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.wQinpr/_old  2018-07-13 10:20:33.538398622 +0200
+++ /var/tmp/diff_new_pack.wQinpr/_new  2018-07-13 10:20:33.542398626 +0200
@@ -19,12 +19,12 @@
 
 # changed with every update
 %define major  61
-%define mainver%major.0
-%define orig_version   61.0
+%define mainver%major.0.1
+%define orig_version   61.0.1
 %define orig_suffix%{nil}
 %define update_channel release
 %define branding   1
-%define releasedate20180621125625
+%define releasedate20180705003100
 %define source_prefix  firefox-%{orig_version}
 
 # PIE, full relro (x86_64 for now)

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.wQinpr/_old  2018-07-13 10:20:33.670398779 +0200
+++ /var/tmp/diff_new_pack.wQinpr/_new  2018-07-13 10:20:33.670398779 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="785d242a5b01d5f1094882aa2144d8e5e2791e06"
-VERSION="61.0"
+RELEASE_TAG="FIREFOX_61_0_1_RELEASE"
+VERSION="61.0.1"
 VERSION_SUFFIX=""
 LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
 

++ firefox-61.0.source.tar.xz -> firefox-61.0.1.source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-61.0.source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-61.0.1.source.tar.xz 
differ: char 15, line 1

++ l10n-61.0.tar.xz -> l10n-61.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-61.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-61.0.1.tar.xz differ: char 
8, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.wQinpr/_old  2018-07-13 10:20:33.794398927 +0200
+++ /var/tmp/diff_new_pack.wQinpr/_new  2018-07-13 10:20:33.794398927 +0200
@@ -1,2 +1,2 @@
-REV=785d242a5b01
+REV=7d280b7e277b
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-07-04 23:51:19

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Wed Jul  4 23:51:19 2018 rev:274 rq:619394 version:61.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-05-27 13:02:40.813231602 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-07-04 23:51:24.428138834 +0200
@@ -1,0 +2,85 @@
+Sat Jun 23 07:25:51 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 61.0
+  * Performance enhancements
+  * Various improvements for dark theme support will provide a more
+consistent experience across the entire Firefox UI
+  * OpenSearch plugins offered by web pages can now be added from the
+page action menu for easier installation
+  * Improved support for allowing WebExtensions to manage and hide tabs
+  MFSA 2018-15 (bsc#1098998)
+  * CVE-2018-12359 (bmo#1459162)
+Buffer overflow using computed size of canvas element
+  * CVE-2018-12360 (bmo#1459693)
+Use-after-free when using focus()
+  * CVE-2018-12361 (bmo#1463244)
+Integer overflow in SwizzleData
+  * CVE-2018-12358 (bmo#1467852)
+Same-origin bypass using service worker and redirection
+  * CVE-2018-12362 (bmo#1452375)
+Integer overflow in SSSE3 scaler
+  * CVE-2018-5156 (bmo#1453127)
+Media recorder segmentation fault when track type is changed during capture
+  * CVE-2018-12363 (bmo#1464784)
+Use-after-free when appending DOM nodes
+  * CVE-2018-12364 (bmo#1436241)
+CSRF attacks through 307 redirects and NPAPI plugins
+  * CVE-2018-12365 (bmo#1459206)
+Compromised IPC child process can list local filenames
+  * CVE-2018-12371 (bmo#1465686) 
+Integer overflow in Skia library during edge builder allocation
+  * CVE-2018-12366 (bmo#1464039)
+Invalid data handling during QCMS transformations
+  * CVE-2018-12367 (bmo#1462891)
+Timing attack mitigation of PerformanceNavigationTiming
+  * CVE-2018-12369 (bmo#1454909)
+WebExtension security permission checks bypassed by embedded experiments
+  * CVE-2018-12370 (bmo#1456652)
+SameSite cookie protections bypassed when exiting Reader View
+  * CVE-2018-5186 (bmo#1464872,bmo#1463329,bmo#1419373,bmo#1412882,
+bmo#1413033,bmo#1444673,bmo#1454448,bmo#1453505,bmo#1438671)
+Memory safety bugs fixed in Firefox 61
+  * CVE-2018-5187 (bmo#1461324,bmo#1414829,bmo#1395246,bmo#1467938,
+bmo#1461619,bmo#1425930,bmo#1438556,bmo#1454285,bmo#1459568,
+bmo#1463884)
+Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
+  * CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
+bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
+bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
+bmo#1464079,bmo#1463494,bmo#1458048)
+Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 
52.9
+- requires NSS 3.37.3
+- requires python >= 3.5 to build
+- removed obsolete patches
+  mozilla-i586-DecoderDoctorLogger.patch
+  mozilla-i586-domPrefs.patch
+  mozilla-fix-skia-aarch64.patch
+  mozilla-bmo1375074.patch
+  mozilla-enable-csd.patch
+- patch for new no-return warnings (mozilla-no-return.patch)
+- do not disable system installed locales (mozilla-bmo1464766.patch)
+
+---
+Fri Jun  8 10:52:13 UTC 2018 - bjorn@gmail.com
+
+- Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass
+  conditional --disable-gconf to configure: no longer pull in
+  obsolete gconf2 for Tumbleweed.
+
+---
+Thu Jun  7 12:11:06 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 60.0.2
+  * requires NSS 3.36.4
+  MFSA 2018-14 (bsc#1096449)
+  * CVE-2018-6126 (bmo#1462682)
+Heap buffer overflow rasterizing paths in SVG with Skia
+
+---
+Wed Jun  6 18:57:52 UTC 2018 - guillaume.gar...@opensuse.org
+
+- Add upstream patch to fix boo#1093059 instead of '-ffixed-x28'
+  workaround:
+  * mozilla-bmo1375074.patch
+
+---
@@ -6 +91 @@
-  (contributed by guilla...@arm.com)
+  (contributed by guillaume.gar...@arm.com)

Old:

  firefox-60.0.1.source.tar.xz
  firefox-60.0.1.source.tar.xz.asc
  l10n-60.0.1.tar.xz
  mozilla-enable-csd.patch
  mozilla-fix-skia-aarch64.patch
  mozilla-i586-DecoderDoctorLogger.patch
  mozilla-i586-domPrefs.patch

New:

  firefox-61.0.source.tar.xz
  firefox-61.0.source.tar.xz.asc
  l10n-61.0.tar.xz
  mozilla-bmo1464766.patch
  mozilla-no-return.patch

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-05-27 13:02:38

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Sun May 27 13:02:38 2018 rev:273 rq:612426 version:60.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-05-23 16:07:43.373012307 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-05-27 13:02:40.813231602 +0200
@@ -1,0 +2,7 @@
+Sat May 26 15:53:25 UTC 2018 - w...@rosenauer.org
+
+- fixed "open with" option under KDE (boo#1094747)
+- workaround crash on startup on aarch64 (boo#1093059)
+  (contributed by guilla...@arm.com)
+
+---



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.fiHyDe/_old  2018-05-27 13:02:48.192961567 +0200
+++ /var/tmp/diff_new_pack.fiHyDe/_new  2018-05-27 13:02:48.192961567 +0200
@@ -305,6 +305,10 @@
 %if 0%{?suse_version} > 1320
 export CFLAGS="$CFLAGS -fno-delete-null-pointer-checks"
 %endif
+%ifarch aarch64
+# Workaround crash on startup. boo#1093059
+export CFLAGS="$CFLAGS -ffixed-x28"
+%endif
 %ifarch %arm
 export CFLAGS="${CFLAGS/-g / }"
 %endif


++ mozilla-kde.patch ++
--- /var/tmp/diff_new_pack.fiHyDe/_old  2018-05-27 13:02:48.440952493 +0200
+++ /var/tmp/diff_new_pack.fiHyDe/_new  2018-05-27 13:02:48.440952493 +0200
@@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  9cc0c990890e64f69ed068cf1a4534535bcc50a7
+# Parent  d7a4d772ba2afb3ac43e2f2f234ffa55bcf50e70
 Description: Add KDE integration to Firefox (toolkit parts)
 Author: Wolfgang Rosenauer 
 Author: Lubos Lunak 
@@ -714,7 +714,7 @@
  this.mDialog.document.documentElement.getButton("accept").disabled = !ok;
},
  
-@@ -1066,30 +1066,57 @@ nsUnknownContentTypeDialog.prototype = {
+@@ -1066,30 +1066,60 @@ nsUnknownContentTypeDialog.prototype = {
  
if (params.handlerApp &&
params.handlerApp.executable &&
@@ -731,6 +731,12 @@
 -  let appChooserCallback = function appChooserCallback_done(aResult) {
 -if (aResult) {
 -   contentTypeDialogObj.chosenApp = 
aResult.QueryInterface(Ci.nsILocalHandlerApp);
+-}
+-contentTypeDialogObj.finishChooseApp();
+-  };
+-  appChooser.open(this.mLauncher.MIMEInfo.MIMEType, appChooserCallback);
+-  // The finishChooseApp is called from appChooserCallback
+-  return;
 +  // handle the KDE case which is implemented in the filepicker
 +  // therefore falling back to Gtk2 like behaviour if KDE is running
 +  // FIXME this should be better handled in the nsIApplicationChooser
@@ -739,28 +745,26 @@
 +  .getService(Components.interfaces.nsIEnvironment);
 +  if (env.get('KDE_FULL_SESSION') == "true")
 +  {
-+var nsIFilePicker = Components.interfaces.nsIFilePicker;
-+var fp = Components.classes["@mozilla.org/filepicker;1"]
-+   .createInstance(nsIFilePicker);
++var nsIFilePicker = Ci.nsIFilePicker;
++var fp = Cc["@mozilla.org/filepicker;1"]
++.createInstance(nsIFilePicker);
 +fp.init(this.mDialog,
 +
this.dialogElement("strings").getString("chooseAppFilePickerTitle"),
 +nsIFilePicker.modeOpen);
 +
 +fp.appendFilters(nsIFilePicker.filterApps);
 +
-+if (fp.show() == nsIFilePicker.returnOK && fp.file) {
-+  // Remember the file they chose to run.
-+  var localHandlerApp =
-+Components.classes["@mozilla.org/uriloader/local-handler-app;1"].
-+  
createInstance(Components.interfaces.nsILocalHandlerApp);
-+  localHandlerApp.executable = fp.file;
-+  this.chosenApp = localHandlerApp;
- }
--contentTypeDialogObj.finishChooseApp();
--  };
--  appChooser.open(this.mLauncher.MIMEInfo.MIMEType, appChooserCallback);
--  // The finishChooseApp is called from appChooserCallback
--  return;
++fp.open(aResult => {
++  if (aResult == nsIFilePicker.returnOK && fp.file) {
++// Remember the file they chose to run.
++var localHandlerApp =
++  Cc["@mozilla.org/uriloader/local-handler-app;1"].
++ createInstance(Ci.nsILocalHandlerApp);
++localHandlerApp.executable = fp.file;
++this.chosenApp = localHandlerApp;
++  }
++  this.finishChooseApp();
++});
 +  } else {
 +var nsIApplicationChooser = 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-05-23 16:07:38

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Wed May 23 16:07:38 2018 rev:272 rq:611510 version:60.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-05-11 11:26:45.463698832 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-05-23 16:07:43.373012307 +0200
@@ -1,0 +2,27 @@
+Wed May 23 08:49:09 UTC 2018 - guillaume.gar...@opensuse.org
+
+- Disable webrtc for aarch64 due to bmo#1434589
+- Add patch to fix skia build on AArch64:
+  * mozilla-fix-skia-aarch64.patch
+
+---
+Thu May 17 14:01:18 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 60.0.1
+  * Avoid overly long cycle collector pauses with some add-ons installed
+(bmo#1449033)
+  * After unckecking the "Sponsored Stories" option, the New Tab page
+now immediately stops displaying "Sponsored content" cards (bmo#1458906)
+  * On touchscreen devices, fixed momentum scrolling on non-zoomable pages
+(bmo#1457743)
+  * Use the right default background when opening tabs or windows in
+high contrast mode (bmo#1458956)
+  * Restored translations of the Preferences panels when using a
+language pack (bmo#1461590)
+
+---
+Mon May 14 13:37:38 UTC 2018 - pce...@suse.com
+
+- parellelise locales building
+
+---

Old:

  firefox-60.0.source.tar.xz
  firefox-60.0.source.tar.xz.asc
  l10n-60.0.tar.xz

New:

  firefox-60.0.1.source.tar.xz
  firefox-60.0.1.source.tar.xz.asc
  l10n-60.0.1.tar.xz
  mozilla-fix-skia-aarch64.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Pd6s1J/_old  2018-05-23 16:08:17.691755344 +0200
+++ /var/tmp/diff_new_pack.Pd6s1J/_new  2018-05-23 16:08:17.695755198 +0200
@@ -19,10 +19,10 @@
 
 # changed with every update
 %define major 60
-%define mainver %major.0
+%define mainver %major.0.1
 %define update_channel release
 %define branding 1
-%define releasedate 20180503143129
+%define releasedate 20180516032328
 %define source_prefix firefox-%{mainver}
 
 # PIE, full relro (x86_64 for now)
@@ -156,10 +156,10 @@
 Patch9: mozilla-i586-DecoderDoctorLogger.patch
 Patch10:mozilla-i586-domPrefs.patch
 Patch11:mozilla-enable-csd.patch
+Patch12:mozilla-fix-skia-aarch64.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
-
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 Requires(post):   coreutils shared-mime-info desktop-file-utils
 Requires(postun): shared-mime-info desktop-file-utils
@@ -271,6 +271,7 @@
 %patch10 -p1
 %endif
 %patch11 -p1
+%patch12 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1
@@ -383,7 +384,7 @@
 ac_add_options --with-arch=armv7-a
 %endif
 %endif
-%ifarch %arm s390x
+%ifarch aarch64 %arm s390x
 ac_add_options --disable-webrtc
 %endif
 EOF
@@ -413,13 +414,10 @@
 install -m 644 %{SOURCE9} 
%{buildroot}%{progdir}/browser/defaults/preferences/firefox.js
 # install additional locales
 %if %localize
-rm -f %{_tmppath}/translations.*
-touch %{_tmppath}/translations.{common,other}
-for locale in $(cat 
$RPM_BUILD_DIR/%{source_prefix}/browser/locales/shipped-locales) ; do
-  case $locale in
-   ja-JP-mac|en-US|'')
-   ;;
-   *)
+truncate -s 0 %{_tmppath}/translations.{common,other}
+sed -r '/^(ja-JP-mac|en-US|)$/d;s/ .*$//' 
$RPM_BUILD_DIR/%{source_prefix}/browser/locales/shipped-locales \
+| xargs -P 8 -n 1 -I {} /bin/sh -c '
+locale=$1
pushd $RPM_BUILD_DIR/compare-locales
PYTHONPATH=lib \
  scripts/compare-locales -m ../l10n-merged/$locale \
@@ -440,8 +438,7 @@
[ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
echo %{progdir}/browser/extensions/langpack-$loc...@firefox.mozilla.org 
\
  >> %{_tmppath}/translations.$_l10ntarget
-  esac
-done
+' -- {}
 %endif
 # remove some executable permissions
 find %{buildroot}%{progdir} \
@@ -452,9 +449,10 @@
  -name "*.dtd" -o \
  -name "*.txt" -o \
  -name "*.xml" -o \
- -name "*.css" | xargs chmod a-x
+ -name "*.css" \
+ -exec chmod a-x {} +
 # remove mkdir.done files from installed base
-find %{buildroot}%{progdir} -name ".mkdir.done" | xargs rm || :
+find %{buildroot}%{progdir} -type f -name ".mkdir.done" -delete
 # overwrite the mozilla start-script and link it to /usr/bin
 mkdir --parents 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-05-11 11:26:43

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Fri May 11 11:26:43 2018 rev:271 rq:605919 version:60.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-05-03 12:31:10.690852233 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-05-11 11:26:45.463698832 +0200
@@ -1,0 +2,87 @@
+Mon May  7 08:32:28 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 60.0
+  * Added a policy engine that allows customized Firefox deployments
+in enterprise environments, using Windows Group Policy or a
+cross-platform JSON file
+  * Applied Quantum CSS to render browser UI
+  * Added support for Web Authentication, allowing the use of USB
+tokens for authentication to web sites
+  * Locale added: Occitan (oc)
+  MFSA 2018-11 (bsc#1092548)
+  * CVE-2018-5154 (bmo#1443092)
+Use-after-free with SVG animations and clip paths
+  * CVE-2018-5155 (bmo#1448774)
+Use-after-free with SVG animations and text paths
+  * CVE-2018-5157 (bmo#1449898)
+Same-origin bypass of PDF Viewer to view protected PDF files
+  * CVE-2018-5158 (bmo#1452075)
+Malicious PDF can inject JavaScript into PDF Viewer
+  * CVE-2018-5159 (bmo#1441941)
+Integer overflow and out-of-bounds write in Skia
+  * CVE-2018-5160 (bmo#1436117)
+Uninitialized memory use by WebRTC encoder
+  * CVE-2018-5152 (bmo#1415644, bmo#1427289)
+WebExtensions information leak through webRequest API
+  * CVE-2018-5153 (bmo#1436809)
+Out-of-bounds read in mixed content websocket messages
+  * CVE-2018-5163 (bmo#1426353)
+Replacing cached data in JavaScript Start-up Bytecode Cache
+  * CVE-2018-5164 (bmo#1416045)
+CSP not applied to all multipart content sent with
+multipart/x-mixed-replace
+  * CVE-2018-5166 (bmo#1437325)
+WebExtension host permission bypass through filterReponseData
+  * CVE-2018-5167 (bmo#1447969)
+Improper linkification of chrome: and javascript: content in
+web console and JavaScript debugger
+  * CVE-2018-5168 (bmo#1449548)
+Lightweight themes can be installed without user interaction
+  * CVE-2018-5169 (bmo#1319157)
+Dragging and dropping link text onto home button can set home page
+to include chrome pages
+  * CVE-2018-5172 (bmo#1436482)
+Pasted script from clipboard can run in the Live Bookmarks page
+or PDF viewer
+  * CVE-2018-5173 (bmo#1438025)
+File name spoofing of Downloads panel with Unicode characters
+  * CVE-2018-5174 (bmo#1447080) (Windows-only)
+Windows Defender SmartScreen UI runs with less secure behavior
+for downloaded files in Windows 10 April 2018 Update
+  * CVE-2018-5175 (bmo#1432358)
+Universal CSP bypass on sites using strict-dynamic in their policies
+  * CVE-2018-5176 (bmo#1442840)
+JSON Viewer script injection
+  * CVE-2018-5177 (bmo#1451908)
+Buffer overflow in XSLT during number formatting
+  * CVE-2018-5165 (bmo#1451452)
+Checkbox for enabling Flash protected mode is inverted in 32-bit
+Firefox
+  * CVE-2018-5180 (bmo#1444086)
+heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced
+  * CVE-2018-5181 (bmo#1424107)
+Local file can be displayed in noopener tab through drag and
+drop of hyperlink
+  * CVE-2018-5182 (bmo#1435908)
+Local file can be displayed from hyperlink dragged and dropped
+on addressbar
+  * CVE-2018-5151
+Memory safety bugs fixed in Firefox 60
+  * CVE-2018-5150
+Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
+- removed obsolete patches
+  0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
+  mozilla-bmo1005535.patch
+- requires NSPR 4.19 and NSS 3.36.1
+- requires rust 1.24 or higher
+- use upstream source archive and detached signature for
+  source verification
+
+---
+Thu May  3 14:33:37 UTC 2018 - guillaume.gar...@opensuse.org
+
+- Fix armv7 build by:
+  * adding RUSTFLAGS="-Cdebuginfo=0"
+  * updating _constraints for %arm
+
+---

Old:

  0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
  firefox-59.0.3-source.tar.xz
  l10n-59.0.3.tar.xz
  mozilla-bmo1005535.patch

New:

  firefox-60.0.source.tar.xz
  firefox-60.0.source.tar.xz.asc
  l10n-60.0.tar.xz
  mozilla.keyring



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.VfYb72/_old  2018-05-11 11:27:16.518566975 +0200
+++ 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-05-03 12:31:06

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Thu May  3 12:31:06 2018 rev:270 rq:603325 version:59.0.3

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-04-29 19:36:56.131321150 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-05-03 12:31:10.690852233 +0200
@@ -1,0 +2,12 @@
+Wed May  2 20:46:37 UTC 2018 - w...@rosenauer.org
+
+- do not try CSD on kwin (boo#1091592)
+- fix build in openSUSE:Leap:42.3:Update, use gcc7
+
+---
+Tue May  1 14:26:24 UTC 2018 - astie...@suse.com
+
+- Mozilla Firefox 59.0.3:
+  * fixes for platforms other than GNU/Linux
+
+---

Old:

  firefox-59.0.2-source.tar.xz
  l10n-59.0.2.tar.xz

New:

  firefox-59.0.3-source.tar.xz
  l10n-59.0.3.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.XwrpXA/_old  2018-05-03 12:31:38.153874510 +0200
+++ /var/tmp/diff_new_pack.XwrpXA/_new  2018-05-03 12:31:38.157874367 +0200
@@ -19,10 +19,10 @@
 
 # changed with every update
 %define major 59
-%define mainver %major.0.2
+%define mainver %major.0.3
 %define update_channel release
 %define branding 1
-%define releasedate 20180323154952
+%define releasedate 2018034000
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -58,7 +58,7 @@
 BuildRequires:  dbus-1-glib-devel
 BuildRequires:  fdupes
 %if 0%{?suse_version} <= 1320
-BuildRequires:  gcc5-c++
+BuildRequires:  gcc7-c++
 %else
 BuildRequires:  gcc-c++
 %endif
@@ -298,7 +298,7 @@
 export BUILD_OFFICIAL=1
 export MOZ_TELEMETRY_REPORTING=1
 %if 0%{?suse_version} <= 1320
-export CC=gcc-5
+export CC=gcc-7
 %endif
 export CFLAGS="%{optflags} -fno-strict-aliasing"
 # boo#986541: add -fno-delete-null-pointer-checks for gcc6

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.XwrpXA/_old  2018-05-03 12:31:38.337867959 +0200
+++ /var/tmp/diff_new_pack.XwrpXA/_new  2018-05-03 12:31:38.341867816 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_59_0_2_RELEASE"
-VERSION="59.0.2"
+RELEASE_TAG="FIREFOX_59_0_3_RELEASE"
+VERSION="59.0.3"
 
 # check required tools
 test -x /usr/bin/hg || ( echo "hg missing: execute zypper in mercurial"; exit 
5 )

++ firefox-59.0.2-source.tar.xz -> firefox-59.0.3-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-59.0.2-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-59.0.3-source.tar.xz 
differ: char 8, line 1

++ l10n-59.0.2.tar.xz -> l10n-59.0.3.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-59.0.2.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-59.0.3.tar.xz differ: char 
8, line 1

++ mozilla-enable-csd.patch ++
--- /var/tmp/diff_new_pack.XwrpXA/_old  2018-05-03 12:31:38.529861124 +0200
+++ /var/tmp/diff_new_pack.XwrpXA/_new  2018-05-03 12:31:38.533860981 +0200
@@ -45,7 +45,7 @@
 +} else if (strstr(currentDesktop, "X-Cinnamon") != nullptr) {
 +sCSDSupportLevel = CSD_SUPPORT_FULL;
 +} else if (strstr(currentDesktop, "KDE") != nullptr) {
-+sCSDSupportLevel = CSD_SUPPORT_FLAT;
++sCSDSupportLevel = CSD_SUPPORT_NONE;
 +} else if (strstr(currentDesktop, "LXDE") != nullptr) {
 +sCSDSupportLevel = CSD_SUPPORT_FLAT;
 +} else if (strstr(currentDesktop, "openbox") != nullptr) {

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.XwrpXA/_old  2018-05-03 12:31:38.629857563 +0200
+++ /var/tmp/diff_new_pack.XwrpXA/_new  2018-05-03 12:31:38.629857563 +0200
@@ -1,2 +1,2 @@
-REV=239e434d6d2b
+REV=6b51784853e4
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-04-29 19:36:27

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Sun Apr 29 19:36:27 2018 rev:269 rq:601060 version:59.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-03-30 11:59:54.026054116 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-04-29 19:36:56.131321150 +0200
@@ -1,0 +2,12 @@
+Fri Apr 20 12:31:52 UTC 2018 - mli...@suse.cz
+
+- Add 0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
+  in order to fix boo#1090362.
+
+---
+Mon Apr  2 00:55:45 UTC 2018 - badshah...@gmail.com
+
+- Add back mozilla-enable-csd.patch: New rebased version from
+  Fedora for version 59.0.x.
+
+---

New:

  0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
  mozilla-enable-csd.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.nREvcZ/_old  2018-04-29 19:37:00.563158630 +0200
+++ /var/tmp/diff_new_pack.nREvcZ/_new  2018-04-29 19:37:00.567158483 +0200
@@ -153,6 +153,8 @@
 Patch9: mozilla-bmo1005535.patch
 Patch10:mozilla-i586-DecoderDoctorLogger.patch
 Patch11:mozilla-i586-domPrefs.patch
+Patch12:mozilla-enable-csd.patch
+Patch13:0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -268,6 +270,8 @@
 %patch10 -p1
 %patch11 -p1
 %endif
+%patch12 -p1
+%patch13 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1

++ 0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch ++
>From 38a3ee1f792f586aef412ebc04980a93825612c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert-Andr=C3=A9=20Mauchin?= 
Date: Mon, 5 Feb 2018 09:46:44 -0500
Subject: [PATCH] Bug 1435695 - WebRTC fails to build with GCC 8; r=dminor

--HG--
extra : rebase_source : d26e183b2082fa4f88ce3b837e2db5fc8acbff5b
---
 media/webrtc/trunk/webrtc/common_audio/vad/vad_core.c| 5 +++--
 .../webrtc/modules/audio_coding/codecs/isac/fix/source/lattice.c | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/media/webrtc/trunk/webrtc/common_audio/vad/vad_core.c 
b/media/webrtc/trunk/webrtc/common_audio/vad/vad_core.c
index 0340165eb505..d09314720ddd 100644
--- a/media/webrtc/trunk/webrtc/common_audio/vad/vad_core.c
+++ b/media/webrtc/trunk/webrtc/common_audio/vad/vad_core.c
@@ -115,8 +115,9 @@ static int32_t WeightedAverage(int16_t* data, int16_t 
offset,
 // undefined behavior, so not a good idea; this just makes UBSan ignore the
 // violation, so that our old code can continue to do what it's always been
 // doing.)
-static inline int32_t OverflowingMulS16ByS32ToS32(int16_t a, int32_t b)
-RTC_NO_SANITIZE("signed-integer-overflow") {
+static inline int32_t RTC_NO_SANITIZE("signed-integer-overflow")
+OverflowingMulS16ByS32ToS32(int16_t a, int32_t b)
+{
   return a * b;
 }
 
diff --git 
a/media/webrtc/trunk/webrtc/modules/audio_coding/codecs/isac/fix/source/lattice.c
 
b/media/webrtc/trunk/webrtc/modules/audio_coding/codecs/isac/fix/source/lattice.c
index 2b92acb64a3d..c10014f6a108 100644
--- 
a/media/webrtc/trunk/webrtc/modules/audio_coding/codecs/isac/fix/source/lattice.c
+++ 
b/media/webrtc/trunk/webrtc/modules/audio_coding/codecs/isac/fix/source/lattice.c
@@ -209,8 +209,9 @@ void WebRtcIsacfix_NormLatticeFilterMa(size_t orderCoef,
 // Left shift of an int32_t that's allowed to overflow. (It's still undefined
 // behavior, so not a good idea; this just makes UBSan ignore the violation, so
 // that our old code can continue to do what it's always been doing.)
-static inline int32_t OverflowingLShiftS32(int32_t x, int shift)
-RTC_NO_SANITIZE("shift") {
+static inline int32_t RTC_NO_SANITIZE("shift")
+OverflowingLShiftS32(int32_t x, int shift)
+{
   return x << shift;
 }
 
-- 
2.16.3

++ mozilla-enable-csd.patch ++
Index: mozilla/browser/base/moz.build
===
--- mozilla.orig/browser/base/moz.build
+++ mozilla/browser/base/moz.build
@@ -60,7 +60,7 @@ DEFINES['APP_LICENSE_BLOCK'] = '%s/conte
 if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'gtk3', 'cocoa'):
 DEFINES['CONTEXT_COPY_IMAGE_CONTENTS'] = 1
 
-if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'cocoa'):
+if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('windows', 'cocoa', 'gtk3'):
 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-03-30 11:59:39

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Fri Mar 30 11:59:39 2018 rev:268 rq:591686 version:59.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-03-20 21:52:28.314723536 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-03-30 11:59:54.026054116 +0200
@@ -1,0 +2,35 @@
+Tue Mar 27 14:07:11 UTC 2018 - sch...@suse.de
+
+- Reduce constraints on aarch64
+
+---
+Tue Mar 27 06:40:25 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 59.0.2
+  * Invalid page rendering with hardware acceleration enabled (bmo#1435472)
+  * Browser keyboard shortcuts (eg copy Ctrl+C) don't work on sites
+that use those keys with resistFingerprinting enabled (bmo#1433592)
+  * High CPU / memory churn caused by third-party software on some
+computers (bmo#1446280)
+  * Users who have configured an "automatic proxy configuration URL"
+and want to reload their proxy settings from the URL will find
+the Reload button disabled in the Connection Settings dialog when
+they select Preferences/Options>Network Proxy>Settings... (bmo#1445991)
+  * URL Fragment Identifiers Break Service Worker Responses (bmo#1443850)
+  * User's trying to cancel a print around the time it completes will
+continue to get intermittent crashes (bmo#1441598)
+  MFSA 2018-10 (bsc#1087059)
+  * CVE-2018-5148 (bmo#1440717)
+Use-after-free in compositor
+- removed obsolete patch mozilla-bmo1446062.patch
+
+---
+Wed Mar 21 17:14:24 UTC 2018 - cgrobert...@suse.com
+
+- Added patches:
+  * mozilla-i586-DecoderDoctorLogger.patch - bmo#1447070
+fixes non-unified build error
+  * mozilla-i586-domPrefs.patch - DOMPrefs.h
+fixes 32bit build error
+
+---

Old:

  firefox-59.0.1-source.tar.xz
  l10n-59.0.1.tar.xz
  mozilla-bmo1446062.patch

New:

  firefox-59.0.2-source.tar.xz
  l10n-59.0.2.tar.xz
  mozilla-i586-DecoderDoctorLogger.patch
  mozilla-i586-domPrefs.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.vm2Vvk/_old  2018-03-30 12:00:19.285140691 +0200
+++ /var/tmp/diff_new_pack.vm2Vvk/_new  2018-03-30 12:00:19.289140547 +0200
@@ -19,10 +19,10 @@
 
 # changed with every update
 %define major 59
-%define mainver %major.0.1
+%define mainver %major.0.2
 %define update_channel release
 %define branding 1
-%define releasedate 20180315233128
+%define releasedate 20180323154952
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -151,7 +151,8 @@
 Patch7: mozilla-aarch64-startup-crash.patch
 Patch8: mozilla-bmo256180.patch
 Patch9: mozilla-bmo1005535.patch
-Patch10:mozilla-bmo1446062.patch
+Patch10:mozilla-i586-DecoderDoctorLogger.patch
+Patch11:mozilla-i586-domPrefs.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-branded-icons.patch
@@ -263,7 +264,10 @@
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
+%ifarch %ix86
 %patch10 -p1
+%patch11 -p1
+%endif
 # Firefox
 %patch101 -p1
 %patch102 -p1

++ _constraints ++
--- /var/tmp/diff_new_pack.vm2Vvk/_old  2018-03-30 12:00:19.393136786 +0200
+++ /var/tmp/diff_new_pack.vm2Vvk/_new  2018-03-30 12:00:19.393136786 +0200
@@ -19,4 +19,14 @@
   
 
   
+  
+
+  aarch64
+
+
+  
+9
+  
+
+  
 

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.vm2Vvk/_old  2018-03-30 12:00:19.493133169 +0200
+++ /var/tmp/diff_new_pack.vm2Vvk/_new  2018-03-30 12:00:19.497133025 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_59_0_1_RELEASE"
-VERSION="59.0.1"
+RELEASE_TAG="FIREFOX_59_0_2_RELEASE"
+VERSION="59.0.2"
 
 # check required tools
 test -x /usr/bin/hg || ( echo "hg missing: execute zypper in mercurial"; exit 
5 )

++ firefox-59.0.1-source.tar.xz -> firefox-59.0.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-59.0.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-59.0.2-source.tar.xz 
differ: char 26, line 1

++ l10n-59.0.1.tar.xz -> l10n-59.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-59.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-59.0.2.tar.xz differ: char 
26, line 1

++ 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-03-20 21:52:21

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Mar 20 21:52:21 2018 rev:267 rq:588116 version:59.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-02-13 10:26:29.639383379 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-03-20 21:52:28.314723536 +0100
@@ -1,0 +2,74 @@
+Fri Mar 16 06:40:11 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 59.0.1 (bsc#1085671)
+  MFSA 2018-08
+  * CVE-2018-5146 (bmo#1446062)
+Vorbis audio processing out of bounds write
+  * CVE-2018-5147 (bmo#1446365)
+Out of bounds memory write in libtremor
+(mozilla-bmo1446062.patch)
+
+---
+Wed Mar 14 19:27:07 UTC 2018 - cgrobert...@suse.com
+
+- Added patch:
+  * mozilla-bmo1005535.patch:
+Enable skia_gpu on big endian platforms.
+
+---
+Sun Mar 11 22:12:12 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 59.0
+  * Performance enhancements
+  * Drag-and-drop to rearrange Top Sites on the Firefox Home page
+  * added features for Firefox Screenshots
+  * Enhanced WebExtensions API
+  * Improved RTC capabilities
+  MFSA 2018-06 (bsc#1085130)
+  * CVE-2018-5127 (bmo#1430557)
+Buffer overflow manipulating SVG animatedPathSegList
+  * CVE-2018-5128 (bmo#1431336)
+Use-after-free manipulating editor selection ranges
+  * CVE-2018-5129 (bmo#1428947)
+Out-of-bounds write with malformed IPC messages
+  * CVE-2018-5130 (bmo#1433005)
+Mismatched RTP payload type can trigger memory corruption
+  * CVE-2018-5131 (bmo#1440775)
+Fetch API improperly returns cached copies of no-store/no-cache resources
+  * CVE-2018-5132 (bmo#1408194)
+WebExtension Find API can search privileged pages
+  * CVE-2018-5133 (bmo#1430511, bmo#1430974)
+Value of the app.support.baseURL preference is not properly sanitized
+  * CVE-2018-5134 (bmo#1429379)
+WebExtensions may use view-source: URLs to bypass content restrictions
+  * CVE-2018-5135 (bmo#1431371)
+WebExtension browserAction can inject scripts into unintended contexts
+  * CVE-2018-5136 (bmo#1419166)
+Same-origin policy violation with data: URL shared workers
+  * CVE-2018-5137 (bmo#1432870)
+Script content can access legacy extension non-contentaccessible resources
+  * CVE-2018-5138 (bmo#1432624) (Android only)
+Android Custom Tab address spoofing through long domain names
+  * CVE-2018-5140 (bmo#1424261)
+Moz-icon images accessible to web content through moz-icon: protocol
+  * CVE-2018-5141 (bmo#1429093)
+DOS attack through notifications Push API
+  * CVE-2018-5142 (bmo#1366357)
+Media Capture and Streams API permissions display incorrect origin
+with data: and blob: URLs
+  * CVE-2018-5143 (bmo#1422643)
+Self-XSS pasting javascript: URL with embedded tab into addressbar
+  * CVE-2018-5126
+Memory safety bugs fixed in Firefox 59
+  * CVE-2018-5125
+Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
+- requires NSPR 4.18 and NSS 3.35
+- requires rust >= 1.22.1
+- removed obsolete patches:
+  mozilla-alsa-sandbox.patch
+  mozilla-enable-csd.patch
+  firefox-no-default-ualocale.patch
+- removed l10n_changesets.txt since same information is now in
+  Firefox source tree (updated create-tar.sh now requires jq)
+
+---

Old:

  firefox-58.0.2-source.tar.xz
  firefox-no-default-ualocale.patch
  l10n-58.0.2.tar.xz
  l10n_changesets.txt
  mozilla-alsa-sandbox.patch
  mozilla-enable-csd.patch

New:

  firefox-59.0.1-source.tar.xz
  l10n-59.0.1.tar.xz
  mozilla-bmo1005535.patch
  mozilla-bmo1446062.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.z1Dv4I/_old  2018-03-20 21:52:56.129721945 +0100
+++ /var/tmp/diff_new_pack.z1Dv4I/_new  2018-03-20 21:52:56.133721801 +0100
@@ -18,11 +18,11 @@
 
 
 # changed with every update
-%define major 58
-%define mainver %major.0.2
+%define major 59
+%define mainver %major.0.1
 %define update_channel release
 %define branding 1
-%define releasedate 2018020700
+%define releasedate 20180315233128
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -70,11 +70,11 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.17
-BuildRequires:  mozilla-nss-devel >= 3.34.1
+BuildRequires:  

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-02-13 10:26:26

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Feb 13 10:26:26 2018 rev:266 rq:574857 version:58.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-02-07 18:39:29.289593369 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-02-13 10:26:29.639383379 +0100
@@ -1,0 +2,15 @@
+Fri Feb  9 13:37:46 UTC 2018 - astie...@suse.com
+
+- Mozilla Firefox 58.0.2:
+  * Blocklisted graphics drivers related to off main thread painting
+crashes
+  * Fix tab crash during printing
+  * Fix clicking links and scrolling emails on Microsoft Hotmail
+and Outlook (OWA) webmail
+
+---
+Fri Feb  9 12:06:31 UTC 2018 - w...@rosenauer.org
+
+- correct requires and provides handling (boo#1076907)
+
+---

Old:

  find-external-requires.sh
  firefox-58.0.1-source.tar.xz
  l10n-58.0.1.tar.xz

New:

  firefox-58.0.2-source.tar.xz
  l10n-58.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.mo29us/_old  2018-02-13 10:26:54.074502974 +0100
+++ /var/tmp/diff_new_pack.mo29us/_new  2018-02-13 10:26:54.078502830 +0100
@@ -19,10 +19,10 @@
 
 # changed with every update
 %define major 58
-%define mainver %major.0.1
+%define mainver %major.0.2
 %define update_channel release
 %define branding 1
-%define releasedate 20180128191252
+%define releasedate 2018020700
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -42,10 +42,8 @@
 %define gnome_dir %{_prefix}
 %define desktop_file_name %{progname}
 %define firefox_appid \{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}
-%define _use_internal_dependency_generator 0
-%define __find_requires sh %{SOURCE4}
-%global provfind sh -c "grep -v '.so' | %__find_provides"
-%global __find_provides %provfind
+%define __provides_exclude ^lib.*\\.so.*$
+%define __requires_exclude ^(libmoz.*|liblgpllibs.*|libxul.*)$
 %define localize 1
 %ifarch %ix86 x86_64
 %define crashreporter 1
@@ -126,7 +124,6 @@
 Source1:MozillaFirefox.desktop
 Source2:MozillaFirefox-rpmlintrc
 Source3:mozilla.sh.in
-Source4:find-external-requires.sh
 Source5:source-stamp.txt
 Source6:kde.js
 Source7:l10n-%{version}.tar.xz

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.mo29us/_old  2018-02-13 10:26:54.202498362 +0100
+++ /var/tmp/diff_new_pack.mo29us/_new  2018-02-13 10:26:54.206498219 +0100
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_58_0_1_RELEASE"
-VERSION="58.0.1"
+RELEASE_TAG="FIREFOX_58_0_2_RELEASE"
+VERSION="58.0.2"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-58.0.1-source.tar.xz -> firefox-58.0.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-58.0.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-58.0.2-source.tar.xz 
differ: char 8, line 1

++ l10n-58.0.1.tar.xz -> l10n-58.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-58.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-58.0.2.tar.xz differ: char 
8, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.mo29us/_old  2018-02-13 10:26:54.378492021 +0100
+++ /var/tmp/diff_new_pack.mo29us/_new  2018-02-13 10:26:54.378492021 +0100
@@ -1,2 +1,2 @@
-REV=c2db4a50dc5c
+REV=849c090094db
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-02-07 18:39:24

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Wed Feb  7 18:39:24 2018 rev:265 rq:573290 version:58.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-01-16 09:36:32.534057916 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-02-07 18:39:29.289593369 +0100
@@ -1,0 +2,103 @@
+Tue Feb  6 07:03:42 UTC 2018 - fst...@suse.com
+
+- Added patch:
+  * mozilla-alsa-sandbox.patch: Fix bmo#1430274, ALSA sound (still
+or again?) not working in Firefox 58 due to sandboxing.
+
+---
+Mon Jan 29 22:32:21 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 58.0.1
+  MFSA 2018-05
+  *  Arbitrary code execution through unsanitized browser UI (bmo#1432966)
+- use correct language packs
+- readd mozilla-enable-csd.patch as it only lands for FF59 upstream
+- allow larger number of nested elements (mozilla-bmo256180.patch)
+
+---
+Tue Jan 23 20:40:57 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 58.0 (bsc#1077291)
+  * Added Nepali (ne-NP) locale
+  * Added support for form autofill for credit card
+  * Optimize page load by caching JavaScript internal representation
+  MFSA 2018-02
+  * CVE-2018-5091 (bmo#1423086)
+Use-after-free with DTMF timers
+  * CVE-2018-5092 (bmo#1418074)
+Use-after-free in Web Workers
+  * CVE-2018-5093 (bmo#1415291)
+Buffer overflow in WebAssembly during Memory/Table resizing
+  * CVE-2018-5094 (bmo#1415883)
+Buffer overflow in WebAssembly with garbage collection on
+uninitialized memory
+  * CVE-2018-5095 (bmo#1418447)
+Integer overflow in Skia library during edge builder allocation
+  * CVE-2018-5097 (bmo#1387427)
+Use-after-free when source document is manipulated during XSLT
+  * CVE-2018-5098 (bmo#1399400)
+Use-after-free while manipulating form input elements
+  * CVE-2018-5099 (bmo#1416878)
+Use-after-free with widget listener
+  * CVE-2018-5100 (bmo#1417405)
+Use-after-free when IsPotentiallyScrollable arguments are freed
+from memory
+  * CVE-2018-5101 (bmo#1417661)
+Use-after-free with floating first-letter style elements
+  * CVE-2018-5102 (bmo#1419363)
+Use-after-free in HTML media elements
+  * CVE-2018-5103 (bmo#1423159)
+Use-after-free during mouse event handling
+  * CVE-2018-5104 (bmo#1425000)
+Use-after-free during font face manipulation
+  * CVE-2018-5105 (bmo#1390882)
+WebExtensions can save and execute files on local file system
+without user prompts
+  * CVE-2018-5106 (bmo#1408708)
+Developer Tools can expose style editor information cross-origin
+through service worker
+  * CVE-2018-5107 (bmo#1379276)
+Printing process will follow symlinks for local file access
+  * CVE-2018-5108 (bmo#1421099)
+Manually entered blob URL can be accessed by subsequent private browsing 
tabs
+  * CVE-2018-5109 (bmo#1405599)
+Audio capture prompts and starts with incorrect origin attribution
+  * CVE-2018-5110 (bmo#1423275) (affects only OS X)
+Cursor can be made invisible on OS X
+  * CVE-2018-5111 (bmo#1321619)
+URL spoofing in addressbar through drag and drop
+  * CVE-2018-5112 (bmo#1425224)
+Extension development tools panel can open a non-relative URL in the panel
+  * CVE-2018-5113 (bmo#1425267)
+WebExtensions can load non-HTTPS pages with 
browser.identity.launchWebAuthFlow
+  * CVE-2018-5114 (bmo#1421324)
+The old value of a cookie changed to HttpOnly remains accessible to scripts
+  * CVE-2018-5115 (bmo#1409449)
+Background network requests can open HTTP authentication in unrelated 
foreground tabs
+  * CVE-2018-5116 (bmo#1396399)
+WebExtension ActiveTab permission allows cross-origin frame content access
+  * CVE-2018-5117 (bmo#1395508)
+URL spoofing with right-to-left text aligned left-to-right
+  * CVE-2018-5118 (bmo#1420049)
+Activity Stream images can attempt to load local content through file:
+  * CVE-2018-5119 (bmo#1420507)
+Reader view will load cross-origin content in violation of CORS headers
+  * CVE-2018-5121 (bmo#1402368) (affects only OS X)
+OS X Tibetan characters render incompletely in the addressbar
+  * CVE-2018-5122 (bmo#1413841)
+Potential integer overflow in DoCrypt
+  * CVE-2018-5090
+Memory safety bugs fixed in Firefox 58
+  * CVE-2018-5089
+Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
+- requires NSS 3.34.1
+- requires rust 1.21
+- removed obsolete patches:
+  mozilla-bindgen-systemlibs.patch
+  

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-01-16 09:36:31

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Jan 16 09:36:31 2018 rev:264 rq:563240 version:57.0.4

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2018-01-06 18:47:12.904766301 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-01-16 09:36:32.534057916 +0100
@@ -1,0 +2,5 @@
+Tue Jan  9 18:48:02 UTC 2018 - w...@rosenauer.org
+
+- fixed build with latest rust (mozilla-rust-1.23.patch)
+
+---

New:

  mozilla-rust-1.23.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.uBaX7j/_old  2018-01-16 09:36:39.913712488 +0100
+++ /var/tmp/diff_new_pack.uBaX7j/_new  2018-01-16 09:36:39.917712300 +0100
@@ -156,6 +156,7 @@
 Patch8: mozilla-bindgen-systemlibs.patch
 Patch9: mozilla-bmo1360278.patch
 Patch10:mozilla-bmo1399611-csd.patch
+Patch11:mozilla-rust-1.23.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -269,6 +270,7 @@
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1

++ mozilla-rust-1.23.patch ++
 1083 lines (skipped)

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2018-01-06 18:47:11

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Sat Jan  6 18:47:11 2018 rev:263 rq:561754 version:57.0.4

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-12-12 21:21:06.499818584 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2018-01-06 18:47:12.904766301 +0100
@@ -1,0 +2,23 @@
+Thu Jan  4 12:23:41 UTC 2018 - w...@rosenauer.org
+
+- update to Firefox 57.0.4
+  MFSA 2018-1: Speculative execution side-channel attack ("Spectre")
+  (boo#1074723)
+
+---
+Wed Jan  3 08:29:38 UTC 2018 - w...@rosenauer.org
+
+- fixed regression introduced Oct 10th which made Firefox crash
+  when cancelling the KDE file dialog (boo#1069962)
+
+---
+Fri Dec 29 19:52:34 UTC 2017 - astie...@suse.com
+
+- Mozilla Firefox 57.0.3:
+  * Fix a crash reporting issue that inadvertently sends background
+tab crash reports to Mozilla without user opt-in (bmo#1427111,
+bsc#1074235)
+- Includes changes from 57.0.2:
+  * fixes for platforms other than GNU/Linux
+
+---

Old:

  firefox-57.0.1-source.tar.xz
  l10n-57.0.1.tar.xz

New:

  firefox-57.0.4-source.tar.xz
  l10n-57.0.4.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.QSCLqR/_old  2018-01-06 18:47:49.159072295 +0100
+++ /var/tmp/diff_new_pack.QSCLqR/_new  2018-01-06 18:47:49.163072108 +0100
@@ -1,8 +1,8 @@
 #
 # spec file for package MozillaFirefox
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
-#   2006-2017 Wolfgang Rosenauer
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+#   2006-2018 Wolfgang Rosenauer
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,10 +19,10 @@
 
 # changed with every update
 %define major 57
-%define mainver %major.0.1
+%define mainver %major.0.4
 %define update_channel release
 %define branding 1
-%define releasedate 20171128222554
+%define releasedate 20180103231032
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.QSCLqR/_old  2018-01-06 18:47:49.327064445 +0100
+++ /var/tmp/diff_new_pack.QSCLqR/_new  2018-01-06 18:47:49.331064258 +0100
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="d2e449c73daca64d8c8185590750873b1cfcd412" # build 2
-VERSION="57.0.1"
+RELEASE_TAG="afa87f9be3a8852da3a30f286b15ae599c7874f6"
+VERSION="57.0.4"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-57.0.1-source.tar.xz -> firefox-57.0.4-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-57.0.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-57.0.4-source.tar.xz 
differ: char 26, line 1

++ l10n-57.0.1.tar.xz -> l10n-57.0.4.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-57.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-57.0.4.tar.xz differ: char 
8, line 1

++ mozilla-kde.patch ++
--- /var/tmp/diff_new_pack.QSCLqR/_old  2018-01-06 18:47:49.519055474 +0100
+++ /var/tmp/diff_new_pack.QSCLqR/_new  2018-01-06 18:47:49.519055474 +0100
@@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  87a32e5d11e9d652e331a5f852bb951069b20c4a
+# Parent  2504512f9a9ba7b52dd99745d15f049f2a03f4f4
 Description: Add KDE integration to Firefox (toolkit parts)
 Author: Wolfgang Rosenauer 
 Author: Lubos Lunak 
@@ -3275,7 +3275,7 @@
  
mFilters.AppendElement(filter);
mFilterNames.AppendElement(name);
-@@ -371,16 +375,37 @@ nsFilePicker::Show(int16_t *aReturn)
+@@ -371,16 +375,39 @@ nsFilePicker::Show(int16_t *aReturn)
  
  NS_IMETHODIMP
  nsFilePicker::Open(nsIFilePickerShownCallback *aCallback)
@@ -3288,6 +3288,7 @@
 +  if( nsKDEUtils::kdeSupport()) {
 +mCallback = aCallback;
 +mRunning = true;
++NS_ADDREF_THIS();
 +g_idle_add([](gpointer data) -> gboolean {
 +  nsFilePicker* queuedPicker = (nsFilePicker*) data;
 +  int16_t result;
@@ -3299,6 +3300,7 @@
 +queuedPicker->mResult = result;
 +  }
 +  queuedPicker->mRunning = false;
++  NS_RELEASE(queuedPicker);
 +  return G_SOURCE_REMOVE;
 +}, this);
 +
@@ -3313,7 +3315,7 @@
  

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-12-12 21:20:59

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Dec 12 21:20:59 2017 rev:262 rq:555866 version:57.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-12-08 21:45:44.675311231 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-12-12 21:21:06.499818584 +0100
@@ -1,0 +2,12 @@
+Fri Dec  8 15:52:17 UTC 2017 - dims...@opensuse.org
+
+- Explicitly buildrequires python2-xml: The build system relies on
+  it. We wrongly relied on other packages pulling it in for us.
+
+---
+Thu Dec  7 11:12:31 UTC 2017 - dims...@opensuse.org
+
+- Escape the usage of %{VERSION} when calling out to rpm.
+  RPM 4.14 has %{VERSION} defined as 'the main packages version'.
+
+---
@@ -4,0 +17,4 @@
+  * CVE-2017-7843: Web worker in Private Browsing mode can write
+IndexedDB data (bsc#1072034, bmo#1410106)
+  * CVE-2017-7844: Visited history information leak through SVG
+image (bsc#1072036, bmo#1420001)



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.reFTXz/_old  2017-12-12 21:21:13.903461179 +0100
+++ /var/tmp/diff_new_pack.reFTXz/_new  2017-12-12 21:21:13.911460793 +0100
@@ -75,6 +75,7 @@
 BuildRequires:  mozilla-nspr-devel >= 4.17
 BuildRequires:  mozilla-nss-devel >= 3.33
 BuildRequires:  python-devel
+BuildRequires:  python2-xml
 BuildRequires:  rust >= 1.19
 BuildRequires:  rust-std
 BuildRequires:  startup-notification-devel
@@ -166,8 +167,8 @@
 %if %branding
 Requires:   %{name}-branding > 44.0
 %endif
-Requires:   mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}' 
mozilla-nspr)
-Requires:   mozilla-nss >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss)
+Requires:   mozilla-nspr >= %(rpm -q --queryformat '%%{VERSION}' 
mozilla-nspr)
+Requires:   mozilla-nss >= %(rpm -q --queryformat '%%{VERSION}' 
mozilla-nss)
 Recommends: libcanberra0
 Recommends: libpulse0
 # addon leads to startup crash (bnc#908892)

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-12-08 21:45:37

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Fri Dec  8 21:45:37 2017 rev:261 rq:547925 version:57.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-11-30 12:43:48.853358995 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-12-08 21:45:44.675311231 +0100
@@ -1,0 +2,9 @@
+Wed Nov 29 23:45:03 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 57.0.1
+  * Fix a video color distortion issue on YouTube and other video
+sites with some AMD devices (bmo#1417442)
+  * Fix an issue with prefs.js when the profile path has non-ascii
+characters (bmo#1420427)
+
+---

Old:

  firefox-57.0-source.tar.xz
  l10n-57.0.tar.xz

New:

  firefox-57.0.1-source.tar.xz
  l10n-57.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.pQVeTm/_old  2017-12-08 21:47:19.719222782 +0100
+++ /var/tmp/diff_new_pack.pQVeTm/_new  2017-12-08 21:47:19.719222782 +0100
@@ -19,10 +19,10 @@
 
 # changed with every update
 %define major 57
-%define mainver %major.0
+%define mainver %major.0.1
 %define update_channel release
 %define branding 1
-%define releasedate 20171109183137
+%define releasedate 20171128222554
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.pQVeTm/_old  2017-12-08 21:47:19.891215383 +0100
+++ /var/tmp/diff_new_pack.pQVeTm/_new  2017-12-08 21:47:19.895215211 +0100
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="8af8bd128bd014669ad89774f47668b0b8109337" # build 3
-VERSION="57.0"
+RELEASE_TAG="d2e449c73daca64d8c8185590750873b1cfcd412" # build 2
+VERSION="57.0.1"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-57.0-source.tar.xz -> firefox-57.0.1-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-57.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-57.0.1-source.tar.xz 
differ: char 26, line 1

++ l10n-57.0.tar.xz -> l10n-57.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-57.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-57.0.1.tar.xz differ: char 
26, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.pQVeTm/_old  2017-12-08 21:47:20.087206952 +0100
+++ /var/tmp/diff_new_pack.pQVeTm/_new  2017-12-08 21:47:20.091206780 +0100
@@ -1,2 +1,2 @@
-REV=8af8bd128bd0
+REV=d2e449c73dac
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-11-30 12:42:59

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Thu Nov 30 12:42:59 2017 rev:260 rq:545695 version:57.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-11-16 14:00:40.506363155 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-11-30 12:43:48.853358995 +0100
@@ -1,0 +2,18 @@
+Tue Nov 21 09:00:48 UTC 2017 - christo...@krop.fr
+
+- Add mozilla-bmo1360278.patch
+  Starting with Firefox 57, the context menu appears on key press.
+  This patch creates a config entry to restore the
+  old behaviour. Without the patch, the mouse gesture extensions
+  require 2 clicks to work (bmo#1360278).
+  The new config entry is named ui.context_menus.after_mouseup
+  (default : false).
+
+---
+Sat Nov 18 08:35:21 UTC 2017 - w...@rosenauer.org
+
+- Allow experimental CSD for Gtk3 (bmo#1399611) if available and enabled
+  widget.allow-client-side-decoration=true
+  (mozilla-bmo1399611-csd.patch)
+
+---

New:

  mozilla-bmo1360278.patch
  mozilla-bmo1399611-csd.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.7XHBJa/_old  2017-11-30 12:43:56.301088230 +0100
+++ /var/tmp/diff_new_pack.7XHBJa/_new  2017-11-30 12:43:56.305088085 +0100
@@ -153,6 +153,8 @@
 Patch6: mozilla-reduce-files-per-UnifiedBindings.patch
 Patch7: mozilla-aarch64-startup-crash.patch
 Patch8: mozilla-bindgen-systemlibs.patch
+Patch9: mozilla-bmo1360278.patch
+Patch10:mozilla-bmo1399611-csd.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -264,6 +266,8 @@
 %endif
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1
+%patch10 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1

++ mozilla-bmo1360278.patch ++

# HG changeset patch
# User Robin Grenet 
# Date 1510835758 -3600
# Node ID f540f9e801cb2e0be5259baea13dfce953ccb520
# Parent  0abbf75bd0ecfa99ab4386f551a622983f5f27ea
Bug 1360278 - Add preference to trigger context menu on mouse up for GTK+ and 
macOS, r=mstange,smaug

MozReview-Commit-ID: Bg60bD8jIg6

diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -229,16 +229,20 @@ pref("dom.script_loader.bytecode_cache.e
 pref("dom.script_loader.bytecode_cache.strategy", 0);
 
 // Fastback caching - if this pref is negative, then we calculate the number
 // of content viewers to cache based on the amount of available memory.
 pref("browser.sessionhistory.max_total_viewers", -1);
 
 pref("ui.use_native_colors", true);
 pref("ui.click_hold_context_menus", false);
+
+// Pop up context menu on mouseup instead of mousedown, if that's the OS 
default.
+// Note: ignored on Windows (context menus always use mouseup)
+pref("ui.context_menus.after_mouseup", false);
 // Duration of timeout of incremental search in menus (ms).  0 means infinite.
 pref("ui.menu.incremental_search.timeout", 1000);
 // If true, all popups won't hide automatically on blur
 pref("ui.popup.disable_autohide", false);
 
 pref("browser.display.use_document_fonts",  1);  // 0 = never, 1 = quick, 2 = 
always
 // 0 = default: always, except in high contrast mode
 // 1 = always
diff --git a/widget/cocoa/nsChildView.mm b/widget/cocoa/nsChildView.mm
--- a/widget/cocoa/nsChildView.mm
+++ b/widget/cocoa/nsChildView.mm
@@ -4695,18 +4695,20 @@ NSEvent* gLastDragMouseDownEvent = nil;
   [self convertCocoaMouseEvent:theEvent toGeckoEvent:];
   geckoEvent.button = WidgetMouseEvent::eRightButton;
   geckoEvent.mClickCount = [theEvent clickCount];
 
   mGeckoChild->DispatchInputEvent();
   if (!mGeckoChild)
 return;
 
-  // Let the superclass do the context menu stuff.
-  [super rightMouseDown:theEvent];
+  if (!nsBaseWidget::ShowContextMenuAfterMouseUp()) {
+// Let the superclass do the context menu stuff.
+[super rightMouseDown:theEvent];
+  }
 
   NS_OBJC_END_TRY_ABORT_BLOCK;
 }
 
 - (void)rightMouseUp:(NSEvent *)theEvent
 {
   NS_OBJC_BEGIN_TRY_ABORT_BLOCK;
 
@@ -4719,16 +4721,33 @@ NSEvent* gLastDragMouseDownEvent = nil;
   WidgetMouseEvent geckoEvent(true, eMouseUp, mGeckoChild,
   WidgetMouseEvent::eReal);
   [self convertCocoaMouseEvent:theEvent toGeckoEvent:];
   geckoEvent.button = WidgetMouseEvent::eRightButton;
   geckoEvent.mClickCount = 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-11-16 14:00:37

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Thu Nov 16 14:00:37 2017 rev:259 rq:541950 version:57.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-10-09 19:36:33.818326755 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-11-16 14:00:40.506363155 +0100
@@ -1,0 +2,80 @@
+Wed Nov 15 06:46:06 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 57.0 (boo#1068101)
+  * Firefox Quantum
+  * Photon UI
+  * Unified address and search bar
+  * AMD VP9 hardware video decoder support
+  * Added support for Date/Time input
+  * stricter security sandbox blocking filesystem reading and
+writing on Linux systems
+  * middle mouse paste in the content area no longer navigates to
+URLs by default on Unix systems
+  MFSA 2017-24
+  * CVE-2017-7828 (bmo#1406750. bmo#1412252)
+Use-after-free of PressShell while restyling layout
+  * CVE-2017-7830 (bmo#1408990)
+Cross-origin URL information leak through Resource Timing API
+  * CVE-2017-7831 (bmo#1392026)
+Information disclosure of exposed properties on JavaScript proxy
+objects
+  * CVE-2017-7832 (bmo#1408782)
+Domain spoofing through use of dotless 'i' character followed
+by accent markers
+  * CVE-2017-7833 (bmo#1370497)
+Domain spoofing with Arabic and Indic vowel marker characters
+  * CVE-2017-7834 (bmo#1358009)
+data: URLs opened in new tabs bypass CSP protections
+  * CVE-2017-7835 (bmo#1402363)
+Mixed content blocking incorrectly applies with redirects
+  * CVE-2017-7836 (bmo#1401339)
+Pingsender dynamically loads libcurl on Linux and OS X
+  * CVE-2017-7837 (bmo#1325923)
+SVG loaded as  can use meta tags to set cookies
+  * CVE-2017-7838 (bmo#1399540)
+Failure of individual decoding of labels in international domain
+names triggers punycode display of entire IDN
+  * CVE-2017-7839 (bmo#1402896)
+Control characters before javascript: URLs defeats self-XSS
+prevention mechanism
+  * CVE-2017-7840 (bmo#1366420)
+Exported bookmarks do not strip script elements from user-supplied
+tags
+  * CVE-2017-7842 (bmo#1397064)
+Referrer Policy is not always respected for  elements
+  * CVE-2017-7827
+Memory safety bugs fixed in Firefox 57
+  * CVE-2017-7826
+Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
+- requires NSPR 4.17, NSS 3.33 and rustc 1.19
+- rebased patches
+- added mozilla-bindgen-systemlibs.patch to allow stylo build
+  with system libs (bmo#1341234)
+- removed mozilla-language.patch since the whole locale code
+  changed in Firefox and is relying on ICU now
+- removed obsolete mozilla-ucontext.patch
+
+---
+Sat Oct 28 06:30:37 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 56.0.2
+  * Disable Form Autofill completely on user request (bmo#1404531)
+  * Fix for video-related crashes on Windows 7 (bmo#1409141)
+  * Correct detection for 64-bit GSSAPI authentication (bmo#1409275)
+  * Fix for shutdown crash (bmo#1404105)
+
+---
+Tue Oct 10 11:47:49 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 56.0.1
+  * Block D3D11 when using Intel drivers on Windows 7 systems with
+partial AVX support (bmo#1403353)
+  -> just to sync the version number
+- enable stylo for TW (requires LLVM >= 3.9)
+- queue KDE filepicker requests to avoid non-opening file dialogs
+  happening in certain situations (contributed by Ignaz Forster)
+- the placeholder dot in KDE file dialog in case of empty filenames
+  was removed, apparently not required (anymore)
+  (contributed by Ignaz Forster)
+
+---

Old:

  firefox-56.0-source.tar.xz
  l10n-56.0.tar.xz
  mozilla-language.patch
  mozilla-ucontext.patch

New:

  firefox-57.0-source.tar.xz
  l10n-57.0.tar.xz
  mozilla-bindgen-systemlibs.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.I5djYi/_old  2017-11-16 14:00:57.341753085 +0100
+++ /var/tmp/diff_new_pack.I5djYi/_new  2017-11-16 14:00:57.345752940 +0100
@@ -18,11 +18,11 @@
 
 
 # changed with every update
-%define major 56
+%define major 57
 %define mainver %major.0
 %define update_channel release
 %define branding 1
-%define releasedate 20170926190823
+%define releasedate 20171109183137
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -72,10 +72,10 @@
 BuildRequires: 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-10-09 19:36:32

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Mon Oct  9 19:36:32 2017 rev:258 rq:530307 version:56.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-08-12 20:16:00.854091812 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-10-09 19:36:33.818326755 +0200
@@ -2 +2 @@
-Wed Aug  9 09:47:39 UTC 2017 - sch...@suse.de
+Sun Oct  1 18:25:16 UTC 2017 - stefan.bru...@rwth-aachen.de
@@ -4 +4,3 @@
-- mozilla-ucontext.patch: use ucontext_t instead of struct ucontext
+- Correct plugin directory for aarch64 (boo#1061207). The wrapper
+  script was not detecting aarch64 as a 64 bit architecture, thus
+  used /usr/lib/browser-plugins/.
@@ -7 +9 @@
-Tue Aug  8 18:13:34 UTC 2017 - w...@rosenauer.org
+Sat Sep 30 20:10:50 UTC 2017 - zai...@opensuse.org
@@ -9,2 +11,119 @@
-- update to Firefox 52.3esr (boo#1052829)
-  MFSA 2017-19
+- Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0),
+  pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0),
+  pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and
+  pkgconfig(gdk-x11-2.0) BuildRequires, align with what configure
+  looks for.
+
+---
+Thu Sep 28 08:28:29 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 56.0 (boo#1060445)
+  * Firefox Screenshots
+  * Find Options/Preferences more quickly with new search function
+  * Media is no longer auto-played when opened in a background tab
+  * Enable CSS Grid Layout View
+  MFSA 2017-21
+  * CVE-2017-7793 (bmo#1371889)
+Use-after-free with Fetch API
+  * CVE-2017-7817 (bmo#1356596) (Android-only)
+Firefox for Android address bar spoofing through fullscreen mode
+  * CVE-2017-7818 (bmo#1363723)
+Use-after-free during ARIA array manipulation
+  * CVE-2017-7819 (bmo#1380292)
+Use-after-free while resizing images in design mode
+  * CVE-2017-7824 (bmo#1398381)
+Buffer overflow when drawing and validating elements with ANGLE
+  * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
+Use-after-free in TLS 1.2 generating handshake hashes
+  * CVE-2017-7812 (bmo#1379842)
+Drag and drop of malicious page content to the tab bar can open locally 
stored files
+  * CVE-2017-7814 (bmo#1376036)
+Blob and data URLs bypass phishing and malware protection warnings
+  * CVE-2017-7813 (bmo#1383951)
+Integer truncation in the JavaScript parser
+  * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
+OS X fonts render some Tibetan and Arabic unicode characters as spaces
+  * CVE-2017-7815 (bmo#1368981)
+Spoofing attack with modal dialogs on non-e10s installations
+  * CVE-2017-7816 (bmo#1380597)
+WebExtensions can load about: URLs in extension UI
+  * CVE-2017-7821 (bmo#1346515)
+WebExtensions can download and open non-executable files without user 
interaction
+  * CVE-2017-7823 (bmo#1396320)
+CSP sandbox directive did not create a unique origin
+  * CVE-2017-7822 (bmo#1368859)
+WebCrypto allows AES-GCM with 0-length IV
+  * CVE-2017-7820 (bmo#1378207)
+Xray wrapper bypass with new tab and web console
+  * CVE-2017-7811
+Memory safety bugs fixed in Firefox 56
+  * CVE-2017-7810
+Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
+- requires NSPR 4.16 and NSS 3.32.1
+- rebased patches
+
+---
+Thu Sep 28 07:53:13 UTC 2017 - dims...@opensuse.org
+
+- Add alsa-devel BuildRequires: we care for ALSA support to be
+  built and thus need to ensure we get the dependencies in place.
+  In the past, alsa-devel was pulled in by accident: we
+  buildrequire libgnome-devel. This required esound-devel and that
+  in turn pulled in alsa-devel for us. libgnome is being fixed to
+  no longer require esound-devel.
+
+---
+Mon Sep  4 18:27:44 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 55.0.3
+  * Fix an issue with addons when using a path containing non-ascii
+characters (bmo#1389160)
+  * Fix file uploads to some websites, including YouTube (bmo#1383518)
+- fix Google API key build integration
+- add mozilla-ucontext.patch to fix Tumbleweed build
+- do not enable XINPUT2 for now (boo#1053959)
+
+---
+Fri Aug 11 08:32:30 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 55.0.1
+  * Fix a regression the tab restoration process (bmo#1388160)
+  * Fix a problem causing What's new pages not to be displayed (bmo#1386224)
+  * Fix a rendering issue with 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-08-12 20:15:57

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Sat Aug 12 20:15:57 2017 rev:257 rq:515337 version:52.3.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-07-21 22:36:22.031029241 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-08-12 20:16:00.854091812 +0200
@@ -1,0 +2,43 @@
+Wed Aug  9 09:47:39 UTC 2017 - sch...@suse.de
+
+- mozilla-ucontext.patch: use ucontext_t instead of struct ucontext
+
+---
+Tue Aug  8 18:13:34 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 52.3esr (boo#1052829)
+  MFSA 2017-19
+  * CVE-2017-7798 (bmo#1371586, bmo#1372112)
+XUL injection in the style editor in devtools
+  * CVE-2017-7800 (bmo#1374047)
+Use-after-free in WebSockets during disconnection
+  * CVE-2017-7801 (bmo#1371259)
+Use-after-free with marquee during window resizing
+  * CVE-2017-7784 (bmo#1376087)
+Use-after-free with image observers
+  * CVE-2017-7802 (bmo#1378147)
+Use-after-free resizing image elements
+  * CVE-2017-7785 (bmo#1356985)
+Buffer overflow manipulating ARIA attributes in DOM
+  * CVE-2017-7786 (bmo#1365189)
+Buffer overflow while painting non-displayable SVG
+  * CVE-2017-7753 (bmo#1353312)
+Out-of-bounds read with cached style data and pseudo-elements#
+  * CVE-2017-7787 (bmo#1322896)
+Same-origin policy bypass with iframes through page reloads
+  * CVE-2017-7807 (bmo#1376459)
+Domain hijacking through AppCache fallback
+  * CVE-2017-7792 (bmo#1368652)
+Buffer overflow viewing certificates with an extremely long OID
+  * CVE-2017-7804 (bmo#1372849)
+Memory protection bypass through WindowsDllDetourPatcher
+  * CVE-2017-7791 (bmo#1365875)
+Spoofing following page navigation with data: protocol and modal alerts
+  * CVE-2017-7782 (bmo#1344034)
+WindowsDllDetourPatcher allocates memory without DEP protections
+  * CVE-2017-7803 (bmo#1377426)
+CSP containing 'sandbox' improperly applied
+  * CVE-2017-7779
+Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
+
+---

Old:

  firefox-52.2.1-source.tar.xz
  l10n-52.2.1.tar.xz

New:

  firefox-52.3.0-source.tar.xz
  l10n-52.3.0.tar.xz
  mozilla-ucontext.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.VcJdxc/_old  2017-08-12 20:16:17.679734467 +0200
+++ /var/tmp/diff_new_pack.VcJdxc/_new  2017-08-12 20:16:17.683733906 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 52
-%define mainver %major.2.1
+%define mainver %major.3.0
 %define update_channel esr52
-%define releasedate 2017062900
+%define releasedate 2017080700
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -158,6 +158,7 @@
 Patch8: mozilla-no-stdcxx-check.patch
 Patch9: mozilla-reduce-files-per-UnifiedBindings.patch
 Patch10:mozilla-aarch64-startup-crash.patch
+Patch11:mozilla-ucontext.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -267,6 +268,7 @@
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.VcJdxc/_old  2017-08-12 20:16:18.507618476 +0200
+++ /var/tmp/diff_new_pack.VcJdxc/_new  2017-08-12 20:16:18.523616234 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_52_2_1esr_RELEASE"
-VERSION="52.2.1"
+RELEASE_TAG="FIREFOX_52_3_0esr_RELEASE"
+VERSION="52.3.0"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-52.2.1-source.tar.xz -> firefox-52.3.0-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-52.2.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-52.3.0-source.tar.xz 
differ: char 8, line 1

++ l10n-52.2.1.tar.xz -> l10n-52.3.0.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-52.2.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-52.3.0.tar.xz differ: char 
8, line 1

++ mozilla-ucontext.patch ++
Index: 
mozilla/toolkit/crashreporter/google-breakpad/src/client/linux/dump_writer_common/ucontext_reader.cc
===
--- 
mozilla.orig/toolkit/crashreporter/google-breakpad/src/client/linux/dump_writer_common/ucontext_reader.cc
+++ 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-07-21 22:36:15

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Fri Jul 21 22:36:15 2017 rev:256 rq:510206 version:52.2.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-06-20 10:57:54.452589765 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-07-21 22:36:22.031029241 +0200
@@ -1,0 +2,7 @@
+Wed Jul  5 07:26:32 UTC 2017 - astie...@suse.com
+
+- Mozilla Firefox 52.2.1esr:
+  * Printing text does not work on Windows when Direct2D is
+disabled (bmo#1318845)
+
+---

Old:

  firefox-52.2-source.tar.xz
  l10n-52.2.tar.xz

New:

  firefox-52.2.1-source.tar.xz
  l10n-52.2.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.RmeeMb/_old  2017-07-21 22:36:41.316308772 +0200
+++ /var/tmp/diff_new_pack.RmeeMb/_new  2017-07-21 22:36:41.316308772 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 52
-%define mainver %major.2
+%define mainver %major.2.1
 %define update_channel esr52
-%define releasedate 2017061200
+%define releasedate 2017062900
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.RmeeMb/_old  2017-07-21 22:36:41.464287897 +0200
+++ /var/tmp/diff_new_pack.RmeeMb/_new  2017-07-21 22:36:41.464287897 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_52_2_0esr_RELEASE"
-VERSION="52.2"
+RELEASE_TAG="FIREFOX_52_2_1esr_RELEASE"
+VERSION="52.2.1"
 
 # mozilla
 if [ -d mozilla ]; then
@@ -40,8 +40,16 @@
 echo -n "REPO=" >> ../source-stamp.txt
 hg showconfig paths.default 2>/dev/null | head -n1 | sed -e "s/^ssh:/http:/" 
>> ../source-stamp.txt
 popd
+
+# use parallel compression, if available
+compression='-J'
+pixz -h > /dev/null 2>&1
+if (($? != 127)); then
+  compression='-Ipixz'
+fi
+
 echo "creating archive..."
-tar cJf firefox-$VERSION-source.tar.xz --exclude=.hgtags --exclude=.hgignore 
--exclude=.hg --exclude=CVS mozilla
+tar $compression -cf firefox-$VERSION-source.tar.xz --exclude=.hgtags 
--exclude=.hgignore --exclude=.hg --exclude=CVS mozilla
 
 # l10n
 echo "fetching locales..."
@@ -60,10 +68,10 @@
   esac
 done
 echo "creating l10n archive..."
-tar cJf l10n-$VERSION.tar.xz --exclude=.hgtags --exclude=.hgignore 
--exclude=.hg l10n
+tar $compression -cf l10n-$VERSION.tar.xz --exclude=.hgtags 
--exclude=.hgignore --exclude=.hg l10n
 
 # compare-locales
 echo "creating compare-locales"
 hg clone http://hg.mozilla.org/build/compare-locales
-tar cJf compare-locales.tar.xz --exclude=.hgtags --exclude=.hgignore 
--exclude=.hg compare-locales
+tar $compression -cf compare-locales.tar.xz --exclude=.hgtags 
--exclude=.hgignore --exclude=.hg compare-locales
 

++ firefox-52.2-source.tar.xz -> firefox-52.2.1-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-52.2-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-52.2.1-source.tar.xz 
differ: char 8, line 1

++ l10n-52.2.tar.xz -> l10n-52.2.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-52.2.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-52.2.1.tar.xz differ: char 
8, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.RmeeMb/_old  2017-07-21 22:36:41.640263073 +0200
+++ /var/tmp/diff_new_pack.RmeeMb/_new  2017-07-21 22:36:41.644262509 +0200
@@ -1,2 +1,2 @@
-REV=f68e0d98a22a
+REV=512efd480dac
 REPO=http://hg.mozilla.org/releases/mozilla-esr52

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-06-20 10:57:52

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Jun 20 10:57:52 2017 rev:255 rq:503675 version:52.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-05-27 13:09:56.346979887 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-06-20 10:57:54.452589765 +0200
@@ -1,0 +2,55 @@
+Wed Jun 14 07:08:29 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 52.2esr (boo#1043960)
+  MFSA 2017-16
+  * CVE-2017-5472 (bmo#1365602)
+Use-after-free using destroyed node when regenerating trees
+  * CVE-2017-7749 (bmo#1355039)
+Use-after-free during docshell reloading
+  * CVE-2017-7750 (bmo#1356558)
+Use-after-free with track elements
+  * CVE-2017-7751 (bmo#1363396)
+Use-after-free with content viewer listeners
+  * CVE-2017-7752 (bmo#1359547)
+Use-after-free with IME input
+  * CVE-2017-7754 (bmo#1357090)
+Out-of-bounds read in WebGL with ImageInfo object
+  * CVE-2017-7755 (bmo#1361326)
+Privilege escalation through Firefox Installer with same
+directory DLL files (Windows only)
+  * CVE-2017-7756 (bmo#1366595)
+Use-after-free and use-after-scope logging XHR header errors
+  * CVE-2017-7757 (bmo#1356824)
+Use-after-free in IndexedDB
+  * CVE-2017-7778, CVE-2017-7778, CVE-2017-7771, CVE-2017-7772,
+CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776,
+CVE-2017-
+Vulnerabilities in the Graphite 2 library
+  * CVE-2017-7758 (bmo#1368490)
+Out-of-bounds read in Opus encoder
+  * CVE-2017-7760 (bmo#1348645)
+File manipulation and privilege escalation via callback parameter
+in Mozilla Windows Updater and Maintenance Service (Windows only)
+  * CVE-2017-7761 (bmo#1215648)
+File deletion and privilege escalation through Mozilla Maintenance
+Service helper.exe application (Windows only)
+  * CVE-2017-7764 (bmo#1364283)
+Domain spoofing with combination of Canadian Syllabics and other
+unicode blocks
+  * CVE-2017-7765 (bmo#1273265)
+Mark of the Web bypass when saving executable files (Windows only)
+  * CVE-2017-7766 (bmo#1342742)
+File execution and privilege escalation through updater.ini,
+Mozilla Windows Updater, and Mozilla Maintenance Service
+(Windows only)
+  * CVE-2017-7767 (bmo#1336964)
+Privilege escalation and arbitrary file overwrites through Mozilla
+Windows Updater and Mozilla Maintenance Service (Windows only)
+  * CVE-2017-7768 (bmo#1336979)
+32 byte arbitrary file read through Mozilla Maintenance Service
+(Windows only)
+  * CVE-2017-5470
+Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
+- requires NSS 3.28.5
+
+---

Old:

  firefox-52.1.1-source.tar.xz
  l10n-52.1.1.tar.xz

New:

  firefox-52.2-source.tar.xz
  l10n-52.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.ggjwjR/_old  2017-06-20 10:59:15.689139101 +0200
+++ /var/tmp/diff_new_pack.ggjwjR/_new  2017-06-20 10:59:15.693138537 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 52
-%define mainver %major.1.1
+%define mainver %major.2
 %define update_channel esr52
-%define releasedate 2017050400
+%define releasedate 2017061200
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -82,7 +82,7 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.13.1
-BuildRequires:  mozilla-nss-devel >= 3.28.4
+BuildRequires:  mozilla-nss-devel >= 3.28.5
 BuildRequires:  nss-shared-helper-devel
 BuildRequires:  python-devel
 BuildRequires:  startup-notification-devel

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.ggjwjR/_old  2017-06-20 10:59:15.921106404 +0200
+++ /var/tmp/diff_new_pack.ggjwjR/_new  2017-06-20 10:59:15.925105840 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_52_1_1esr_RELEASE"
-VERSION="52.1.1"
+RELEASE_TAG="FIREFOX_52_2_0esr_RELEASE"
+VERSION="52.2"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-52.1.1-source.tar.xz -> firefox-52.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-52.1.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-52.2-source.tar.xz 
differ: char 26, line 1

++ l10n-52.1.1.tar.xz -> l10n-52.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-52.1.1.tar.xz 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-05-27 13:09:34

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Sat May 27 13:09:34 2017 rev:254 rq:498129 version:52.1.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-05-18 20:36:43.769403831 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-05-27 13:09:56.346979887 +0200
@@ -1,0 +2,6 @@
+Tue May 23 14:00:40 UTC 2017 - w...@rosenauer.org
+
+- remove -fno-inline-small-functions and explicitely optimize with
+  -O2 for openSUSE > 13.2/Leap 42 to work with gcc7 (boo#1040105)
+
+---



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.fxsKo4/_old  2017-05-27 13:10:00.966326785 +0200
+++ /var/tmp/diff_new_pack.fxsKo4/_new  2017-05-27 13:10:00.970326220 +0200
@@ -295,9 +295,9 @@
 export MOZ_TELEMETRY_REPORTING=1
 export MOZ_GOOGLE_API_KEY=%{_google_api_key}
 export CFLAGS="%{optflags} -fno-strict-aliasing"
-# boo#986541: add -fno-delete-null-pointer-checks and 
-fno-inline-small-functions for gcc6
+# boo#986541: add -fno-delete-null-pointer-checks for gcc6
 %if 0%{?suse_version} > 1320
-export CFLAGS="$CFLAGS -fno-delete-null-pointer-checks 
-fno-inline-small-functions"
+export CFLAGS="$CFLAGS -fno-delete-null-pointer-checks"
 %endif
 %ifarch %arm
 export CFLAGS="${CFLAGS/-g / }"
@@ -337,6 +337,10 @@
 %if 0%{?build_hardened}
 ac_add_options --enable-pie
 %endif
+# gcc7 (boo#104105)
+%if 0%{?suse_version} > 1320
+ac_add_options --enable-optimize="-g -O2"
+%endif
 %ifarch %ix86 %arm
 %if 0%{?suse_version} > 1230
 ac_add_options --disable-optimize

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-05-18 20:36:38

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Thu May 18 20:36:38 2017 rev:253 rq:493642 version:52.1.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-05-04 08:52:14.183313640 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-05-18 20:36:43.769403831 +0200
@@ -1,0 +2,13 @@
+Mon May  8 08:28:17 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 52.1.1
+  MFSA 2017-14
+  * CVE-2017-5031: Use after free in ANGLE (bmo#1328762)
+   (Windows only, Linux not affected)
+- switch to Mozilla's geolocation service (boo#1026989)
+- removed mozilla-preferences.patch obsoleted by overriding via
+  firefox.js
+- fixed KDE integration to avoid crash caused by filepicker
+  (boo#1015998)
+
+---

Old:

  firefox-52.1.0-source.tar.xz
  l10n-52.1.0.tar.xz
  mozilla-preferences.patch

New:

  firefox-52.1.1-source.tar.xz
  l10n-52.1.1.tar.xz
  mozilla-api-key



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.zAsFAg/_old  2017-05-18 20:37:15.904868802 +0200
+++ /var/tmp/diff_new_pack.zAsFAg/_new  2017-05-18 20:37:15.908868237 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 52
-%define mainver %major.1.0
+%define mainver %major.1.1
 %define update_channel esr52
-%define releasedate 2017041300
+%define releasedate 2017050400
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -147,11 +147,11 @@
 Source15:   firefox-appdata.xml
 Source16:   MozillaFirefox.changes
 Source17:   l10n_changesets.txt
+Source18:   mozilla-api-key
 # Gecko/Toolkit
 Patch1: mozilla-nongnome-proxies.patch
 Patch2: mozilla-shared-nss-db.patch
 Patch3: mozilla-kde.patch
-Patch4: mozilla-preferences.patch
 Patch5: mozilla-language.patch
 Patch6: mozilla-ntlm-full-path.patch
 Patch7: mozilla-openaes-decl.patch
@@ -261,7 +261,6 @@
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
-%patch4 -p1
 %patch5 -p1
 %patch6 -p1
 %patch7 -p1
@@ -361,6 +360,7 @@
 ac_add_options --enable-startup-notification
 #ac_add_options --enable-chrome-format=jar
 ac_add_options --enable-update-channel=%{update_channel}
+ac_add_options --with-mozilla-api-keyfile=%{SOURCE18}
 %if %branding
 ac_add_options --enable-official-branding
 %endif

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.zAsFAg/_old  2017-05-18 20:37:16.096841710 +0200
+++ /var/tmp/diff_new_pack.zAsFAg/_new  2017-05-18 20:37:16.096841710 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="esr52"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="3ea0e075203185d7f2d42f439455e97735bd1b20"
-VERSION="52.1.0"
+RELEASE_TAG="FIREFOX_52_1_1esr_RELEASE"
+VERSION="52.1.1"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-52.1.0-source.tar.xz -> firefox-52.1.1-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-52.1.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-52.1.1-source.tar.xz 
differ: char 26, line 1

++ firefox.js ++
--- /var/tmp/diff_new_pack.zAsFAg/_old  2017-05-18 20:37:16.196827600 +0200
+++ /var/tmp/diff_new_pack.zAsFAg/_new  2017-05-18 20:37:16.200827036 +0200
@@ -1 +1,3 @@
+pref("intl.locale.matchOS", true);
 pref("browser.preferences.instantApply", true);
+pref("geo.wifi.uri", 
"https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%;);

++ l10n-52.1.0.tar.xz -> l10n-52.1.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-52.1.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-52.1.1.tar.xz differ: char 
26, line 1

++ mozilla-api-key ++
4605624048be48fda932495844d16fbb
++ mozilla-kde.patch ++
--- /var/tmp/diff_new_pack.zAsFAg/_old  2017-05-18 20:37:16.292814054 +0200
+++ /var/tmp/diff_new_pack.zAsFAg/_new  2017-05-18 20:37:16.296813490 +0200
@@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  5f1979729aa3c6bc50f7097202991e73be677e5e
+# Parent  aff14a54f25dc3146ba7a64408ceb9f486a832db
 Description: Add KDE integration to Firefox (toolkit parts)
 Author: Wolfgang Rosenauer 
 Author: Lubos Lunak 
@@ -3347,7 +3347,7 @@
  
mFilters.AppendElement(filter);
mFilterNames.AppendElement(name);
-@@ -371,16 +375,32 @@ nsFilePicker::Show(int16_t *aReturn)
+@@ -371,16 +375,34 @@ nsFilePicker::Show(int16_t *aReturn)
  
  NS_IMETHODIMP
  

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-05-04 08:52:10

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Thu May  4 08:52:10 2017 rev:252 rq:491715 version:52.1.0

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-04-11 09:29:00.114054225 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-05-04 08:52:14.183313640 +0200
@@ -1,0 +2,90 @@
+Wed Apr 12 21:43:16 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 52.1.0esr (boo#1035082)
+  MFSA 2017-12
+  * CVE-2017-5443 (bmo#1342661)
+Out-of-bounds write during BinHex decoding
+  * CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894,
+ bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088)
+Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and
+Firefox ESR 52.1
+  * CVE-2017-5464 (bmo#1347075)
+Memory corruption with accessibility and DOM manipulation
+  * CVE-2017-5465 (bmo#1347617)
+Out-of-bounds read in ConvolvePixel
+  * CVE-2017-5466 (bmo#1353975)
+Origin confusion when reloading isolated data:text/html URL
+  * CVE-2017-5467 (bmo#1347262)
+Memory corruption when drawing Skia content
+  * CVE-2017-5460 (bmo#1343642)
+Use-after-free in frame selection
+  * CVE-2017-5461 (bmo#1344380)
+Out-of-bounds write in Base64 encoding in NSS
+  * CVE-2017-5448 (bmo#1346648)
+Out-of-bounds write in ClearKeyDecryptor
+  * CVE-2017-5449 (bmo#1340127)
+Crash during bidirectional unicode manipulation with animation
+  * CVE-2017-5446 (bmo#1343505)
+Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
+  * CVE-2017-5447 (bmo#1343552)
+Out-of-bounds read during glyph processing
+  * CVE-2017-5444 (bmo#1344461)
+Buffer overflow while parsing application/http-index-format content
+  * CVE-2017-5445 (bmo#1344467)
+Uninitialized values used while parsing application/http-index-format
+content
+  * CVE-2017-5442 (bmo#1347979)
+Use-after-free during style changes
+  * CVE-2017-5469 (bmo#1292534)
+Potential Buffer overflow in flex-generated code
+  * CVE-2017-5440 (bmo#1336832)
+Use-after-free in txExecutionState destructor during XSLT processing
+  * CVE-2017-5441 (bmo#1343795)
+Use-after-free with selection during scroll events
+  * CVE-2017-5439 (bmo#1336830)
+Use-after-free in nsTArray Length() during XSLT processing
+  * CVE-2017-5438 (bmo#1336828)
+Use-after-free in nsAutoPtr during XSLT processing
+  * CVE-2017-5437 (bmo#1343453)
+Vulnerabilities in Libevent library
+  * CVE-2017-5436 (bmo#1345461)
+Out-of-bounds write with malicious font in Graphite 2
+  * CVE-2017-5435 (bmo#1350683)
+Use-after-free during transaction processing in the editor
+  * CVE-2017-5434 (bmo#1349946)
+Use-after-free during focus handling
+  * CVE-2017-5433 (bmo#1347168)
+Use-after-free in SMIL animation functions
+  * CVE-2017-5432 (bmo#1346654)
+Use-after-free in text input selection
+  * CVE-2017-5430 (bmo#1329796, bmo#1337418, bmo#1339722, bmo#1340482,
+ bmo#1342101, bmo#1344081, bmo#1344305, bmo#1344686, bmo#1346140,
+ bmo#1346419, bmo#1348143, bmo#1349621, bmo#1349719, bmo#1353476)
+Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
+  * CVE-2017-5459 (bmo#1333858)
+Buffer overflow in WebGL
+  * CVE-2017-5462 (bmo#1345089)
+DRBG flaw in NSS
+  * CVE-2017-5455 (bmo#1341191)
+Sandbox escape through internal feed reader APIs
+  * CVE-2017-5454 (bmo#1349276)
+Sandbox escape allowing file system read access through file
+picker
+  * CVE-2017-5456 (bmo#1344415)
+Sandbox escape allowing local file system access
+  * CVE-2017-5451 (bmo#1273537)
+Addressbar spoofing with onblur event
+- requires NSS 3.28.4
+- rebased patches
+
+---
+Mon Apr  3 06:28:34 UTC 2017 - w...@rosenauer.org
+
+- switch package to use ESR52 branch
+  * enables plugin support by default
+  * service workers are disabled by default
+  * push notifications are disabled by default
+  * WebAssembly (wasm) is disabled
+  * Less use of multiprocess architecture Electrolysis (e10s)
+
++---

Old:

  firefox-52.0.2-source.tar.xz
  l10n-52.0.2.tar.xz

New:

  firefox-52.1.0-source.tar.xz
  l10n-52.1.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.3NaALi/_old  2017-05-04 08:52:30.700984179 +0200
+++ /var/tmp/diff_new_pack.3NaALi/_new  2017-05-04 

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-04-11 09:28:55

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Apr 11 09:28:55 2017 rev:251 rq:485000 version:52.0.2

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-03-21 22:47:56.428427791 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-04-11 09:29:00.114054225 +0200
@@ -1,0 +2,10 @@
+Mon Apr  3 06:16:26 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 52.0.2
+  * Use Nirmala UI as fallback font for additional Indic languages 
(bmo#1342787)
+  * Fix loading tab icons on session restore (bmo#1338009)
+  * Fix a crash on startup on Linux (bmo#1345413)
+  * Fix new installs erroneously not prompting to change the default
+browser setting (bmo#1343938)
+
+---

Old:

  firefox-52.0.1-source.tar.xz
  l10n-52.0.1.tar.xz

New:

  firefox-52.0.2-source.tar.xz
  l10n-52.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.fFJpIJ/_old  2017-04-11 09:29:14.384038870 +0200
+++ /var/tmp/diff_new_pack.fFJpIJ/_new  2017-04-11 09:29:14.388038305 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 52
-%define mainver %major.0.1
+%define mainver %major.0.2
 %define update_channel release
-%define releasedate 2017031700
+%define releasedate 2017032400
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.fFJpIJ/_old  2017-04-11 09:29:14.556014582 +0200
+++ /var/tmp/diff_new_pack.fFJpIJ/_new  2017-04-11 09:29:14.556014582 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="2f2b4a119565e9b5691187ee5fbe91881c90b249"
-VERSION="52.0.1"
+RELEASE_TAG="FIREFOX_52_0_2_RELEASE"
+VERSION="52.0.2"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-52.0.1-source.tar.xz -> firefox-52.0.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-52.0.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-52.0.2-source.tar.xz 
differ: char 26, line 1

++ l10n-52.0.1.tar.xz -> l10n-52.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-52.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-52.0.2.tar.xz differ: char 
26, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.fFJpIJ/_old  2017-04-11 09:29:14.755986340 +0200
+++ /var/tmp/diff_new_pack.fFJpIJ/_new  2017-04-11 09:29:14.755986340 +0200
@@ -1,2 +1,2 @@
-REV=2f2b4a119565
+REV=e81854d6ce91
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-03-21 22:47:55

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Tue Mar 21 22:47:55 2017 rev:250 rq:481555 version:52.0.1

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2017-02-03 17:30:24.918573722 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-03-21 22:47:56.428427791 +0100
@@ -1,0 +2,85 @@
+Mon Mar 20 15:35:57 UTC 2017 - w...@rosenauer.org
+
+- disable rust usage for everything but x86(-64)
+- explicitely add libffi build requirement
+
+---
+Fri Mar 17 15:43:29 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 52.0.1 (boo#1029822)
+  MFSA 2017-08
+  CVE-2017-5428: integer overflow in createImageBitmap() (bmo#1348168)
+
+---
+Thu Mar  9 12:30:14 UTC 2017 - w...@rosenauer.org
+
+- reenable ALSA support which was removed by default upstream
+
+---
+Sat Mar  4 16:57:45 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 52.0 (boo#1028391)
+  * requires NSS >= 3.28.3
+  * Pages containing insecure password fields now display a warning
+directly within username and password fields.
+  * Send and open a tab from one device to another with Sync
+  * Removed NPAPI support for plugins other than Flash. Silverlight,
+Java, Acrobat and the like are no longer supported.
+  * Removed Battery Status API to reduce fingerprinting of users by
+trackers
+  * MFSA 2017-05
+CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
+   (bmo#1334933)
+CVE-2017-5401: Memory Corruption when handling ErrorResult
+   (bmo#1328861)
+CVE-2017-5402: Use-after-free working with events in FontFace
+   objects (bmo#1334876)
+CVE-2017-5403: Use-after-free using addRange to add range to an
+   incorrect root object (bmo#1340186)
+CVE-2017-5404: Use-after-free working with ranges in selections
+   (bmo#1340138)
+CVE-2017-5406: Segmentation fault in Skia with canvas operations
+   (bmo#1306890)
+CVE-2017-5407: Pixel and history stealing via floating-point
+   timing side channel with SVG filters (bmo#1336622)
+CVE-2017-5410: Memory corruption during JavaScript garbage
+   collection incremental sweeping (bmo#1330687)
+CVE-2017-5408: Cross-origin reading of video captions in violation
+   of CORS (bmo#1313711)
+CVE-2017-5412: Buffer overflow read in SVG filters (bmo#1328323)
+CVE-2017-5413: Segmentation fault during bidirectional operations
+   (bmo#1337504)
+CVE-2017-5414: File picker can choose incorrect default directory
+   (bmo#1319370)
+CVE-2017-5415: Addressbar spoofing through blob URL (bmo#1321719)
+CVE-2017-5416: Null dereference crash in HttpChannel (bmo#1328121)
+CVE-2017-5417: Addressbar spoofing by draging and dropping URLs
+   (bmo#791597)
+CVE-2017-5426: Gecko Media Plugin sandbox is not started if
+   seccomp-bpf filter is running (bmo#1257361)
+CVE-2017-5427: Non-existent chrome.manifest file loaded during
+   startup (bmo#1295542)
+CVE-2017-5418: Out of bounds read when parsing HTTP digest
+   authorization responses (bmo#1338876)
+CVE-2017-5419: Repeated authentication prompts lead to DOS
+   attack (bmo#1312243)
+CVE-2017-5420: Javascript: URLs can obfuscate addressbar
+   location (bmo#1284395)
+CVE-2017-5405: FTP response codes can cause use of
+   uninitialized values for ports (bmo#1336699)
+CVE-2017-5421: Print preview spoofing (bmo#1301876)
+CVE-2017-5422: DOS attack by using view-source: protocol
+   repeatedly in one hyperlink (bmo#1295002)
+CVE-2017-5399: Memory safety bugs fixed in Firefox 52
+CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and
+   Firefox ESR 45.8
+- removed obsolete patches
+  * mozilla-binutils-visibility.patch
+  * mozilla-check_return.patch
+  * mozilla-disable-skia-be.patch
+  * mozilla-skia-overflow.patch
+  * mozilla-skia-ppc-endianess.patch
+- rebased patches
+- enable rust usage for Tumbleweed
+
+---

Old:

  firefox-51.0.1-source.tar.xz
  l10n-51.0.1.tar.xz
  mozilla-binutils-visibility.patch
  mozilla-check_return.patch
  

commit MozillaFirefox for openSUSE:Factory

[root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2017-01-29 10:30:32

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-12-16 12:04:56.845467773 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2017-02-03 17:30:24.918573722 +0100
@@ -1,0 +2,82 @@
+Fri Jan 27 20:25:59 UTC 2017 - astie...@suse.com
+
+- Mozilla Firefox 51.0.1:
+  - Multiprocess incompatibility did not correctly register with
+some add-ons (bmo#1333423)
+
+---
+Fri Jan 20 13:57:56 UTC 2017 - w...@rosenauer.org
+
+- update to Firefox 51.0
+  * requires NSPR >= 4.13.1, NSS >= 3.28.1
+  * Added support for FLAC (Free Lossless Audio Codec) playback
+  * Added support for WebGL 2
+  * Added Georgian (ka) and Kabyle (kab) locales
+  * Support saving passwords for forms without 'submit' events
+  * Improved video performance for users without GPU acceleration
+  * Zoom indicator is shown in the URL bar if the zoom level is not
+at default level
+  * View passwords from the prompt before saving them
+  * Remove Belarusian (be) locale
+  * Use Skia for content rendering (Linux)
+  * MFSA 2017-01
+CVE-2017-5375: Excessive JIT code allocation allows bypass of
+   ASLR and DEP (bmo#1325200, boo#1021814)
+CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
+CVE-2017-5377: Memory corruption with transforms to create
+   gradients in Skia (bmo#1306883, boo#1021826)
+CVE-2017-5378: Pointer and frame data leakage of Javascript objects
+   (bmo#1312001, bmo#1330769, boo#1021818)
+CVE-2017-5379: Use-after-free in Web Animations
+   (bmo#1309198,boo#1021827)
+CVE-2017-5380: Potential use-after-free during DOM manipulations
+   (bmo#1322107, boo#1021819)
+CVE-2017-5390: Insecure communication methods in Developer Tools
+   JSON viewer (bmo#1297361, boo#1021820)
+CVE-2017-5389: WebExtensions can install additional add-ons via
+   modified host requests (bmo#1308688, boo#1021828)
+CVE-2017-5396: Use-after-free with Media Decoder
+   (bmo#1329403, boo#1021821)
+CVE-2017-5381: Certificate Viewer exporting can be used to navigate
+   and save to arbitrary filesystem locations
+  (bmo#1017616, boo#1021830)
+CVE-2017-5382: Feed preview can expose privileged content errors
+   and exceptions (bmo#1295322, boo#1021831)
+CVE-2017-5383: Location bar spoofing with unicode characters
+   (bmo#1323338, bmo#1324716, boo#1021822)
+CVE-2017-5384: Information disclosure via Proxy Auto-Config (PAC)
+   (bmo#1255474, boo#1021832)
+CVE-2017-5385: Data sent in multipart channels ignores referrer-policy
+   response headers (bmo#1295945, boo#1021833)
+CVE-2017-5386: WebExtensions can use data: protocol to affect other
+   extensions (bmo#1319070, boo#1021823)
+CVE-2017-5394: Android location bar spoofing using fullscreen and
+   JavaScript events (bmo#1222798)
+CVE-2017-5391: Content about: pages can load privileged about: pages
+   (bmo#1309310, boo#1021835)
+CVE-2017-5392: Weak references using multiple threads on weak proxy
+   objects lead to unsafe memory usage (bmo#1293709)
+  (Android only)
+CVE-2017-5393: Remove addons.mozilla.org CDN from whitelist for
+   mozAddonManager (bmo#1309282, boo#1021837)
+CVE-2017-5395: Android location bar spoofing during scrolling
+   (bmo#1293463) (Android only)
+CVE-2017-5387: Disclosure of local file existence through TRACK
+   tag error messages (bmo#1295023, boo#1021839)
+CVE-2017-5388: WebRTC can be used to generate a large amount of
+   UDP traffic for DDOS attacks
+  (bmo#1281482, boo#1021840)
+CVE-2017-5374: Memory safety bugs fixed in Firefox 51 (boo#1021841)
+CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and
+   Firefox ESR 45.7 (boo#1021824)
+- switch Firefox to Gtk3 for Tumbleweed
+- removed obsolete patches
+  * mozilla-flex_buffer_overrun.patch
+- updated RPM locale support tag
+- improve recognition of LANGUAGE env variable (boo#1017174)
+- add upstream patch to fix PPC64LE (bmo#1319389)
+  (mozilla-skia-ppc-endianess.patch)
+- fix build without skia (big endian archs) (bmo#1319374)
+  (mozilla-disable-skia-be.patch)
+

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-12-03 18:26:04

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-11-17 12:19:49.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-12-03 18:26:05.0 +0100
@@ -1,0 +2,14 @@
+Thu Dec  1 02:49:45 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 50.0.2
+  * Firefox crashes with 3rd party Chinese IME when using IME text
+(50.0.1)
+  security fixes (in 50.0.1): (boo#1012807)
+  * MFSA 2016-91
+CVE-2016-9078: data: URL can inherit wrong origin after an
+   HTTP redirect (bmo#1317641)
+  security fixes (in 50.0.2) (boo#1012964)
+  * MFSA 2016-92
+CVE-2016-9079: Use-after-free in SVG Animation (bmo#1321066)
+
+---

Old:

  firefox-50.0-source.tar.xz
  l10n-50.0.tar.xz

New:

  firefox-50.0.2-source.tar.xz
  l10n-50.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.xHhJZs/_old  2016-12-03 18:26:20.0 +0100
+++ /var/tmp/diff_new_pack.xHhJZs/_new  2016-12-03 18:26:20.0 +0100
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 50
-%define mainver %major.0
+%define mainver %major.0.2
 %define update_channel release
-%define releasedate 2016111300
+%define releasedate 2016120100
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.xHhJZs/_old  2016-12-03 18:26:20.0 +0100
+++ /var/tmp/diff_new_pack.xHhJZs/_new  2016-12-03 18:26:20.0 +0100
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="dc617d65c9f0cdbbe4351cc1e5c288b05f25f8f7"
-VERSION="50.0"
+RELEASE_TAG="FIREFOX_50_0_2_RELEASE"
+VERSION="50.0.2"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-50.0-source.tar.xz -> firefox-50.0.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-50.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-50.0.2-source.tar.xz 
differ: char 26, line 1



++ l10n-50.0.tar.xz -> l10n-50.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-50.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-50.0.2.tar.xz differ: char 
25, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.xHhJZs/_old  2016-12-03 18:26:20.0 +0100
+++ /var/tmp/diff_new_pack.xHhJZs/_new  2016-12-03 18:26:20.0 +0100
@@ -1,2 +1,2 @@
-REV=dc617d65c9f0
+REV=cc272f7d48d3
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-11-17 12:19:48

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-10-28 10:42:24.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-11-17 12:19:49.0 +0100
@@ -1,0 +2,81 @@
+Mon Nov 14 21:07:03 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 50.0 (boo#1009026)
+  * requires NSS 3.26.2
+  new features
+  * Updates to keyboard shortcuts
+Set a preference to have Ctrl+Tab cycle through tabs in recently
+used order
+View a page in Reader Mode by using Ctrl+Alt+R
+  * Added option to Find in page that allows users to limit search to
+whole words only
+  * Added download protection for a large number of executable file
+types on Windows, Mac and Linux
+  * Fixed rendering of dashed and dotted borders with rounded corners
+(border-radius)
+  * Added a built-in Emoji set for operating systems without native
+Emoji fonts (Windows 8.0 and lower and Linux)
+  * Blocked versions of libavcodec older than 54.35.1
+  * additional locale
+  security fixes:
+  * MFSA 2016-89
+CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
+   (bmo#1292443)
+CVE-2016-5292: URL parsing causes crash (bmo#1288482)
+CVE-2016-5293: Write to arbitrary file with updater and moz
+   maintenance service using updater.log hardlink
+  (Windows only) (bmo#1246945)
+CVE-2016-5294: Arbitrary target directory for result files of
+   update process (Windows only) (bmo#1246972)
+CVE-2016-5297: Incorrect argument length checking in Javascript
+   (bmo#1303678)
+CVE-2016-9064: Addons update must verify IDs match between
+   current and new versions (bmo#1303418)
+CVE-2016-9065: Firefox for Android location bar spoofing usingfullscreen
+   (Android only) (bmo#1306696)
+CVE-2016-9066: Integer overflow leading to a buffer overflow in
+   nsScriptLoadHandler (bmo#1299686)
+CVE-2016-9067: heap-use-after-free in nsINode::ReplaceOrInsertBefore
+   (bmo#1301777, bmo#1308922 (CVE-2016-9069))
+CVE-2016-9068: heap-use-after-free in nsRefreshDriver (bmo#1302973)
+CVE-2016-9072: 64-bit NPAPI sandbox isn't enabled on fresh profile
+   (bmo#1300083) (Windows only)
+CVE-2016-9075: WebExtensions can access the mozAddonManager API
+   and use it to gain elevated privileges (bmo#1295324)
+CVE-2016-9077: Canvas filters allow feDisplacementMaps to be applied
+   to cross-origin images, allowing timing attacks on them
+  (bmo#1298552)
+CVE-2016-5291: Same-origin policy violation using local HTML file
+and saved shortcut file (bmo#1292159)
+CVE-2016-5295: Mozilla Maintenance Service: Ability to read
+   arbitrary files as SYSTEM (Windows only) (bmo#1247239)
+CVE-2016-5298: SSL indicator can mislead the user about the real
+   URL visited (bmo#1227538) (Android only)
+CVE-2016-5299: Firefox AuthToken in broadcast protected with
+   signature-level permission can be accessed by an
+  application installed beforehand that defines the
+  same permissions (bmo#1245791) (Android only)
+CVE-2016-9061: API Key (glocation) in broadcast protected with
+   signature-level permission can be accessed by an
+  application installed beforehand that defines the
+  same permissions (Android only) (bmo#1245795)
+CVE-2016-9062: Private browsing browser traces (android) in
+   browser.db and wal file (Android only) (bmo#1294438)
+CVE-2016-9070: Sidebar bookmark can have reference to chrome window
+   (bmo#1281071)
+CVE-2016-9073: windows.create schema doesn't specify "format": 
"relativeUrl"
+   (bmo#1289273)
+CVE-2016-9074: Insufficient timing side-channel resistance in
+   divSpoiler (bmo#1293334) (fixed via NSS 3.26.1)
+CVE-2016-9076: select dropdown menu can be used for URL bar
+   spoofing on e10s (bmo#1276976)
+CVE-2016-9063: Possible integer overflow to fix inside XML_Parse
+   in expat (bmo#1274777)
+CVE-2016-9071: Probe browser history via HSTS/301 redirect + CSP
+   (bmo#1285003)
+CVE-2016-5289: Memory safety bugs fixed in Firefox 50
+CVE-2016-5290: Memory safety bugs 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-10-28 10:42:24

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-10-22 13:03:30.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-10-28 10:42:24.0 +0200
@@ -1,0 +2,17 @@
+Mon Oct 24 09:41:17 UTC 2016 - astie...@suse.com
+
+- Mozilla Firefox 49.0.2:
+  * CVE-2016-5287: Crash in nsTArray_base (bsc#1006475)
+  * CVE-2016-5288: Web content can read cache entries (bsc#1006476)
+  * Asynchronous rendering of the Flash plugins is now enabled by
+default
+  * Change D3D9 default fallback preference to prevent graphical
+artifacts
+  * Network issue prevents some users from seeing the Firefox UI on
+startup
+  * Web compatibility issue with file uploads
+  * Web compatibility issue with Array.prototype.values
+  * Diagnostic information on timing for tab switching
+  * Fix a Canvas filters graphics issue affecting HTML5 apps
+
+---

Old:

  firefox-49.0.1-source.tar.xz
  l10n-49.0.1.tar.xz

New:

  firefox-49.0.2-source.tar.xz
  l10n-49.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.HLws5j/_old  2016-10-28 10:42:39.0 +0200
+++ /var/tmp/diff_new_pack.HLws5j/_new  2016-10-28 10:42:39.0 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 49
-%define mainver %major.0.1
+%define mainver %major.0.2
 %define update_channel release
-%define releasedate 2016092300
+%define releasedate 2016102000
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.HLws5j/_old  2016-10-28 10:42:39.0 +0200
+++ /var/tmp/diff_new_pack.HLws5j/_new  2016-10-28 10:42:39.0 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_49_0_1_RELEASE"
-VERSION="49.0.1"
+RELEASE_TAG="FIREFOX_49_0_2_RELEASE"
+VERSION="49.0.2"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-49.0.1-source.tar.xz -> firefox-49.0.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-49.0.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-49.0.2-source.tar.xz 
differ: char 26, line 1



++ l10n-49.0.1.tar.xz -> l10n-49.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-49.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-49.0.2.tar.xz differ: char 
26, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.HLws5j/_old  2016-10-28 10:42:39.0 +0200
+++ /var/tmp/diff_new_pack.HLws5j/_new  2016-10-28 10:42:39.0 +0200
@@ -1,2 +1,2 @@
-REV=2d931a5eaf8a
+REV=7356baae8e73
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-10-22 13:03:29

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-09-25 14:29:53.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-10-22 13:03:30.0 +0200
@@ -1,0 +2,6 @@
+Wed Oct 12 20:42:28 UTC 2016 - badshah...@gmail.com
+
+- Drop mozilla-gtk3_20.patch; obsoleted by Firefox version 49.0
+  and fixes have been incorporated by upstream.
+
+---

Old:

  mozilla-gtk3_20.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.ontAKv/_old  2016-10-22 13:03:34.0 +0200
+++ /var/tmp/diff_new_pack.ontAKv/_new  2016-10-22 13:03:34.0 +0200
@@ -144,7 +144,6 @@
 Patch8: mozilla-openaes-decl.patch
 Patch10:mozilla-no-stdcxx-check.patch
 Patch11:mozilla-reduce-files-per-UnifiedBindings.patch
-Patch12:mozilla-gtk3_20.patch
 Patch13:mozilla-check_return.patch
 Patch14:mozilla-skia-overflow.patch
 Patch17:mozilla-binutils-visibility.patch
@@ -259,9 +258,6 @@
 %patch8 -p1
 %patch10 -p1
 %patch11 -p1
-%if 0%{?firefox_use_gtk3}
-%patch12 -p1
-%endif
 %patch13 -p1
 %patch14 -p1
 %patch17 -p1

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-09-25 14:29:52

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-09-01 14:02:07.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-09-25 14:29:53.0 +0200
@@ -1,0 +2,59 @@
+Fri Sep 23 20:36:39 UTC 2016 - astie...@suse.com
+
+- Mozilla Firefox 49.0.1:
+  * Mitigate a startup crash issue caused by Websense - bmo#1304783
+
+---
+Tue Sep 20 07:09:52 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 49.0 (boo#999701)
+  new features
+  * Updated Firefox Login Manager to allow HTTPS pages to use saved
+HTTP logins.
+  * Added features to Reader Mode that make it easier on the eyes and
+the ears
+  * Improved video performance for users on systems that support
+SSE3 without hardware acceleration
+  * Added context menu controls to HTML5 audio and video that let users
+loops files or play files at 1.25x speed
+  * Improvements in about:memory reports for tracking font memory usage
+  security related
+  * MFSA 2016-85
+CVE-2016-2827 (bmo#1289085) - Out-of-bounds read in
+mozilla::net::IsValidReferrerPolicy
+CVE-2016-5270 (bmo#1291016) - Heap-buffer-overflow in
+nsCaseTransformTextRunFactory::TransformString
+CVE-2016-5271 (bmo#1288946) - Out-of-bounds read in
+PropertyProvider::GetSpacingInternal
+CVE-2016-5272 (bmo#1297934) - Bad cast in nsImageGeometryMixin
+CVE-2016-5273 (bmo#1280387) - crash in
+mozilla::a11y::HyperTextAccessible::GetChildOffset
+CVE-2016-5276 (bmo#1287721) - Heap-use-after-free in
+mozilla::a11y::DocAccessible::ProcessInvalidationList
+CVE-2016-5274 (bmo#1282076) - use-after-free in
+nsFrameManager::CaptureFrameState
+CVE-2016-5277 (bmo#1291665) - Heap-use-after-free in nsRefreshDriver::Tick
+CVE-2016-5275 (bmo#1287316) - global-buffer-overflow in
+mozilla::gfx::FilterSupport::ComputeSourceNeededRegions
+CVE-2016-5278 (bmo#1294677) - Heap-buffer-overflow in
+nsBMPEncoder::AddImageFrame
+CVE-2016-5279 (bmo#1249522) - Full local path of files is available
+to web pages after drag and drop
+CVE-2016-5280 (bmo#1289970) - Use-after-free in
+mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
+CVE-2016-5281 (bmo#1284690) - use-after-free in DOMSVGLength
+CVE-2016-5282 (bmo#932335) - Don't allow content to request favicons
+from non-whitelisted schemes
+CVE-2016-5283 (bmo#928187) -  fragment timing attack can
+reveal cross-origin data
+CVE-2016-5284 (bmo#1303127) - Add-on update site certificate pin expiration
+CVE-2016-5256 - Memory safety bugs fixed in Firefox 49
+CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
+- removed obsolete patches:
+  * mozilla-aarch64-48bit-va.patch
+  * mozilla-exclude-nametablecpp.patch
+  * mozilla-old_configure-bmo1282843.patch
+- added patch mozilla-skia-overflow.patch (bmo#1304114)
+- requires NSS 3.25
+
+---

Old:

  firefox-48.0.2-source.tar.xz
  l10n-48.0.2.tar.xz
  mozilla-aarch64-48bit-va.patch
  mozilla-exclude-nametablecpp.patch
  mozilla-old_configure-bmo1282843.patch

New:

  firefox-49.0.1-source.tar.xz
  l10n-49.0.1.tar.xz
  mozilla-skia-overflow.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Z1BsV2/_old  2016-09-25 14:30:23.0 +0200
+++ /var/tmp/diff_new_pack.Z1BsV2/_new  2016-09-25 14:30:23.0 +0200
@@ -18,10 +18,10 @@
 
 
 # changed with every update
-%define major 48
-%define mainver %major.0.2
+%define major 49
+%define mainver %major.0.1
 %define update_channel release
-%define releasedate 2016082400
+%define releasedate 2016092300
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -75,7 +75,7 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.12
-BuildRequires:  mozilla-nss-devel >= 3.24
+BuildRequires:  mozilla-nss-devel >= 3.25
 BuildRequires:  nss-shared-helper-devel
 BuildRequires:  python-devel
 BuildRequires:  startup-notification-devel
@@ -146,10 +146,8 @@
 Patch11:mozilla-reduce-files-per-UnifiedBindings.patch
 Patch12:mozilla-gtk3_20.patch
 Patch13:mozilla-check_return.patch
-Patch15:mozilla-exclude-nametablecpp.patch
-Patch16:mozilla-aarch64-48bit-va.patch
+Patch14:

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-09-01 14:02:06

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-08-24 10:07:13.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-09-01 14:02:07.0 +0200
@@ -1,0 +2,6 @@
+Tue Aug 30 20:25:38 UTC 2016 - astie...@suse.com
+
+- Mozilla Firefox 48.0.2:
+  * Mitigate a startup crash issue caused on Windows (bmo#1291738)
+
+---

Old:

  firefox-48.0.1-source.tar.xz
  l10n-48.0.1.tar.xz

New:

  firefox-48.0.2-source.tar.xz
  l10n-48.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.GKUUir/_old  2016-09-01 14:02:21.0 +0200
+++ /var/tmp/diff_new_pack.GKUUir/_new  2016-09-01 14:02:21.0 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 48
-%define mainver %major.0.1
+%define mainver %major.0.2
 %define update_channel release
-%define releasedate 2016081800
+%define releasedate 2016082400
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.GKUUir/_old  2016-09-01 14:02:21.0 +0200
+++ /var/tmp/diff_new_pack.GKUUir/_new  2016-09-01 14:02:21.0 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="f36f7ace6f48"
-VERSION="48.0.1"
+RELEASE_TAG="FIREFOX_48_0_2_RELEASE"
+VERSION="48.0.2"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-48.0.1-source.tar.xz -> firefox-48.0.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-48.0.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-48.0.2-source.tar.xz 
differ: char 26, line 1



++ l10n-48.0.1.tar.xz -> l10n-48.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-48.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-48.0.2.tar.xz differ: char 
27, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.GKUUir/_old  2016-09-01 14:02:21.0 +0200
+++ /var/tmp/diff_new_pack.GKUUir/_new  2016-09-01 14:02:21.0 +0200
@@ -1,2 +1,2 @@
-REV=f36f7ace6f48
+REV=d4af06710040
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-08-24 10:07:12

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-08-12 15:35:03.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-08-24 10:07:13.0 +0200
@@ -1,0 +2,21 @@
+Sat Aug 20 10:58:26 UTC 2016 - astie...@suse.com
+
+- Mozilla Firefox 48.0.1:
+  * Fix an audio regression impacting some major websites
+(bmo#1295296)
+  * Fix a top crash in the JavaScript engine (bmo#1290469)
+  * Fix a startup crash issue caused by Websense (bmo#1291738)
+  * Fix a different behavior with e10s / non-e10s on  and
+mouse events (bmo#1291078)
+  * Fix a top crash caused by plugin issues (bmo#1264530)
+  * Fix a shutdown issue (bmo#1276920)
+  * Fix a crash in WebRTC
+
+---
+Mon Aug 15 11:24:00 UTC 2016 - w...@rosenauer.org
+
+- added upstream patch so system plugins/extensions are correctly
+  loaded again on x86-64 (bmo#1282843)
+  (mozilla-old_configure-bmo1282843.patch)
+
+---

Old:

  firefox-48.0-source.tar.xz
  l10n-48.0.tar.xz

New:

  firefox-48.0.1-source.tar.xz
  l10n-48.0.1.tar.xz
  mozilla-old_configure-bmo1282843.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.8c3E1e/_old  2016-08-24 10:07:28.0 +0200
+++ /var/tmp/diff_new_pack.8c3E1e/_new  2016-08-24 10:07:28.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package MozillaFirefox
 #
-# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #   2006-2016 Wolfgang Rosenauer
 #
 # All modifications and additions to the file contributed by third parties
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 48
-%define mainver %major.0
+%define mainver %major.0.1
 %define update_channel release
-%define releasedate 2016073000
+%define releasedate 2016081800
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -149,6 +149,7 @@
 Patch15:mozilla-exclude-nametablecpp.patch
 Patch16:mozilla-aarch64-48bit-va.patch
 Patch17:mozilla-binutils-visibility.patch
+Patch18:mozilla-old_configure-bmo1282843.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -267,6 +268,7 @@
 %patch15 -p1
 %patch16 -p1
 %patch17 -p1
+%patch18 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1
@@ -324,6 +326,8 @@
 mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj
 . \$topsrcdir/browser/config/mozconfig
 ac_add_options --prefix=%{_prefix}
+ac_add_options --libdir=%{_libdir}
+ac_add_options --includedir=%{_includedir}
 ac_add_options --enable-release
 %if 0%{?firefox_use_gtk3}
 ac_add_options --enable-default-toolkit=cairo-gtk3


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.8c3E1e/_old  2016-08-24 10:07:28.0 +0200
+++ /var/tmp/diff_new_pack.8c3E1e/_new  2016-08-24 10:07:28.0 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="c1de04f39fa956cfce83f6065b0e709369215ed5"
-VERSION="48.0"
+RELEASE_TAG="f36f7ace6f48"
+VERSION="48.0.1"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-48.0-source.tar.xz -> firefox-48.0.1-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-48.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-48.0.1-source.tar.xz 
differ: char 26, line 1



++ l10n-48.0.tar.xz -> l10n-48.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-48.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-48.0.1.tar.xz differ: char 
25, line 1

++ mozilla-old_configure-bmo1282843.patch ++
# HG changeset patch
# User Wolfgang Rosenauer 
# Parent  2a0e5188c796cb2addedd185aba6176405786854
Bug 1282843 - configure.py doesn't parse global autoconf options like --libdir
without assuming libdir during build we do not find plugins/extensions in the 
correct system directory

diff --git a/build/moz.configure/old.configure 
b/build/moz.configure/old.configure
--- a/build/moz.configure/old.configure
+++ b/build/moz.configure/old.configure
@@ -149,16 +149,19 @@ def old_configure_options(*options):
 def all_options(help):
 return list(options)
 
 return depends(prepare_configure, extra_old_configure_args, 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-08-12 15:35:01

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-07-27 16:08:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-08-12 15:35:03.0 +0200
@@ -1,0 +2,81 @@
+Fri Aug  5 13:47:12 UTC 2016 - pce...@suse.com
+
+- Fix for possible buffer overrun (bsc#990856)
+  CVE-2016-6354 (bmo#1292534)
+  [mozilla-flex_buffer_overrun.patch]
+
+---
+Wed Aug  3 03:38:47 UTC 2016 - badshah...@gmail.com
+
+- Update mozilla-gtk3_20.patch to latest version from Fedora.
+
+---
+Mon Aug  1 12:37:05 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 48.0 (boo#991809)
+  * requires NSS 3.24
+  * Process separation (e10s) is enabled for some of you
+  * Add-ons that have not been verified and signed by Mozilla will not load
+  * WebRTC embetterments
+  * The media parser has been redeveloped using the Rust programming
+language
+  * better Canvas performance with speedy Skia support
+  security fixes:
+  * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836
+Miscellaneous memory safety hazards
+  * MFSA 2016-63/CVE-2016-2830 (bmo#1255270)
+Favicon network connection can persist when page is closed
+  * MFSA 2016-64/CVE-2016-2838 (bmo#1279814)
+Buffer overflow rendering SVG with bidirectional content
+  * MFSA 2016-65/CVE-2016-2839 (bmo#1275339)
+Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
+  * MFSA 2016-66/CVE-2016-5251 (bmo#1255570)
+Location bar spoofing via data URLs with malformed/invalid mediatypes
+  * MFSA 2016-67/CVE-2016-5252 (bmo#1268854)
+Stack underflow during 2D graphics rendering
+  * MFSA 2016-68/CVE-2016-0718 (bmo#1236923)
+Out-of-bounds read during XML parsing in Expat library
+  * MFSA 2016-69/CVE-2016-5253 (bmo#1246944)
+Arbitrary file manipulation by local user through Mozilla updater
+and callback application path parameter (Windows-only)
+  * MFSA 2016-70/CVE-2016-5254 (bmo#1266963)
+Use-after-free when using alt key and toplevel menus
+  * MFSA 2016-71/CVE-2016-5255 (bmo#1212356)
+Crash in incremental garbage collection in JavaScript
+  * MFSA 2016-72/CVE-2016-5258 (bmo#1279146)
+Use-after-free in DTLS during WebRTC session shutdown
+  * MFSA 2016-73/CVE-2016-5259 (bmo#1282992)
+Use-after-free in service workers with nested sync events
+  * MFSA 2016-74/CVE-2016-5260 (bmo#1280294)
+Form input type change from password to text can store plain
+text password in session restore file
+  * MFSA 2016-75/CVE-2016-5261 (bmo#1287266)
+Integer overflow in WebSockets during data buffering
+  * MFSA 2016-76/CVE-2016-5262 (bmo#1277475)
+Scripts on marquee tag can execute in sandboxed iframes
+  * MFSA 2016-77/CVE-2016-2837 (bmo#1274637)
+Buffer overflow in ClearKey Content Decryption Module (CDM)
+during video playback
+  * MFSA 2016-78/CVE-2016-5263 (bmo#1276897)
+Type confusion in display transformation
+  * MFSA 2016-79/CVE-2016-5264 (bmo#1286183)
+Use-after-free when applying SVG effects
+  * MFSA 2016-80/CVE-2016-5265 (bmo#1278013)
+Same-origin policy violation using local HTML file and saved shortcut file
+  * MFSA 2016-81/CVE-2016-5266 (bmo#1226977)
+Information disclosure and local file manipulation through drag and drop
+  * MFSA 2016-82/CVE-2016-5267 (bmo#1284372)
+Addressbar spoofing with right-to-left characters on Firefox for Android
+(Android only)
+  * MFSA 2016-83/CVE-2016-5268 (bmo#1253673)
+Spoofing attack through text injection into internal error pages
+  * MFSA 2016-84/CVE-2016-5250 (bmo#1254688)
+Information disclosure through Resource Timing API during page navigation
+- removed obsolete mozilla-gcc6.patch
+
+---
+Fri Jul 29 01:26:13 UTC 2016 - badshah...@gmail.com
+
+- Update description and screenshots in appdata.xml file.
+
+---

Old:

  firefox-47.0.1-source.tar.xz
  l10n-47.0.1.tar.xz
  mozilla-gcc6.patch

New:

  firefox-48.0-source.tar.xz
  l10n-48.0.tar.xz
  mozilla-flex_buffer_overrun.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.A3qkPk/_old  2016-08-12 15:35:17.0 +0200
+++ /var/tmp/diff_new_pack.A3qkPk/_new  2016-08-12 15:35:17.0 +0200

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-07-27 16:08:32

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-07-01 09:54:06.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-07-27 16:08:48.0 +0200
@@ -1,0 +2,12 @@
+Sat Jul 23 20:13:08 UTC 2016 - antoine.belv...@laposte.net
+
+- Fix Firefox crash on startup on i586 (boo#986541):
+  * Add -fno-delete-null-pointer-checks and
+-fno-inline-small-functions to CFLAGS
+
+---
+Tue Jul 19 20:12:11 UTC 2016 - mailaen...@opensuse.org
+
+- Update the appdata.xml file (replace Windows XP screenshot)
+
+---



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.dyrh6y/_old  2016-07-27 16:08:53.0 +0200
+++ /var/tmp/diff_new_pack.dyrh6y/_new  2016-07-27 16:08:53.0 +0200
@@ -294,6 +294,10 @@
 export MOZ_TELEMETRY_REPORTING=1
 export MOZ_GOOGLE_API_KEY=%{_google_api_key}
 export CFLAGS="%{optflags} -fno-strict-aliasing"
+# boo#986541: add -fno-delete-null-pointer-checks and 
-fno-inline-small-functions for gcc6
+%if 0%{?suse_version} > 1320
+export CFLAGS="$CFLAGS -fno-delete-null-pointer-checks 
-fno-inline-small-functions"
+%endif
 %ifarch %arm
 export CFLAGS="${CFLAGS/-g / }"
 %endif


++ firefox-appdata.xml ++
--- /var/tmp/diff_new_pack.dyrh6y/_old  2016-07-27 16:08:53.0 +0200
+++ /var/tmp/diff_new_pack.dyrh6y/_new  2016-07-27 16:08:53.0 +0200
@@ -1,9 +1,7 @@
 
-
-
-
 
 
@@ -11,21 +9,14 @@
   CC0-1.0
   
 
-  Bringing together all kinds of awesomeness to make browsing better for 
you.
-  Get to your favorite sites quickly – even if you don’t remember the URLs.
-  Type your term into the location bar (aka the Awesome Bar) and the 
autocomplete
-  function will include possible matches from your browsing history, 
bookmarked
-  sites and open tabs.
+ Mozilla Firefox is a standalone web browser, designed for standards
+ compliance and performance. Its functionality can be enhanced via a
+ plethora of addons.
 
-
   
-  http://www.mozilla.org/en-US/
+  https://www.mozilla.org/firefox/
   
-  
-https://wiki.mozilla.org/images/e/e1/Bon_Echo_Beta_2_Screen_Shot_1.PNG
+https://addons.cdn.mozilla.net/user-media/previews/full/159/159648.png
   
-  
 
 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-07-01 09:54:05

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-06-12 18:51:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-07-01 09:54:06.0 +0200
@@ -1,0 +2,29 @@
+Wed Jun 29 09:25:41 UTC 2016 - astie...@suse.com
+
+- Mozilla Firefox 47.0.1:
+  * Selenium WebDriver may cause Firefox to crash at startup
+(bmo#1280854)
+
+---
+Wed Jun 15 07:52:18 UTC 2016 - w...@rosenauer.org
+
+- mozilla-binutils-visibility.patch to fix build issues with
+  gcc/binutils combination used in Leap 42.2 (boo#984637)
+
+---
+Tue Jun 14 08:35:03 UTC 2016 - badshah...@gmail.com
+
+- Update mozilla-gtk3_20.patch to latest version from Fedora.
+
+---
+Mon Jun 13 20:28:01 UTC 2016 - ag...@suse.com
+
+- Fix running on 48bit va aarch64 (bsc#984126)
+  * add patch mozilla-aarch64-48bit-va.patch
+
+---
+Mon Jun 13 15:27:13 UTC 2016 - w...@rosenauer.org
+
+- fix XUL dialog button order under KDE session (boo#984403)
+
+---

Old:

  firefox-47.0-source.tar.xz
  l10n-47.0.tar.xz

New:

  firefox-47.0.1-source.tar.xz
  l10n-47.0.1.tar.xz
  mozilla-aarch64-48bit-va.patch
  mozilla-binutils-visibility.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.ATpX8o/_old  2016-07-01 09:54:19.0 +0200
+++ /var/tmp/diff_new_pack.ATpX8o/_new  2016-07-01 09:54:19.0 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 47
-%define mainver %major.0
+%define mainver %major.0.1
 %define update_channel release
-%define releasedate 2016060600
+%define releasedate 2016062800
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -148,6 +148,8 @@
 Patch13:mozilla-check_return.patch
 Patch14:mozilla-gcc6.patch
 Patch15:mozilla-exclude-nametablecpp.patch
+Patch16:mozilla-aarch64-48bit-va.patch
+Patch17:mozilla-binutils-visibility.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -262,6 +264,8 @@
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
+%patch16 -p1
+%patch17 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.ATpX8o/_old  2016-07-01 09:54:20.0 +0200
+++ /var/tmp/diff_new_pack.ATpX8o/_new  2016-07-01 09:54:20.0 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_47_0_RELEASE"
-VERSION="47.0"
+RELEASE_TAG="FIREFOX_47_0_1_RELEASE"
+VERSION="47.0.1"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-47.0-source.tar.xz -> firefox-47.0.1-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-47.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-47.0.1-source.tar.xz 
differ: char 26, line 1



++ l10n-47.0.tar.xz -> l10n-47.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-47.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-47.0.1.tar.xz differ: char 
25, line 1

++ mozilla-aarch64-48bit-va.patch ++

# HG changeset patch
# User Zheng Xu 
# Date 1464657720 -7200
# Node ID dfaafbaaa2919a033c4c0abdd5830f4ea413bed6
# Parent  499f16ca85ec48d1896a1633730715f32bd62140
Bug 1143022 - Manually mmap on arm64 to ensure high 17 bits are clear. 
r=ehoogeveen

There might be 48-bit VA on arm64 depending on kernel configuration.
Manually mmap heap memory to align with the assumption made by JS engine.

diff --git a/js/src/gc/Memory.cpp b/js/src/gc/Memory.cpp
--- a/js/src/gc/Memory.cpp
+++ b/js/src/gc/Memory.cpp
@@ -430,17 +430,17 @@ InitMemorySubsystem()
 if (pageSize == 0)
 pageSize = allocGranularity = size_t(sysconf(_SC_PAGESIZE));
 }
 
 static inline void*
 MapMemoryAt(void* desired, size_t length, int prot = PROT_READ | PROT_WRITE,
 int flags = MAP_PRIVATE | MAP_ANON, int fd = -1, off_t offset = 0)
 {
-#if defined(__ia64__) || (defined(__sparc64__) && defined(__NetBSD__))
+#if defined(__ia64__) || (defined(__sparc64__) && defined(__NetBSD__)) || 
defined(__aarch64__)
 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-06-12 18:51:47

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-05-31 12:11:28.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-06-12 18:51:48.0 +0200
@@ -1,0 +2,54 @@
+Tue Jun  7 19:47:25 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 47.0 (boo#983549)
+  * Enable VP9 video codec for users with fast machines
+  * Embedded YouTube videos now play with HTML5 video if Flash is
+not installed
+  * View and search open tabs from your smartphone or another
+computer in a sidebar
+  * Allow no-cache on back/forward navigations for https resources
+  security fixes:
+  * MFSA 2016-49/CVE-2016-2815/CVE-2016-2818
+(boo#983638)
+(bmo#1241896, bmo#1242798, bmo#1243466, bmo#1245743,
+ bmo#1264300, bmo#1271037, bmo#1234147, bmo#1256493,
+ bmo#1256739, bmo#1256968, bmo#1261230, bmo#1261752,
+ bmo#1263384, bmo#1264575, bmo#1265577, bmo#1267130,
+ bmo#1269729, bmo#1273202, bmo#1273701)
+Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
+  * MFSA 2016-50/CVE-2016-2819 (boo#983655) (bmo#1270381)
+Buffer overflow parsing HTML5 fragments
+  * MFSA 2016-51/CVE-2016-2821 (bsc#983653) (bmo#1271460)
+Use-after-free deleting tables from a contenteditable document
+  * MFSA 2016-52/CVE-2016-2822 (boo#983652) (bmo#1273129)
+Addressbar spoofing though the SELECT element
+  * MFSA 2016-53/CVE-2016-2824 (boo#983651) (bmo#1248580)
+Out-of-bounds write with WebGL shader
+  * MFSA 2016-54/CVE-2016-2825 (boo#983649) (bmo#1193093)
+Partial same-origin-policy through setting location.host
+through data URI
+  * MFSA 2016-56/CVE-2016-2828 (boo#983646) (bmo#1223810)
+Use-after-free when textures are used in WebGL operations
+after recycle pool destruction
+  * MFSA 2016-57/CVE-2016-2829 (boo#983644) (bmo#1248329)
+Incorrect icon displayed on permissions notifications
+  * MFSA 2016-58/CVE-2016-2831 (boo#983643) (bmo#1261933)
+Entering fullscreen and persistent pointerlock without user
+permission
+  * MFSA 2016-59/CVE-2016-2832 (boo#983632) (bmo#1025267)
+Information disclosure of disabled plugins through CSS
+pseudo-classes
+  * MFSA 2016-60/CVE-2016-2833 (boo#983640) (bmo#908933)
+Java applets bypass CSP protections
+  * MFSA 2016-62/CVE-2016-2834 (boo#983639) (bmo#1206283,
+bmo#1221620, bmo#1241034, bmo#1241037)
+Network Security Services (NSS) vulnerabilities
+fixed by requiring NSS 3.23
+  packaging changes:
+  * cleanup configure options (boo#981695):
+- notably remove GStreamer support which is gone from FF
+  * remove obsolete patches
+- mozilla-libproxy.patch
+- mozilla-repo.patch
+
+---

Old:

  firefox-46.0.1-source.tar.xz
  l10n-46.0.1.tar.xz
  mozilla-libproxy.patch
  mozilla-repo.patch

New:

  firefox-47.0-source.tar.xz
  l10n-47.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.2pUgkf/_old  2016-06-12 18:52:03.0 +0200
+++ /var/tmp/diff_new_pack.2pUgkf/_new  2016-06-12 18:52:03.0 +0200
@@ -18,10 +18,10 @@
 
 
 # changed with every update
-%define major 46
-%define mainver %major.0.1
+%define major 47
+%define mainver %major.0
 %define update_channel release
-%define releasedate 2016050300
+%define releasedate 2016060600
 
 # PIE, full relro (x86_64 for now)
 %define build_hardened 1
@@ -44,12 +44,6 @@
 %define __find_requires sh %{SOURCE4}
 %global provfind sh -c "grep -v '.so' | %__find_provides"
 %global __find_provides %provfind
-%if 0%{?suse_version} > 1310
-%define gstreamer_ver 1.0
-%define gstreamer 1
-%else
-%define gstreamer_ver 0.10
-%endif
 # Set up Google API keys, see 
http://www.chromium.org/developers/how-tos/api-keys
 # Note: these are for the openSUSE Firefox builds ONLY. For your own 
distribution,
 # please get your own set of keys.
@@ -81,7 +75,7 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.12
-BuildRequires:  mozilla-nss-devel >= 3.22.3
+BuildRequires:  mozilla-nss-devel >= 3.23
 BuildRequires:  nss-shared-helper-devel
 BuildRequires:  python-devel
 BuildRequires:  startup-notification-devel
@@ -90,9 +84,6 @@
 BuildRequires:  xorg-x11-libXt-devel
 BuildRequires:  yasm
 BuildRequires:  zip
-BuildRequires:  pkgconfig(gstreamer-%gstreamer_ver)
-BuildRequires:  

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-05-31 12:11:27

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-05-23 17:30:31.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-05-31 12:11:28.0 +0200
@@ -1,0 +2,19 @@
+Wed May 25 16:36:23 UTC 2016 - badshah...@gmail.com
+
+- The conditional testing for gcc was failing for different
+  openSUSE versions, drop it and apply patches unconditionally.
+
+---
+Mon May 23 15:30:27 UTC 2016 - badshah...@gmail.com
+
+- Add patches to fix building with gcc6:
+  + mozilla-gcc6.patch: fix building with gcc >= 6.1; patch
+taken from upstream:
+https://hg.mozilla.org/mozilla-central/rev/55212130f19d.
+  + mozilla-exclude-nametablecpp.patch: Exclude NameTable.cpp
+from unified compilation because #include  in other
+source files causes gcc6 compilation failure; patch taken from
+upstream:
+https://hg.mozilla.org/mozilla-central/rev/9c57b7cacffc.
+
+---

New:

  mozilla-exclude-nametablecpp.patch
  mozilla-gcc6.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.DbiNCd/_old  2016-05-31 12:11:33.0 +0200
+++ /var/tmp/diff_new_pack.DbiNCd/_new  2016-05-31 12:11:33.0 +0200
@@ -172,6 +172,8 @@
 Patch12:mozilla-reduce-files-per-UnifiedBindings.patch
 Patch13:mozilla-gtk3_20.patch
 Patch14:mozilla-check_return.patch
+Patch15:mozilla-gcc6.patch
+Patch16:mozilla-exclude-nametablecpp.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -286,6 +288,8 @@
 %patch13 -p1
 %endif
 %patch14 -p1
+%patch15 -p1
+%patch16 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1




++ mozilla-exclude-nametablecpp.patch ++

# HG changeset patch
# User Jonathan Kew 
# Date 1463581374 -3600
# Node ID 9c57b7cacffc57ec3919a2cf3b5ce861e0cf3842
# Parent  ea7843420fe518b772c7b259d8ff47193fc5b79e
Bug 1272647 - Exclude NameTable.cpp from unified compilation because #include 
 in other source files causes gcc6 compilation failure. r=bas

diff --git a/gfx/graphite2/src/moz.build b/gfx/graphite2/src/moz.build
--- a/gfx/graphite2/src/moz.build
+++ b/gfx/graphite2/src/moz.build
@@ -40,30 +40,35 @@ UNIFIED_SOURCES += [
 'gr_features.cpp',
 'gr_font.cpp',
 'gr_logging.cpp',
 'gr_segment.cpp',
 'gr_slot.cpp',
 'Intervals.cpp',
 'json.cpp',
 'Justifier.cpp',
-'NameTable.cpp',
 'Pass.cpp',
 'Position.cpp',
 'SegCache.cpp',
 'SegCacheEntry.cpp',
 'SegCacheStore.cpp',
 'Segment.cpp',
 'Silf.cpp',
 'Slot.cpp',
 'Sparse.cpp',
 'TtfUtil.cpp',
 'UtfCodec.cpp',
 ]
 
+# Excluded from UNIFIED_SOURCES because  from other files breaks it,
+# see bug 1272647.
+SOURCES += [
+'NameTable.cpp',
+]
+
 # tell graphite2 not to export symbols, we'll be linking it directly with
 # thebes
 DEFINES['GRAPHITE2_STATIC'] = True
 
 # We allow warnings for third-party code that can be updated from upstream.
 ALLOW_COMPILER_WARNINGS = True
 
 FINAL_LIBRARY = 'gkmedias'


++ mozilla-gcc6.patch ++

# HG changeset patch
# User Mike Hommey 
# Date 1457596445 -32400
# Node ID 55212130f19da3079167a6b0a5a0ed6689c9a71d
# Parent  27c94617d7064d566c24a42e11cd4c7ef725923d
Bug 1245076 - Don't include mozalloc.h from the cstdlib wrapper. r=froydnj

Our STL wrappers do various different things, one of which is including
mozalloc.h for infallible operator new. mozalloc.h includes stdlib.h,
which, in libstdc++ >= 6 is now itself a wrapper around cstdlib, which
circles back to our STL wrapper.

But of the things our STL wrappers do, including mozalloc.h is not one
that is necessary for cstdlib. So skip including mozalloc.h in our
cstdlib wrapper.

Additionally, some C++ sources (in media/mtransport) are including
headers in an extern "C" block, which end up including stdlib.h, which
ends up including cstdlib because really, this is all C++, and our
wrapper pre-includes  for mozalloc.h, which fails because templates
don't work inside extern "C". So, don't pre-include  when we're not
including mozalloc.h.


diff --git a/config/gcc-stl-wrapper.template.h 
b/config/gcc-stl-wrapper.template.h
--- a/config/gcc-stl-wrapper.template.h
+++ b/config/gcc-stl-wrapper.template.h
@@ 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-05-23 17:30:30

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-05-20 11:54:31.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-05-23 17:30:31.0 +0200
@@ -1,0 +2,5 @@
+Fri May 13 00:00:00 CEST 2016 - dste...@suse.cz
+
+- enable build with PIE and full relro on x86_64 (boo#980384)
+
+---



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.DmjCat/_old  2016-05-23 17:30:36.0 +0200
+++ /var/tmp/diff_new_pack.DmjCat/_new  2016-05-23 17:30:36.0 +0200
@@ -23,6 +23,9 @@
 %define update_channel release
 %define releasedate 2016050300
 
+# PIE, full relro (x86_64 for now)
+%define build_hardened 1
+
 # general build definitions
 %if "%{update_channel}" != "aurora"
 %define progname firefox
@@ -318,6 +321,13 @@
 # Limit RAM usage during link
 export LDFLAGS="${LDFLAGS} -Wl,--no-keep-memory -Wl,--reduce-memory-overheads"
 %endif
+
+%if 0%{?build_hardened}
+%ifarch x86_64
+export LDFLAGS="${LDFLAGS} -Wl,-z,relro,-z,now"
+%endif
+%endif
+
 %ifarch ppc64 ppc64le
 export CFLAGS="$CFLAGS -mminimal-toc"
 %endif
@@ -340,6 +350,9 @@
 %else
 ac_add_options --enable-default-toolkit=cairo-gtk2
 %endif
+%if 0%{?build_hardened}
+ac_add_options --enable-pie
+%endif
 %ifarch %ix86 %arm
 %if 0%{?suse_version} > 1230
 ac_add_options --disable-optimize

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-05-20 11:54:30

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-05-05 13:19:27.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-05-20 11:54:31.0 +0200
@@ -1,0 +2,12 @@
+Wed May  4 10:27:43 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 46.0.1
+  Fixed:
+  * Search plugin issue for various locales
+  * Add-on signing certificate expiration
+  * Service worker update issue
+  * Build issue when jit is disabled
+  * Limit Sync registration updates
+- removed now obsolete mozilla-jit_branch64.patch
+
+---

Old:

  firefox-46.0-source.tar.xz
  l10n-46.0.tar.xz
  mozilla-jit_branch64.patch

New:

  firefox-46.0.1-source.tar.xz
  l10n-46.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.H5A2h6/_old  2016-05-20 11:54:45.0 +0200
+++ /var/tmp/diff_new_pack.H5A2h6/_new  2016-05-20 11:54:45.0 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 46
-%define mainver %major.0
+%define mainver %major.0.1
 %define update_channel release
-%define releasedate 2016042500
+%define releasedate 2016050300
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -169,7 +169,6 @@
 Patch12:mozilla-reduce-files-per-UnifiedBindings.patch
 Patch13:mozilla-gtk3_20.patch
 Patch14:mozilla-check_return.patch
-Patch15:mozilla-jit_branch64.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -284,7 +283,6 @@
 %patch13 -p1
 %endif
 %patch14 -p1
-%patch15 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.H5A2h6/_old  2016-05-20 11:54:45.0 +0200
+++ /var/tmp/diff_new_pack.H5A2h6/_new  2016-05-20 11:54:45.0 +0200
@@ -7,8 +7,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="078baf501b55eaa47f3b189fda4dd28dae1fa257"
-VERSION="46.0"
+RELEASE_TAG="FIREFOX_46_0_1_RELEASE"
+VERSION="46.0.1"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-46.0-source.tar.xz -> firefox-46.0.1-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-46.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-46.0.1-source.tar.xz 
differ: char 26, line 1



++ l10n-46.0.tar.xz -> l10n-46.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-46.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-46.0.1.tar.xz differ: char 
26, line 1

++ l10n_changesets.txt ++
--- /var/tmp/diff_new_pack.H5A2h6/_old  2016-05-20 11:54:45.0 +0200
+++ /var/tmp/diff_new_pack.H5A2h6/_new  2016-05-20 11:54:45.0 +0200
@@ -46,8 +46,8 @@
 id cb8f841d30d2
 is 46c99105eb3b
 it 6063a6d94e13
-ja 590a31fbf396
-ja-JP-mac 260664b702c5
+ja 5ff86cadfe9a
+ja-JP-mac ab760b3dcdd1
 kk 5a7bd05bf942
 km 339790840ac1
 kn b23d8fbcf41a

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.H5A2h6/_old  2016-05-20 11:54:45.0 +0200
+++ /var/tmp/diff_new_pack.H5A2h6/_new  2016-05-20 11:54:45.0 +0200
@@ -1,2 +1,2 @@
-REV=078baf501b55
+REV=0b8492c110be
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-05-05 13:19:25

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-04-17 22:17:04.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-05-05 13:19:27.0 +0200
@@ -1,0 +2,70 @@
+Tue May  3 15:47:18 UTC 2016 - norm...@linux.vnet.ibm.com
+
+- add mozilla-jit_branch64.patch to avoid PowerPC build failure
+  (from bmo#1266366)
+
+---
+Wed Apr 27 08:39:28 UTC 2016 - badshah...@gmail.com
+
+- Update mozilla-gtk3_20.patch for Firefox 46.0 (sync to latest
+  version from Fedora).
+
+---
+Wed Apr 27 06:09:30 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 46.0 (boo#977333)
+  * Improved security of the JavaScript Just In Time (JIT) Compiler
+  * WebRTC fixes to improve performance and stability
+  * Added support for document.elementsFromPoint
+  * Added HKDF support for Web Crypto API
+  * requires NSPR 4.12 and NSS 3.22.3
+  * added patch to fix unchecked return value
+mozilla-check_return.patch
+  * Gtk3 builds not supported at the moment
+  security fixes:
+  * MFSA 2016-39/CVE-2016-2804/CVE-2016-2806/CVE-2016-2807
+(boo#977373, boo#977375, boo#977376)
+Miscellaneous memory safety hazards
+  * MFSA 2016-40/CVE-2016-2809 (bmo#1212939, boo#977377)
+Privilege escalation through file deletion by Maintenance Service updater
+(Windows only)
+  * MFSA 2016-41/CVE-2016-2810 (bmo#1229681, boo#977378)
+Content provider permission bypass allows malicious application
+to access data (Android only)
+  * MFSA 2016-42/CVE-2016-2811/CVE-2016-2812
+(bmo#1252330, bmo#1261776, boo#977379)
+Use-after-free and buffer overflow in Service Workers
+  * MFSA 2016-43/CVE-2016-2813 (bmo#1197901, bmo#2714650, boo#977380)
+Disclosure of user actions through JavaScript with motion and
+orientation sensors (only affects mobile variants)
+  * MFSA 2016-44/CVE-2016-2814 (bmo#1254721, boo#977381)
+Buffer overflow in libstagefright with CENC offsets
+  * MFSA 2016-45/CVE-2016-2816 (bmo#1223743, boo#977382)
+CSP not applied to pages sent with multipart/x-mixed-replace
+  * MFSA 2016-46/CVE-2016-2817 (bmo#1227462, boo#977384)
+Elevation of privilege with chrome.tabs.update API in web extensions
+  * MFSA 2016-47/CVE-2016-2808 (bmo#1246061, boo#977386)
+Write to invalid HashMap entry through JavaScript.watch()
+  * MFSA 2016-48/CVE-2016-2820 (bmo#870870, boo#977388)
+Firefox Health Reports could accept events from untrusted domains
+
+---
+Thu Apr 21 12:00:28 UTC 2016 - badshah...@gmail.com
+
+- Update mozilla-gtk3_20.patch to fix scrollbar appearance under
+  gtk >= 3.20 (patch synced to Fedora's version).
+
+---
+Tue Apr 12 19:11:30 UTC 2016 - badshah...@gmail.com
+
+- Compile against gtk3 depending on whether the macro
+  %firefox_use_gtk3 is defined or not (e.g., at the prjconf
+  level); macro is undefined by default and so gtk2 is used as the
+  default toolkit.
+- Add BuildRequires for additional packages needed when building
+  against gtk3: pkgconfig(glib-2.0), pkgconfig(gobject-2.0),
+  pkgconfig(gtk+-3.0) >= 3.4.0, pkgconfig(gtk+-unix-print-3.0).
+- Add firefox-gtk3_20.patch to fix appearance with gtk3 >= 3.20;
+  patch taken from Fedora (bmo#1230955).
+
+---
@@ -122,0 +193,10 @@
+
+---
+Sat Jan 30 08:28:17 UTC 2016 - dmuel...@suse.com
+
+- build fixes for arm/aarch64:
+  * disable webrtc for arm/aarch64
+  * switch away from openGL-ES backend to default for arm/aarch64
+   since it almost never builds
+  * reenable neon
+- reenable webrtc for powerpc as it seems to build

Old:

  firefox-45.0.2-source.tar.xz
  l10n-45.0.2.tar.xz

New:

  firefox-46.0-source.tar.xz
  l10n-46.0.tar.xz
  l10n_changesets.txt
  mozilla-check_return.patch
  mozilla-gtk3_20.patch
  mozilla-jit_branch64.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.TEAgVw/_old  2016-05-05 13:19:40.0 +0200
+++ /var/tmp/diff_new_pack.TEAgVw/_new  2016-05-05 13:19:40.0 +0200
@@ -18,10 +18,10 @@
 
 
 # changed with every update
-%define major 45
-%define mainver %major.0.2

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-04-17 22:17:03

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-03-29 09:51:55.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-04-17 22:17:04.0 +0200
@@ -1,0 +2,14 @@
+Mon Apr 11 22:49:24 UTC 2016 - astie...@suse.com
+
+- Mozilla Firefox 45.0.2:
+  * Fix an issue impacting the cookie header when third-party
+cookies are blocked (bmo#1257861)
+  * Fix a web compatibility regression impacting the srcset
+attribute of the image tag (bmo#1259482)
+  * Fix a crash impacting the video playback with Media Source
+Extension (bmo#1258562)
+  * Fix a regression impacting some specific uploads (bmo#1255735)
+  * Fix a regression with the copy and paste with some old versions
+of some Gecko applications like Thunderbird (bmo#1254980)
+
+---

Old:

  firefox-45.0.1-source.tar.xz
  l10n-45.0.1.tar.xz

New:

  firefox-45.0.2-source.tar.xz
  l10n-45.0.2.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.pky3SS/_old  2016-04-17 22:17:17.0 +0200
+++ /var/tmp/diff_new_pack.pky3SS/_new  2016-04-17 22:17:17.0 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 45
-%define mainver %major.0.1
+%define mainver %major.0.2
 %define update_channel release
-%define releasedate 2016031600
+%define releasedate 2016041100
 
 # general build definitions
 %if "%{update_channel}" != "aurora"


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.pky3SS/_old  2016-04-17 22:17:17.0 +0200
+++ /var/tmp/diff_new_pack.pky3SS/_new  2016-04-17 22:17:17.0 +0200
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_45_0_1_RELEASE"
-VERSION="45.0.1"
+RELEASE_TAG="FIREFOX_45_0_2_RELEASE"
+VERSION="45.0.2"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-45.0.1-source.tar.xz -> firefox-45.0.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-45.0.1-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-45.0.2-source.tar.xz 
differ: char 26, line 1



++ l10n-45.0.1.tar.xz -> l10n-45.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-45.0.1.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-45.0.2.tar.xz differ: char 
25, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.pky3SS/_old  2016-04-17 22:17:18.0 +0200
+++ /var/tmp/diff_new_pack.pky3SS/_new  2016-04-17 22:17:18.0 +0200
@@ -1,2 +1,2 @@
-REV=e0e51efe7b15
+REV=e35da3da61cb
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-03-29 09:51:53

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-03-16 10:24:37.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-03-29 09:51:55.0 +0200
@@ -1,0 +2,17 @@
+Fri Mar 18 08:52:58 UTC 2016 - astie...@suse.com
+
+- Mozilla Firefox 45.0.1:
+  * Fix a regression causing search engine settings to be lost in
+some context (bmo#1254694)
+  * Bring back non-standard jar: URIs to fix a regression in IBM
+iNotes (bmo#1255139)
+  * XSLTProcessor.importStylesheet was failing when  was
+used (bmo#1249572)
+  * Fix an issue which could cause the list of search provider to
+be empty (bmo#1255605)
+  * Fix a regression when using the location bar (bmo#1254503)
+  * Fix some loading issues when Accept third-party cookies: was
+set to Never (bmo#1254856)
+  * Disabled Graphite font shaping library
+
+---

Old:

  firefox-45.0-source.tar.xz
  l10n-45.0.tar.xz

New:

  firefox-45.0.1-source.tar.xz
  l10n-45.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.01tCTC/_old  2016-03-29 09:52:05.0 +0200
+++ /var/tmp/diff_new_pack.01tCTC/_new  2016-03-29 09:52:05.0 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 45
-%define mainver %major.0
+%define mainver %major.0.1
 %define update_channel release
-%define releasedate 2016030500
+%define releasedate 2016031600
 
 # general build definitions
 %if "%{update_channel}" != "aurora"


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.01tCTC/_old  2016-03-29 09:52:05.0 +0200
+++ /var/tmp/diff_new_pack.01tCTC/_new  2016-03-29 09:52:05.0 +0200
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_45_0_RELEASE"
-VERSION="45.0"
+RELEASE_TAG="FIREFOX_45_0_1_RELEASE"
+VERSION="45.0.1"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-45.0-source.tar.xz -> firefox-45.0.1-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-45.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-45.0.1-source.tar.xz 
differ: char 26, line 1



++ l10n-45.0.tar.xz -> l10n-45.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-45.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-45.0.1.tar.xz differ: char 
25, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.01tCTC/_old  2016-03-29 09:52:06.0 +0200
+++ /var/tmp/diff_new_pack.01tCTC/_new  2016-03-29 09:52:06.0 +0200
@@ -1,2 +1,2 @@
-REV=b6609650a911
+REV=e0e51efe7b15
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-03-16 10:24:36

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-02-29 09:13:39.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-03-16 10:24:37.0 +0100
@@ -1,0 +2,72 @@
+Sun Mar  6 19:52:13 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 45.0 (boo#969894)
+  * requires NSPR 4.12 / NSS 3.21.1
+  * Instant browser tab sharing through Hello
+  * Synced Tabs button in button bar
+  * Tabs synced via Firefox Accounts from other devices are now shown
+in dropdown area of Awesome Bar when searching
+  * Introduce a new preference (network.dns.blockDotOnion) to allow
+blocking .onion at the DNS level
+  * Tab Groups (Panorama) feature removed
+  * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953
+Miscellaneous memory safety hazards
+  * MFSA 2016-17/CVE-2016-1954 (bmo#1243178)
+Local file overwriting and potential privilege escalation through
+CSP reports
+  * MFSA 2016-18/CVE-2016-1955 (bmo#1208946)
+CSP reports fail to strip location information for embedded iframe pages
+  * MFSA 2016-19/CVE-2016-1956 (bmo#1199923)
+Linux video memory DOS with Intel drivers
+  * MFSA 2016-20/CVE-2016-1957 (bmo#1227052)
+Memory leak in libstagefright when deleting an array during MP4
+processing
+  * MFSA 2016-21/CVE-2016-1958 (bmo#1228754)
+Displayed page address can be overridden
+  * MFSA 2016-22/CVE-2016-1959 (bmo#1234949)
+Service Worker Manager out-of-bounds read in Service Worker Manager
+  * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014)
+Use-after-free in HTML5 string parser
+  * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377)
+Use-after-free in SetBody
+  * MFSA 2016-25/CVE-2016-1962 (bmo#1240760)
+Use-after-free when using multiple WebRTC data channels
+  * MFSA 2016-26/CVE-2016-1963 (bmo#1238440)
+Memory corruption when modifying a file being read by FileReader
+  * MFSA 2016-27/CVE-2016-1964 (bmo#1243335)
+Use-after-free during XML transformations
+  * MFSA 2016-28/CVE-2016-1965 (bmo#1245264)
+Addressbar spoofing though history navigation and Location protocol
+property
+  * MFSA 2016-29/CVE-2016-1967 (bmo#1246956)
+Same-origin policy violation using perfomance.getEntries and
+history navigation with session restore
+  * MFSA 2016-30/CVE-2016-1968 (bmo#1246742)
+Buffer overflow in Brotli decompression
+  * MFSA 2016-31/CVE-2016-1966 (bmo#1246054)
+Memory corruption with malicious NPAPI plugin
+  * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/
+CVE-2016-1976/CVE-2016-1972
+WebRTC and LibVPX vulnerabilities found through code inspection
+  * MFSA 2016-33/CVE-2016-1973 (bmo#1219339)
+Use-after-free in GetStaticInstance in WebRTC
+  * MFSA 2016-34/CVE-2016-1974 (bmo#1228103)
+Out-of-bounds read in HTML parser following a failed allocation
+  * MFSA 2016-35/CVE-2016-1950 (bmo#1245528)
+Buffer overflow during ASN.1 decoding in NSS
+(fixed by requiring 3.21.1)
+  * MFSA 2016-36/CVE-2016-1979 (bmo#1185033)
+Use-after-free during processing of DER encoded keys in NSS
+(fixed by requiring 3.21.1)
+  * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/
+CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/
+CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/
+CVE-2016-2800/CVE-2016-2801/CVE-2016-2802
+Font vulnerabilities in the Graphite 2 library
+
+---
+Sat Mar  5 15:27:00 UTC 2016 - o...@aepfle.de
+
+- Remove B_CNT from symbols.zip filename to reduce build-compare noise
+
+---

Old:

  firefox-44.0.2-source.tar.xz
  l10n-44.0.2.tar.xz

New:

  firefox-45.0-source.tar.xz
  l10n-45.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.LCvMPf/_old  2016-03-16 10:24:50.0 +0100
+++ /var/tmp/diff_new_pack.LCvMPf/_new  2016-03-16 10:24:50.0 +0100
@@ -18,10 +18,10 @@
 
 
 # changed with every update
-%define major 44
-%define mainver %major.0.2
+%define major 45
+%define mainver %major.0
 %define update_channel release
-%define releasedate 2016021000
+%define releasedate 2016030500
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -77,8 +77,8 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-02-29 09:13:34

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-02-12 11:22:03.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-02-29 09:13:39.0 +0100
@@ -1,0 +2,20 @@
+Fri Feb 26 16:22:52 UTC 2016 - astie...@suse.com
+
+- fix build problems on i586, caused by too large unified compile
+  units - adding mozilla-reduce-files-per-UnifiedBindings.patch
+
+---
+Thu Feb 11 07:51:34 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 44.0.2
+  * MFSA 2016-13/CVE-2016-1949 (bmo#1245724, boo#966438)
+Same-origin-policy violation using Service Workers with plugins
+  * Fix issue which could lead to the removal of stored passwords
+under certain circumstances (bmo#1242176)
+  * Allows spaces in cookie names (bmo#1244505)
+  * Disable opus/vorbis audio with H.264 (bmo#1245696)
+  * Fix for graphics startup crash (GNU/Linux) (bmo#1222171)
+  * Fix a crash in cache networking (bmo#1244076)
+  * Fix using WebSockets in service worker controlled pages (bmo#1243942)
+
+---

Old:

  firefox-44.0-source.tar.xz
  l10n-44.0.tar.xz

New:

  firefox-44.0.2-source.tar.xz
  l10n-44.0.2.tar.xz
  mozilla-reduce-files-per-UnifiedBindings.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.1NiNVv/_old  2016-02-29 09:15:49.0 +0100
+++ /var/tmp/diff_new_pack.1NiNVv/_new  2016-02-29 09:15:49.0 +0100
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 44
-%define mainver %major.0
+%define mainver %major.0.2
 %define update_channel release
-%define releasedate 2016012300
+%define releasedate 2016021000
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -159,6 +159,7 @@
 Patch8: mozilla-openaes-decl.patch
 Patch10:mozilla-no-stdcxx-check.patch
 Patch11:mozilla-libproxy.patch
+Patch12:mozilla-reduce-files-per-UnifiedBindings.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -268,6 +269,7 @@
 %patch8 -p1
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1

++ _constraints ++
--- /var/tmp/diff_new_pack.1NiNVv/_old  2016-02-29 09:15:49.0 +0100
+++ /var/tmp/diff_new_pack.1NiNVv/_new  2016-02-29 09:15:49.0 +0100
@@ -2,10 +2,10 @@
 
   
 
-  9
+  13
 
 
-  5000
+  6000
 
   
   

++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.1NiNVv/_old  2016-02-29 09:15:49.0 +0100
+++ /var/tmp/diff_new_pack.1NiNVv/_new  2016-02-29 09:15:49.0 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_44_0_RELEASE"
-VERSION="44.0"
+RELEASE_TAG="FIREFOX_44_0_2_RELEASE"
+VERSION="44.0.2"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-44.0-source.tar.xz -> firefox-44.0.2-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-44.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-44.0.2-source.tar.xz 
differ: char 26, line 1



++ l10n-44.0.tar.xz -> l10n-44.0.2.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-44.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-44.0.2.tar.xz differ: char 
26, line 1

++ mozilla-reduce-files-per-UnifiedBindings.patch ++
From: Andreas Stieger 
Date: Fri, 26 Feb 2016 16:20:09 +
Subject: For UnifiedBindings*.cpp files, reduce number of files per unified file
Upstream: no

home/abuild/rpmbuild/BUILD/obj/dom/bindings/UnifiedBindings16.cpp
[ 1589s] UnifiedBindings17.o
[ 1612s] [ 1567.621989] Out of memory: Kill process 19849 (cc1plus) score 170 
or sacrifice child
[ 1612s] [ 1567.625099] Killed process 19849 (cc1plus) total-vm:905704kB, 
anon-rss:102500kB, file-rss:156kB
[ 1616s] {standard input}: Assembler messages:
[ 1616s] {standard input}:316015: Warning: end of file not at end of a line; 
newline inserted
[ 1635s] {standard input}: Error: open CFI at the end of file; missing 
.cfi_endproc directive
[ 1636s] c++: internal compiler error: Killed (program cc1plus)
[ 1636s] Please submit a full bug report,

Index: mozilla/python/mozbuild/mozbuild/backend/common.py

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-02-12 11:22:01

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-02-03 10:16:02.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-02-12 11:22:03.0 +0100
@@ -4,2 +4,2 @@
-- update to Firefox 44.0 (boo#963520)
-  * MFSA 2016-01/CVE-2016-1930/CVE-2016-1931
+- update to Firefox 44.0
+  * MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 boo#963633
@@ -7 +7 @@
-  * MFSA 2016-02/CVE-2016-1933 (bmo#1231761)
+  * MFSA 2016-02/CVE-2016-1933 (bmo#1231761) boo#963634
@@ -9 +9 @@
-  * MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
+  * MFSA 2016-03/CVE-2016-1935 (bmo#1220450) boo#963635
@@ -11 +11 @@
-  * MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784)
+  * MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784) 
boo#963637
@@ -13 +13 @@
-  * MFSA 2016-06/CVE-2016-1937 (bmo#724353)
+  * MFSA 2016-06/CVE-2016-1937 (bmo#724353) boo#963641
@@ -15 +15 @@
-  * MFSA 2016-07/CVE-2016-1938 (bmo#1190248)
+  * MFSA 2016-07/CVE-2016-1938 (bmo#1190248) boo#963731
@@ -19 +19 @@
-Addressbar spoofing attacks
+Addressbar spoofing attacks boo#963643
@@ -21 +21 @@
-(bmo#1186621, bmo#1214782, bmo#1232096)
+(bmo#1186621, bmo#1214782, bmo#1232096) boo#963644
@@ -23 +23 @@
-  * MFSA 2016-11/CVE-2016-1947 (bmo#1237103)
+  * MFSA 2016-11/CVE-2016-1947 (bmo#1237103) boo#963645



Other differences:
--

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-02-03 10:16:00

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-01-15 10:39:34.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-02-03 10:16:02.0 +0100
@@ -1,0 +2,29 @@
+Sun Jan 24 09:33:15 UTC 2016 - w...@rosenauer.org
+
+- update to Firefox 44.0 (boo#963520)
+  * MFSA 2016-01/CVE-2016-1930/CVE-2016-1931
+Miscellaneous memory safety hazards
+  * MFSA 2016-02/CVE-2016-1933 (bmo#1231761)
+Out of Memory crash when parsing GIF format images
+  * MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
+Buffer overflow in WebGL after out of memory allocation
+  * MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784)
+Firefox allows for control characters to be set in cookie names
+  * MFSA 2016-06/CVE-2016-1937 (bmo#724353)
+Missing delay following user click events in protocol handler dialog
+  * MFSA 2016-07/CVE-2016-1938 (bmo#1190248)
+Errors in mp_div and mp_exptmod cryptographic functions in NSS
+(fixed by requiring NSS 3.21)
+  * MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590)
+Addressbar spoofing attacks
+  * MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946
+(bmo#1186621, bmo#1214782, bmo#1232096)
+Unsafe memory manipulation found through code inspection
+  * MFSA 2016-11/CVE-2016-1947 (bmo#1237103)
+Application Reputation service disabled in Firefox 43
+  * requires NSPR 4.11
+  * requires NSS 3.21
+- prepare mozilla-kde.patch for Gtk3 builds
+- rebased patches
+
+---

Old:

  firefox-43.0.4-source.tar.xz
  l10n-43.0.4.tar.xz

New:

  firefox-44.0-source.tar.xz
  l10n-44.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.bNX2rA/_old  2016-02-03 10:16:16.0 +0100
+++ /var/tmp/diff_new_pack.bNX2rA/_new  2016-02-03 10:16:16.0 +0100
@@ -2,7 +2,7 @@
 # spec file for package MozillaFirefox
 #
 # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
-#   2006-2015 Wolfgang Rosenauer
+#   2006-2016 Wolfgang Rosenauer
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,10 +18,10 @@
 
 
 # changed with every update
-%define major 43
-%define mainver %major.0.4
+%define major 44
+%define mainver %major.0
 %define update_channel release
-%define releasedate 2016010600
+%define releasedate 2016012300
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -77,8 +77,8 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.10.10
-BuildRequires:  mozilla-nss-devel >= 3.20.2
+BuildRequires:  mozilla-nspr-devel >= 4.11
+BuildRequires:  mozilla-nss-devel >= 3.21
 BuildRequires:  nss-shared-helper-devel
 BuildRequires:  python-devel
 BuildRequires:  startup-notification-devel
@@ -320,6 +320,9 @@
 ac_add_options --mandir=%{_mandir}
 ac_add_options --includedir=%{_includedir}
 ac_add_options --enable-release
+%if 0%{?suse_version} > 1320
+#ac_add_options --enable-default-toolkit=cairo-gtk3
+%endif
 %ifarch %ix86 %arm
 %if 0%{?suse_version} > 1230
 ac_add_options --disable-optimize
@@ -568,6 +571,10 @@
 %{progdir}/components/
 %{progdir}/defaults/
 %{progdir}/dictionaries/
+%if 0%{?suse_version} > 1320
+#%dir %{progdir}/gtk2
+#%{progdir}/gtk2/libmozgtk.so
+%endif
 %{progdir}/webapprt/
 %{progdir}/gmp-clearkey/
 %attr(755,root,root) %{progdir}/%{progname}.sh


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.bNX2rA/_old  2016-02-03 10:16:16.0 +0100
+++ /var/tmp/diff_new_pack.bNX2rA/_new  2016-02-03 10:16:16.0 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_43_0_4_RELEASE"
-VERSION="43.0.4"
+RELEASE_TAG="FIREFOX_44_0_RELEASE"
+VERSION="44.0"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-43.0.4-source.tar.xz -> firefox-44.0-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-43.0.4-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-44.0-source.tar.xz 
differ: char 26, line 1


++ firefox-branded-icons.patch ++
--- /var/tmp/diff_new_pack.bNX2rA/_old  2016-02-03 10:16:16.0 +0100
+++ /var/tmp/diff_new_pack.bNX2rA/_new  2016-02-03 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-01-15 10:39:33

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2016-01-05 09:41:17.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-01-15 10:39:34.0 +0100
@@ -1,0 +2,13 @@
+Mon Jan 11 08:04:24 UTC 2016 - astie...@suse.com
+
+- Mozilla Firefox 43.0.4:
+  * Re-enable SHA-1 certificates to prevent outdated
+man-in-the-middle security devices from interfering with
+properly secured SSL/TLS connections (bmo#1236975)
+  * Fix for startup crash for users of a third party antivirus tool
+(bmo#1235537)
+- The following change was previously in the package as a patch:
+  * Multi-user GNU/Linux download folders can be created
+   (bmo#1233434), removed mozilla-bmo1233434.patch
+
+---

Old:

  firefox-43.0.3-source.tar.xz
  l10n-43.0.3.tar.xz
  mozilla-bmo1233434.patch

New:

  firefox-43.0.4-source.tar.xz
  l10n-43.0.4.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.MJdrwN/_old  2016-01-15 10:39:49.0 +0100
+++ /var/tmp/diff_new_pack.MJdrwN/_new  2016-01-15 10:39:49.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package MozillaFirefox
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #   2006-2015 Wolfgang Rosenauer
 #
 # All modifications and additions to the file contributed by third parties
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 43
-%define mainver %major.0.3
+%define mainver %major.0.4
 %define update_channel release
-%define releasedate 2015122500
+%define releasedate 2016010600
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -159,7 +159,6 @@
 Patch8: mozilla-openaes-decl.patch
 Patch10:mozilla-no-stdcxx-check.patch
 Patch11:mozilla-libproxy.patch
-Patch12:mozilla-bmo1233434.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -269,7 +268,6 @@
 %patch8 -p1
 %patch10 -p1
 %patch11 -p1
-%patch12 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.MJdrwN/_old  2016-01-15 10:39:50.0 +0100
+++ /var/tmp/diff_new_pack.MJdrwN/_new  2016-01-15 10:39:50.0 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_43_0_3_RELEASE"
-VERSION="43.0.3"
+RELEASE_TAG="FIREFOX_43_0_4_RELEASE"
+VERSION="43.0.4"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-43.0.3-source.tar.xz -> firefox-43.0.4-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-43.0.3-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-43.0.4-source.tar.xz 
differ: char 26, line 1



++ l10n-43.0.3.tar.xz -> l10n-43.0.4.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-43.0.3.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-43.0.4.tar.xz differ: char 
25, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.MJdrwN/_old  2016-01-15 10:39:50.0 +0100
+++ /var/tmp/diff_new_pack.MJdrwN/_new  2016-01-15 10:39:50.0 +0100
@@ -1,2 +1,2 @@
-REV=f227eec41a24
+REV=146f494b6a79
 REPO=http://hg.mozilla.org/releases/mozilla-release

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2016-01-05 09:40:54

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2015-12-27 01:57:14.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2016-01-05 09:41:17.0 +0100
@@ -1,0 +2,14 @@
+Tue Dec 29 20:29:35 UTC 2015 - w...@rosenauer.org
+
+- update to Firefox 43.0.3
+  * requires NSS 3.20.2 to fix
+MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
+MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
+server signature
+  * various changes to support Windows update (SHA-1 vs. SHA-2)
+  * workaround Youtube user agent detection issue (bmo#1233970)
+- fix file download regression for multi user systems
+  (bmo#1233434) (mozilla-bmo1233434.patch)
+- explicitely requires libXcomposite-devel
+
+---

Old:

  firefox-43.0-source.tar.xz
  l10n-43.0.tar.xz

New:

  firefox-43.0.3-source.tar.xz
  l10n-43.0.3.tar.xz
  mozilla-bmo1233434.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.Os2ddw/_old  2016-01-05 09:41:29.0 +0100
+++ /var/tmp/diff_new_pack.Os2ddw/_new  2016-01-05 09:41:29.0 +0100
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 43
-%define mainver %major.0
+%define mainver %major.0.3
 %define update_channel release
-%define releasedate 2015121300
+%define releasedate 2015122500
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -69,6 +69,7 @@
 BuildRequires:  dbus-1-glib-devel
 BuildRequires:  fdupes
 BuildRequires:  gcc-c++
+BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libgnomeui-devel
 BuildRequires:  libidl-devel
@@ -77,7 +78,7 @@
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.10.10
-BuildRequires:  mozilla-nss-devel >= 3.19.4
+BuildRequires:  mozilla-nss-devel >= 3.20.2
 BuildRequires:  nss-shared-helper-devel
 BuildRequires:  python-devel
 BuildRequires:  startup-notification-devel
@@ -90,6 +91,17 @@
 BuildRequires:  pkgconfig(gstreamer-app-%gstreamer_ver)
 BuildRequires:  pkgconfig(gstreamer-plugins-base-%gstreamer_ver)
 BuildRequires:  pkgconfig(libpulse)
+# libavcodec is already used if available for H.264 but
+# explicitely loaded by FF. For proper H.264 support the
+# openSUSE delivered version is not sufficient but currently
+# prevents even the use of the GStreamer method
+# https://bugzilla.mozilla.org/show_bug.cgi?id=1234157
+# to get H.264 working correctly libavcodec from packman
+# is required. As of today the following recommends will
+# pull in libavcodec52 from packman since it's the only
+# package providing libavcodec but it's not loaded from
+# Firefox as the minimal version is 53
+#Recommends: libavcodec
 %if 0%{?gstreamer} == 1
 Requires:   libgstreamer-1_0-0
 Recommends: gstreamer-fluendo-mp3
@@ -147,6 +159,7 @@
 Patch8: mozilla-openaes-decl.patch
 Patch10:mozilla-no-stdcxx-check.patch
 Patch11:mozilla-libproxy.patch
+Patch12:mozilla-bmo1233434.patch
 # Firefox/browser
 Patch101:   firefox-kde.patch
 Patch102:   firefox-no-default-ualocale.patch
@@ -256,6 +269,7 @@
 %patch8 -p1
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.Os2ddw/_old  2016-01-05 09:41:29.0 +0100
+++ /var/tmp/diff_new_pack.Os2ddw/_new  2016-01-05 09:41:29.0 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_43_0_RELEASE"
-VERSION="43.0"
+RELEASE_TAG="FIREFOX_43_0_3_RELEASE"
+VERSION="43.0.3"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-43.0-source.tar.xz -> firefox-43.0.3-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-43.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-43.0.3-source.tar.xz 
differ: char 26, line 1



++ l10n-43.0.tar.xz -> l10n-43.0.3.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-43.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-43.0.3.tar.xz differ: char 
26, line 1

++ mozilla-bmo1233434.patch ++

# HG changeset patch
# User Aidin Gharibnavaz 
# Date 1450550460 -12600
# Node ID 07ec362866977f37e638fc88e3079621fd7aef96
# Parent  cb66ffeb6725e8344818e8e2f707ae2eaeb953b4
Bug 1233434 - Fixing 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2015-12-27 01:57:12

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2015-11-17 14:21:35.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2015-12-27 01:57:14.0 +0100
@@ -1,0 +2,49 @@
+Sun Dec 13 23:07:56 UTC 2015 - w...@rosenauer.org
+
+- update to Firefox 43.0 (bnc#959277)
+  * Improved API support for m4v video playback
+  * Users can opt-in to receive search suggestions from the Awesome Bar
+  * WebRTC streaming on multiple monitors
+  * User selectable second block list for Private Browsing's Tracking
+Protection
+  security fixes:
+  * MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
+Miscellaneous memory safety hazards
+  * MFSA 2015-135/CVE-2015-7204 (bmo#1216130)
+Crash with JavaScript variable assignment with unboxed objects
+  * MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
+Same-origin policy violation using perfomance.getEntries and
+history navigation
+  * MFSA 2015-137/CVE-2015-7208 (bmo#1191423)
+Firefox allows for control characters to be set in cookies
+  * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
+Use-after-free in WebRTC when datachannel is used after being
+destroyed
+  * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
+Integer overflow allocating extremely large textures
+  * MFSA 2015-140/CVE-2015-7215 (bmo#1160890)
+Cross-origin information leak through web workers error events
+  * MFSA 2015-141/CVE-2015-7211 (bmo#1221444)
+Hash in data URI is incorrectly parsed
+  * MFSA 2015-142/CVE-2015-7218/CVE-2015-7219 (bmo#1194818, bmo#1194820)
+DOS due to malformed frames in HTTP/2
+  * MFSA 2015-143/CVE-2015-7216/CVE-2015-7217 (bmo#1197059, bmo#1203078)
+Linux file chooser crashes on malformed images due to flaws in
+Jasper library
+  * MFSA 2015-144/CVE-2015-7203/CVE-2015-7220/CVE-2015-7221
+(bmo#1201183, bmo#1178033, bmo#1199400)
+Buffer overflows found through code inspection
+  * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
+Underflow through code inspection
+  * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
+Integer overflow in MP4 playback in 64-bit versions
+  * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
+Integer underflow and buffer overflow processing MP4 metadata in
+libstagefright
+  * MFSA 2015-148/CVE-2015-7223 (bmo#1226423)
+Privilege escalation vulnerabilities in WebExtension APIs
+  * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
+Cross-site reading attack through data and view-source URIs
+- rebased patches
+
+---

Old:

  firefox-42.0-source.tar.xz
  l10n-42.0.tar.xz

New:

  firefox-43.0-source.tar.xz
  l10n-43.0.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.2YYrny/_old  2015-12-27 01:57:36.0 +0100
+++ /var/tmp/diff_new_pack.2YYrny/_new  2015-12-27 01:57:36.0 +0100
@@ -18,10 +18,10 @@
 
 
 # changed with every update
-%define major 42
+%define major 43
 %define mainver %major.0
 %define update_channel release
-%define releasedate 2015103000
+%define releasedate 2015121300
 
 # general build definitions
 %if "%{update_channel}" != "aurora"


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.2YYrny/_old  2015-12-27 01:57:37.0 +0100
+++ /var/tmp/diff_new_pack.2YYrny/_new  2015-12-27 01:57:37.0 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_42_0_RELEASE"
-VERSION="42.0"
+RELEASE_TAG="FIREFOX_43_0_RELEASE"
+VERSION="43.0"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-42.0-source.tar.xz -> firefox-43.0-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-42.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-43.0-source.tar.xz 
differ: char 26, line 1


++ firefox-kde.patch ++
--- /var/tmp/diff_new_pack.2YYrny/_old  2015-12-27 01:57:37.0 +0100
+++ /var/tmp/diff_new_pack.2YYrny/_new  2015-12-27 01:57:37.0 +0100
@@ -1,11 +1,11 @@
 # HG changeset patch
-# Parent  95b421ca30846be2b5d7230d72263e6dff042d0b
+# Parent  3fedb882f767b2e4ff72ef972a9cce4c5d1af4af
 
 diff --git a/browser/base/content/browser-kde.xul 
b/browser/base/content/browser-kde.xul
 new file mode 100644
 --- /dev/null
 +++ b/browser/base/content/browser-kde.xul
-@@ -0,0 +1,1234 @@
+@@ -0,0 +1,1222 @@
 +#filter substitution
 +
 +# -*- Mode: HTML -*-
@@ -91,6 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2015-11-17 14:21:34

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2015-11-08 11:24:41.0 +0100
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2015-11-17 14:21:35.0 +0100
@@ -1,0 +2,8 @@
+Sun Nov 15 19:52:20 UTC 2015 - w...@rosenauer.org
+
+- Add desktop menu action for private browsing window to desktop
+  file (boo#954747)
+- remove obsolete patch mozilla-bmo1005535.patch completely from
+  source package to avoid automatic check failures
+
+---

Old:

  mozilla-bmo1005535.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.9kiVLF/_old  2015-11-17 14:21:43.0 +0100
+++ /var/tmp/diff_new_pack.9kiVLF/_new  2015-11-17 14:21:43.0 +0100
@@ -145,7 +145,6 @@
 Patch6: mozilla-ntlm-full-path.patch
 Patch7: mozilla-repo.patch
 Patch8: mozilla-openaes-decl.patch
-Patch9: mozilla-bmo1005535.patch
 Patch10:mozilla-no-stdcxx-check.patch
 Patch11:mozilla-libproxy.patch
 # Firefox/browser
@@ -255,7 +254,6 @@
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
-#%patch9 -p1
 %patch10 -p1
 %patch11 -p1
 # Firefox

++ MozillaFirefox.desktop ++
--- /var/tmp/diff_new_pack.9kiVLF/_old  2015-11-17 14:21:43.0 +0100
+++ /var/tmp/diff_new_pack.9kiVLF/_new  2015-11-17 14:21:43.0 +0100
@@ -10,3 +10,9 @@
 StartupNotify=true
 
MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;application/x-xpinstall;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;
 Type=Application
+
+Actions=PrivateBrowsing;
+
+[Desktop Action PrivateBrowsing]
+Name=New Private Browsing Window
+Exec=%EXEC --private-window %u

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2015-11-08 11:24:40

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2015-10-24 10:24:06.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2015-11-08 11:24:41.0 +0100
@@ -1,0 +2,62 @@
+Sat Oct 31 19:50:03 UTC 2015 - w...@rosenauer.org
+
+- update to Firefox 42.0 (bnc#952810)
+  * Private Browsing with Tracking Protection blocks certain Web
+elements that could be used to record your behavior across sites
+  * Control Center that contains site security and privacy controls
+  * Login Manager improvements
+  * WebRTC improvements
+  * Indicator added to tabs that play audio with one-click muting
+  * Media Source Extension for HTML5 video available for all sites
+  security fixes:
+  * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
+Miscellaneous memory safety hazards
+  * MFSA 2015-117/CVE-2015-4515 (bmo#1046421)
+Information disclosure through NTLM authentication
+  * MFSA 2015-118/CVE-2015-4518 (bmo#1182778, bmo#1136692)
+CSP bypass due to permissive Reader mode whitelist
+  * MFSA 2015-119/CVE-2015-7185 (bmo#1149000) (Android only)
+Firefox for Android addressbar can be removed after fullscreen mode
+  * MFSA 2015-120/CVE-2015-7186 (bmo#1193027) (Android only)
+Reading sensitive profile files through local HTML file on Android
+  * MFSA 2015-121/CVE-2015-7187 (bmo#1195735)
+disabling scripts in Add-on SDK panels has no effect
+  * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
+Trailing whitespace in IP address hostnames can bypass same-origin policy
+  * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
+Buffer overflow during image interactions in canvas
+  * MFSA 2015-124/CVE-2015-7190 (bmo#1208520) (Android only)
+Android intents can be used on Firefox for Android to open privileged files
+  * MFSA 2015-125/CVE-2015-7191 (bmo#1208956) (Android only)
+XSS attack through intents on Firefox for Android
+  * MFSA 2015-126/CVE-2015-7192 (bmo#1210023) (OS X only)
+Crash when accessing HTML tables with accessibility tools on OS X
+  * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
+CORS preflight is bypassed when non-standard Content-Type headers
+are received
+  * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
+Memory corruption in libjar through zip files
+  * MFSA 2015-129/CVE-2015-7195 (bmo#1211871)
+Certain escaped characters in host of Location-header are being
+treated as non-escaped
+  * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
+JavaScript garbage collection crash with Java applet
+  * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
+(bmo#1188010, bmo#1204061, bmo#1204155)
+Vulnerabilities found through code inspection
+  * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
+Mixed content WebSocket policy bypass through workers
+  * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
+(bmo#1202868, bmo#1205157)
+NSS and NSPR memory corruption issues
+(fixed in mozilla-nspr and mozilla-nss packages)
+- requires NSPR >= 4.10.10 and NSS >= 3.19.4
+- removed obsolete patches
+  * mozilla-arm-disable-edsp.patch
+  * mozilla-icu-strncat.patch
+  * mozilla-skia-be-le.patch
+  * toolkit-download-folder.patch
+- fixed build with enable-libproxy (bmo#1220399)
+  * mozilla-libproxy.patch
+
+---

Old:

  firefox-41.0.2-source.tar.xz
  l10n-41.0.2.tar.xz
  mozilla-arm-disable-edsp.patch
  mozilla-icu-strncat.patch
  mozilla-skia-be-le.patch
  toolkit-download-folder.patch

New:

  firefox-42.0-source.tar.xz
  l10n-42.0.tar.xz
  mozilla-libproxy.patch



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.dX8VNr/_old  2015-11-08 11:24:57.0 +0100
+++ /var/tmp/diff_new_pack.dX8VNr/_new  2015-11-08 11:24:57.0 +0100
@@ -18,10 +18,10 @@
 
 
 # changed with every update
-%define major 41
-%define mainver %major.0.2
+%define major 42
+%define mainver %major.0
 %define update_channel release
-%define releasedate 2015101500
+%define releasedate 2015103000
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -76,8 +76,8 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.10.8
-BuildRequires:  mozilla-nss-devel >= 3.19.2
+BuildRequires:  mozilla-nspr-devel >= 4.10.10
+BuildRequires:  mozilla-nss-devel >= 3.19.4
 BuildRequires:  nss-shared-helper-devel
 

commit MozillaFirefox for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory 
checked in at 2015-10-12 10:00:37

Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
 and  /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)


Package is "MozillaFirefox"

Changes:

--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes
2015-10-01 12:21:20.0 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes   
2015-10-12 10:00:38.0 +0200
@@ -1,0 +2,19 @@
+Sun Oct  4 09:20:56 UTC 2015 - w...@rosenauer.org
+
+- do not build with --enable-stdcxx-compat
+  (this starts to fail build on various toolchain combinations
+  and is not required for openSUSE builds in general
+
+---
+Thu Oct  1 09:49:57 UTC 2015 - w...@rosenauer.org
+
+- update to Firefox 41.0.1
+  * Fix a startup crash related to Yandex toolbar and Adblock Plus
+(bmo#1209124)
+  * Fix potential hangs with Flash plugins (bmo#1185639)
+  * Fix a regression in the bookmark creation (bmo#1206376)
+  * Fix a startup crash with some Intel Media Accelerator 3150
+graphic cards (bmo#1207665)
+  * Fix a graphic crash, occurring occasionally on Facebook (bmo#1178601)
+
+---

Old:

  firefox-41.0-source.tar.xz
  l10n-41.0.tar.xz

New:

  firefox-41.0.1-source.tar.xz
  l10n-41.0.1.tar.xz



Other differences:
--
++ MozillaFirefox.spec ++
--- /var/tmp/diff_new_pack.cqTO18/_old  2015-10-12 10:00:51.0 +0200
+++ /var/tmp/diff_new_pack.cqTO18/_new  2015-10-12 10:00:51.0 +0200
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 41
-%define mainver %major.0
+%define mainver %major.0.1
 %define update_channel release
-%define releasedate 2015091800
+%define releasedate 2015092900
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -312,7 +312,6 @@
 ac_add_options --mandir=%{_mandir}
 ac_add_options --includedir=%{_includedir}
 ac_add_options --enable-release
-ac_add_options --enable-stdcxx-compat
 %ifarch %ix86 %arm
 %if 0%{?suse_version} > 1230
 ac_add_options --disable-optimize


++ compare-locales.tar.xz ++

++ create-tar.sh ++
--- /var/tmp/diff_new_pack.cqTO18/_old  2015-10-12 10:00:51.0 +0200
+++ /var/tmp/diff_new_pack.cqTO18/_new  2015-10-12 10:00:51.0 +0200
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_41_0_RELEASE"
-VERSION="41.0"
+RELEASE_TAG="FIREFOX_41_0_1_RELEASE"
+VERSION="41.0.1"
 
 # mozilla
 if [ -d mozilla ]; then

++ firefox-41.0-source.tar.xz -> firefox-41.0.1-source.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-41.0-source.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-41.0.1-source.tar.xz 
differ: char 26, line 1



++ l10n-41.0.tar.xz -> l10n-41.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/MozillaFirefox/l10n-41.0.tar.xz 
/work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-41.0.1.tar.xz differ: char 
26, line 1

++ source-stamp.txt ++
--- /var/tmp/diff_new_pack.cqTO18/_old  2015-10-12 10:00:51.0 +0200
+++ /var/tmp/diff_new_pack.cqTO18/_new  2015-10-12 10:00:51.0 +0200
@@ -1,2 +1,2 @@
-REV=78c82e5cd777
+REV=76aad04b2a72
 REPO=http://hg.mozilla.org/releases/mozilla-release