Change log for firefox-esr package in Debian
| 76 → 150 of 189 results | First • Previous • Next • Last |
| Superseded in sid-release |
firefox-esr (78.6.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2020-55, also known as:
CVE-2020-16042, CVE-2020-26971, CVE-2020-26973, CVE-2020-26974,
CVE-2020-26978, CVE-2020-35111, CVE-2020-35113.
-- Mike Hommey <email address hidden> Wed, 16 Dec 2020 05:57:15 +0900
| Superseded in buster-release |
firefox-esr (78.5.0esr-1~deb10u1) buster-security; urgency=medium
* New upstream release.
* Fixes for mfsa2020-51, also known as:
CVE-2020-26951, CVE-2020-16012, CVE-2020-26953, CVE-2020-26956,
CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961,
CVE-2020-26965, CVE-2020-26968.
-- Mike Hommey <email address hidden> Wed, 18 Nov 2020 06:23:03 +0900
| Superseded in sid-release |
firefox-esr (78.5.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2020-51, also known as:
CVE-2020-26951, CVE-2020-16012, CVE-2020-26953, CVE-2020-26956,
CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961,
CVE-2020-26965, CVE-2020-26968.
-- Mike Hommey <email address hidden> Wed, 18 Nov 2020 06:23:03 +0900
| Superseded in sid-release |
firefox-esr (78.4.1esr-2) unstable; urgency=medium
* Cargo.lock, third_party/rust/proc-macro2, third_party/rust/syn: Update
to fix FTBFS with rustc 1.47. bz#1663715.
-- Mike Hommey <email address hidden> Tue, 10 Nov 2020 10:23:12 +0900
| Superseded in sid-release |
firefox-esr (78.4.1esr-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-49, also known as CVE-2020-26950. -- Mike Hommey <email address hidden> Tue, 10 Nov 2020 07:27:07 +0900
| Superseded in sid-release |
firefox-esr (78.4.0esr-2) unstable; urgency=medium
* debian/rules: Restore parts of debian/rules that were removed by mistake
in 78.4.0esr-1, causing FTBFS on at least amd64.
-- Mike Hommey <email address hidden> Wed, 21 Oct 2020 13:19:24 +0900
| Superseded in sid-release |
firefox-esr (78.4.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2020-46, also known as:
CVE-2020-15969, CVE-2020-15683.
[Emilio Pozuelo Monfort]
* debian/browser.bug-presubj.in, debian/control.in, debian/rules,
debian/symbols.mk, debian/upstream.mk: Remove support for jessie.
* debian/control.in, debian/rules: stretch: build with LLVM 7, 4.0 doesn't
support -std=gnu++17.
* debian/rules:
- stretch: build with GCC 7 from gcc-mozilla.
- Call python with -B when regenerating the control files, so as to not
generate bytecode files.
- Call debian/l10n/gen with C.UTF-8 as the locale, otherwise it fails
in stretch when opening the iso-codes files.
- stretch: don't set NASM on !x86.
-- Mike Hommey <email address hidden> Wed, 21 Oct 2020 06:35:35 +0900
| Superseded in buster-release |
firefox-esr (68.12.0esr-1~deb10u1) buster-security; urgency=medium * New upstream release * Fixes for mfsa2020-37, also known as CVE-2020-15664 and CVE-2020-15669. -- Mike Hommey <email address hidden> Wed, 26 Aug 2020 06:56:02 +0900
| Superseded in sid-release |
firefox-esr (78.3.0esr-2) unstable; urgency=medium
* third-party/rust/authenticator/src/linux/ioctl_mips*.rs: Add missing
bindings for mips*.
-- Mike Hommey <email address hidden> Wed, 23 Sep 2020 12:53:29 +0900
| Superseded in sid-release |
firefox-esr (78.3.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2020-43, also known as:
CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673.
* js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp: Add
CodeGenerator::visitWasmRegisterResult function. bz#1649655.
* js/src/jit/none/MacroAssembler-none.h: Bump CodeAlignment to 8.
bz#1666646.
-- Mike Hommey <email address hidden> Wed, 23 Sep 2020 07:25:27 +0900
| Superseded in sid-release |
firefox-esr (78.2.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2020-32 and mfsa2020-38, also known as:
CVE-2020-15652, CVE-2020-6514, CVE-2020-15655, CVE-2020-15653,
CVE-2020-6463, CVE-2020-15656, CVE-2020-15658, CVE-2020-15654,
CVE-2020-15659, CVE-2020-15664, CVE-2020-15670.
-- Mike Hommey <email address hidden> Thu, 03 Sep 2020 09:30:52 +0900
| Superseded in sid-release |
firefox-esr (68.12.0esr-1) unstable; urgency=medium * New upstream release * Fixes for mfsa2020-37, also known as CVE-2020-15664 and CVE-2020-15669. -- Mike Hommey <email address hidden> Wed, 26 Aug 2020 06:56:02 +0900
| Superseded in buster-release |
firefox-esr (68.10.0esr-1~deb10u1) buster-security; urgency=medium
* New upstream release
* Fixes for mfsa2020-25, also known as:
CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420,
CVE-2020-12421.
-- Mike Hommey <email address hidden> Wed, 01 Jul 2020 09:08:58 +0900
| Superseded in sid-release |
firefox-esr (68.11.0esr-1) unstable; urgency=medium
* New upstream release
* Fixes for mfsa2020-31, also known as:
CVE-2020-15652, CVE-2020-6514, CVE-2020-6463, CVE-2020-15659.
-- Mike Hommey <email address hidden> Wed, 29 Jul 2020 07:23:16 +0900
| Published in stretch-release |
firefox-esr (68.10.0esr-1~deb9u1) stretch-security; urgency=medium
* New upstream release
* Fixes for mfsa2020-25, also known as:
CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420,
CVE-2020-12421.
-- Mike Hommey <email address hidden> Wed, 01 Jul 2020 09:08:58 +0900
| Superseded in sid-release |
firefox-esr (68.10.0esr-1) unstable; urgency=medium
* New upstream release
* Fixes for mfsa2020-25, also known as:
CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420,
CVE-2020-12421.
-- Mike Hommey <email address hidden> Wed, 01 Jul 2020 09:08:58 +0900
| Superseded in sid-release |
firefox-esr (68.9.0esr-1) unstable; urgency=medium
* New upstream release
* Fixes for mfsa2020-21, also known as:
CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12410.
* debian/rules: Force using old PKCS11 API when building against newer NSS
releases. Closes: #961762.
* debian/control*: Bump nss build dependencies.
-- Mike Hommey <email address hidden> Wed, 03 Jun 2020 06:11:28 +0900
| Superseded in buster-release |
firefox-esr (68.7.0esr-1~deb10u1) buster-security; urgency=medium
* New upstream release
* Fixes for mfsa2020-13, also known as:
CVE-2020-6821, CVE-2020-6822, CVE-2020-6825.
-- Mike Hommey <email address hidden> Wed, 08 Apr 2020 07:54:16 +0900
| Superseded in sid-release |
firefox-esr (68.8.0esr-1) unstable; urgency=medium
* New upstream release
* Fixes for mfsa2020-17, also known as:
CVE-2020-12387, CVE-2020-6831, CVE-2020-12392, CVE-2020-12395.
-- Mike Hommey <email address hidden> Wed, 06 May 2020 05:29:30 +0900
| Superseded in sid-release |
firefox-esr (68.7.0esr-1) unstable; urgency=medium
* New upstream release
* Fixes for mfsa2020-13, also known as:
CVE-2020-6821, CVE-2020-6822, CVE-2020-6825.
-- Mike Hommey <email address hidden> Wed, 08 Apr 2020 07:54:16 +0900
| Superseded in sid-release |
firefox-esr (68.6.1esr-1) unstable; urgency=medium * New upstream release * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. -- Mike Hommey <email address hidden> Sat, 04 Apr 2020 06:41:17 +0900
| Superseded in sid-release |
firefox-esr (68.6.0esr-1) unstable; urgency=medium
* New upstream release
* Fixes for mfsa2020-09, also known as:
CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811,
CVE-2019-20503, CVE-2020-6812, CVE-2020-6814.
-- Mike Hommey <email address hidden> Wed, 11 Mar 2020 06:59:57 +0900
| Superseded in sid-release |
firefox-esr (68.5.0esr-1) unstable; urgency=medium
* New upstream release
* Fixes for mfsa2020-06, also known as:
CVE-2020-6796, CVE-2020-6798, CVE-2020-6800.
-- Mike Hommey <email address hidden> Wed, 12 Feb 2020 06:50:33 +0900
| Superseded in stretch-release |
firefox-esr (68.4.1esr-1~deb9u1) stretch-security; urgency=medium * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. -- Mike Hommey <email address hidden> Thu, 09 Jan 2020 06:40:28 +0900
| Superseded in stretch-release |
firefox-esr (60.9.0esr-1~deb9u1) stretch-security; urgency=medium
* New upstream release.
Fixes for mfsa2019-27, also known as:
CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752,
CVE-2019-9812, CVE-2019-11743, CVE-2019-11740.
-- Mike Hommey <email address hidden> Wed, 04 Sep 2019 09:23:23 +0900
| Superseded in buster-release |
firefox-esr (68.4.1esr-1~deb10u1) buster-security; urgency=medium * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. -- Mike Hommey <email address hidden> Thu, 09 Jan 2020 06:40:28 +0900
| Superseded in sid-release |
firefox-esr (68.4.2esr-1) unstable; urgency=medium * New upstream release. -- Mike Hommey <email address hidden> Wed, 22 Jan 2020 12:02:13 +0900
| Superseded in sid-release |
firefox-esr (68.4.1esr-1) unstable; urgency=medium * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. -- Mike Hommey <email address hidden> Thu, 09 Jan 2020 06:40:28 +0900
| Superseded in sid-release |
firefox-esr (68.4.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2020-02, also known as:
CVE-2019-17015, CVE-2019-17016, CVE-2019-17017, CVE-2019-17021,
CVE-2019-17022, CVE-2019-17024.
* debian/rules: Don't build with --compress-debug-sections on jessie.
* debian/rules: Use sourcestamp.txt for MOZ_BUILD_DATE. Closes: #946193.
* sourcestamp.txt: Fill with the missing info.
* intl/icu_sources_data.py: Don't build ICU in parallel.
* gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around older
GCC ICEs on arm.
(Thanks Emilio Pozuelo Monfort)
-- Mike Hommey <email address hidden> Wed, 08 Jan 2020 08:54:04 +0900
| Superseded in sid-release |
firefox-esr (68.3.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-37, also known as:
CVE-2019-17008, CVE-2019-11745, CVE-2019-17010, CVE-2019-17005,
CVE-2019-17011, CVE-2019-17012.
* debian/control*: Bump nss build dependencies.
* debian/rules, debian/control.in:
- Build with nodejs-mozilla on jessie and stretch.
- Build with nasm-mozilla on jessie and stretch.
- Don't build with system libvpx on stretch.
(Thanks Emilio Pozuelo Monfort)
-- Mike Hommey <email address hidden> Wed, 04 Dec 2019 08:56:07 +0900
| Superseded in buster-release |
firefox-esr (68.2.0esr-1~deb10u1) buster-security; urgency=medium
* New upstream release.
* Fixes for mfsa2019-33, also known as:
CVE-2019-15903, CVE-2019-11757, CVE-2019-11758, CVE-2019-11759,
CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763,
CVE-2019-11764.
-- Mike Hommey <email address hidden> Wed, 23 Oct 2019 06:50:01 +0900
| Superseded in sid-release |
firefox-esr (68.2.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-33, also known as:
CVE-2019-15903, CVE-2019-11757, CVE-2019-11758, CVE-2019-11759,
CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763,
CVE-2019-11764.
-- Mike Hommey <email address hidden> Wed, 23 Oct 2019 06:50:01 +0900
| Superseded in stretch-release |
firefox-esr (60.7.1esr-1~deb9u1) stretch-security; urgency=medium * New upstream release. * Fixes for mfsa2019-18, also known as CVE-2019-11707. -- Mike Hommey <email address hidden> Tue, 18 Jun 2019 11:15:36 -0700
| Superseded in buster-release |
firefox-esr (60.8.0esr-1~deb10u1) buster-security; urgency=medium
* New upstream release.
* Fixes for mfsa2019-22, also known as:
CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713,
CVE-2019-11729, CVE-2019-11715, CVE-2019-11717, CVE-2019-11719,
CVE-2019-11730, CVE-2019-11709.
-- Mike Hommey <email address hidden> Wed, 10 Jul 2019 07:13:23 +0900
| Superseded in sid-release |
firefox-esr (68.1.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-26, also known as
CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752,
CVE-2019-9812, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749,
CVE-2019-11750, CVE-2019-11738, CVE-2019-11747, CVE-2019-11735,
CVE-2019-11740.
* debian/upstream.mk: Read source repo and revision from json when
getting upstream info. Instead of the .txt file that doesn't exist
as of 69.
* debian/control*:
- Remove unused build dependency against python-ply.
- Remove python-minimal build dependency. All supported versions
of Debian have a new enough version.
* debian/l10n/gen, debian/latest_nightly.py, debian/rules,
debian/symbols.mk, debian/upstream.mk, debian/watch: Use explicit
python2.7 instead of python.
-- Mike Hommey <email address hidden> Wed, 04 Sep 2019 10:22:21 +0900
| Superseded in sid-release |
firefox-esr (68.0.2esr-1) unstable; urgency=medium * New upstream ESR release. -- Mike Hommey <email address hidden> Sun, 18 Aug 2019 22:27:52 +0900
| Superseded in sid-release |
firefox-esr (60.8.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-22, also known as:
CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713,
CVE-2019-11729, CVE-2019-11715, CVE-2019-11717, CVE-2019-11719,
CVE-2019-11730, CVE-2019-11709.
-- Mike Hommey <email address hidden> Wed, 10 Jul 2019 07:13:23 +0900
firefox-esr (60.7.2esr-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa219-19, also known as CVE-2019-11708. -- Mike Hommey <email address hidden> Thu, 20 Jun 2019 10:48:50 -0700
| Superseded in sid-release |
firefox-esr (60.7.1esr-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-18, also known as CVE-2019-11707. -- Mike Hommey <email address hidden> Tue, 18 Jun 2019 11:15:36 -0700
firefox-esr (60.7.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-14, also known as:
CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820,
CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-7317,
CVE-2019-9797, CVE-2018-18511, CVE-2019-11698, CVE-2019-5798,
CVE-2019-9800.
* debian/rules: Avoid rust build errors with newer versions of rustc by
capping lints to warnings.
-- Mike Hommey <email address hidden> Wed, 22 May 2019 07:23:08 +0900
firefox-esr (60.6.3esr-1) unstable; urgency=medium
* New upstream release.
- Additional fixes for addon signature validation.
-- Mike Hommey <email address hidden> Thu, 09 May 2019 05:14:54 +0900
firefox-esr (60.6.2esr-1) unstable; urgency=medium
* New upstream release.
- Fixes issues with addon signature validation. Closes: #928415, #928449.
Note: this didn't affect addons installed via Debian packages.
-- Mike Hommey <email address hidden> Sun, 05 May 2019 20:12:37 +0900
| Superseded in stretch-release |
firefox-esr (60.6.1esr-1~deb9u1) stretch-security; urgency=medium
* New upstream release.
* Fixes for mfsa2019-10, also known as:
CVE-2019-9810, CVE-2019-9813.
-- Mike Hommey <email address hidden> Sun, 24 Mar 2019 08:15:11 +0900
firefox-esr (60.6.1esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-10, also known as:
CVE-2019-9810, CVE-2019-9813.
-- Mike Hommey <email address hidden> Sun, 24 Mar 2019 08:15:11 +0900
| Superseded in sid-release |
firefox-esr (60.6.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-08, also known as:
CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793,
CVE-2019-9795, CVE-2019-9796, CVE-2018-18506, CVE-2019-9788.
* debian/rules: Disable debug symbols on mips/mipsel on buster.
The rust compiler can't deal with them in the available address space.
* debian/browser.mozconfig.in: Adjust to the upstream change wrt Google
API key configure options.
-- Mike Hommey <email address hidden> Wed, 20 Mar 2019 10:18:56 +0900
firefox-esr (60.5.0esr-1~deb9u1) stretch-security; urgency=medium
* New upstream release.
* Fixes for mfsa2019-02, also known as:
CVE-2018-18500, CVE-2018-18505, CVE-2018-18501.
-- Mike Hommey <email address hidden> Wed, 30 Jan 2019 09:53:01 +0900
firefox-esr (60.5.1esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-05, also known as:
CVE-2018-18356, CVE-2019-5785.
* debian/rules, debian/upstream.mk: Manually set the update channel.
Closes: #921381, #921121, #921654.
* debian/rules: Disable ion JIT on mips and mipsel. This should fix the
FTBFS.
-- Mike Hommey <email address hidden> Thu, 14 Feb 2019 18:35:06 +0900
firefox-esr (60.5.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2019-02, also known as:
CVE-2018-18500, CVE-2018-18505, CVE-2018-18501.
-- Mike Hommey <email address hidden> Wed, 30 Jan 2019 09:53:01 +0900
firefox-esr (60.4.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-30, also known as:
CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494,
CVE-2018-18498, CVE-2018-12405.
-- Mike Hommey <email address hidden> Wed, 12 Dec 2018 08:29:04 +0900
| Superseded in sid-release |
firefox-esr (60.3.0esr-3) unstable; urgency=medium
* debian/browser.install.in, debian/rules: Properly copy the watermark to
/usr/share/icons/hicolor/symbolic/apps.
* debian/rules: Pass compiler and compiler flags environment variables
down to ICU configure. That will make it use GCC instead of defaulting
to clang now it's in PATH, avoiding the failing to build the ICU data
file on big endian platforms because clang doesn't know some of the GCC
flags it somehow got from the environment.
-- Mike Hommey <email address hidden> Wed, 28 Nov 2018 14:28:56 +0900
| Superseded in sid-release |
firefox-esr (60.3.0esr-2) unstable; urgency=medium
* debian/control*: Build depend on unversioned clang/llvm.
Closes: #912804.
* debian/rules: Use embedded libevent in backports. Closes: #910397.
* build/unix/elfhack/test.c: Try to ensure the bss section of the
elfhack testcase stays large enough. bz#1505608.
* memory/build/mozjemalloc.cpp: Fix run sizes for size classes >= 16KB
on systems with large pages. bz#1507035. Closes: #911898.
-- Mike Hommey <email address hidden> Mon, 26 Nov 2018 10:42:42 +0900
firefox-esr (60.3.0esr-1~deb9u1) stretch-security; urgency=medium
* New upstream release.
* Fixes for mfsa2018-27, also known as:
CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396,
CVE-2018-12397, CVE-2018-12389, CVE-2018-12390.
* debian/rules: Work around armel FTBFS from conflicting __sync_* symbols
between libgcc and rust's compiler_builtins.
-- Mike Hommey <email address hidden> Wed, 24 Oct 2018 07:17:22 +0900
firefox-esr (60.3.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-27, also known as:
CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396,
CVE-2018-12397, CVE-2018-12389, CVE-2018-12390.
* debian/rules: Work around armel FTBFS from conflicting __sync_* symbols
between libgcc and rust's compiler_builtins.
-- Mike Hommey <email address hidden> Wed, 24 Oct 2018 07:08:43 +0900
| Superseded in sid-release |
firefox-esr (60.2.2esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-24, also known as:
CVE-2018-12386, CVE-2018-12387.
* debian/extra-stuff/addonsInfo.js: Fixes to work with recent versions
of Firefox. Closes: #909056.
* debian/control*, debian/browser.mozconfig.in: Build ALSA support.
Closes: #864987, #900062, #908349
-- Mike Hommey <email address hidden> Wed, 03 Oct 2018 07:28:38 +0900
| Superseded in sid-release |
firefox-esr (60.2.1esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-23, also known as:
CVE-2018-12385, CVE-2018-12383.
* debian/control*:
- Remove the sqlite and nss dependencies when not building against the
system libraries.
- Enforce nss, nspr and sqlite dependencies to the same versions as
build dependencies. There are subtle non-ABI differences between
versions that Firefox might be relying on (be it features, behavior
changes/fixes, etc.) and can cause subtle problems when older
versions are used.
- Add a suggestion for pulseaudio.
* debian/rules, debian/control: Add libavcodec-extra* packages to the list
of recommends. Closes: #909130
* js/src/jit/BaselineJIT.h: Disable baseline JIT when SSE2 is not supported
at runtime. bz#1492064. Closes: #908396, #908449.
* gfx/2d/Swizzle.cpp: Use Swizzle fallback when SSE2 is not supported.
bz#1492065. Closes: #877445.
-- Mike Hommey <email address hidden> Sat, 22 Sep 2018 08:10:27 +0900
| Superseded in sid-release |
firefox-esr (60.2.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-21, also known as:
CVE-2018-12377, CVE-2018-12378, CVE-2018-12376.
* debian/l10n/gen: Use iso-codes json data instead of XML when present.
Closes: #907611.
* widget/gtk/nsAppShell.cpp: Use remoting name for call to
gdk_set_program_class. Closes: #907574.
-- Mike Hommey <email address hidden> Thu, 06 Sep 2018 06:18:15 +0900
| Superseded in sid-release |
firefox-esr (60.1.0esr-3) unstable; urgency=medium
* debian/control*:
- Build depend on llvm/clang 6.0 for buster. Closes: #906174.
- Bump NSS build dependency to 3.36.4. Closes: #902573.
* gfx/skia/skia/include/core/SkColorPriv.h,
gfx/skia/skia/include/core/SkImageInfo.h,
gfx/skia/skia/include/gpu/GrTypes.h,
gfx/skia/skia/src/core/SkColorData.h: fix big-endian Skia builds.
bz#1144632.
-- Mike Hommey <email address hidden> Sat, 18 Aug 2018 08:30:36 +0900
| Superseded in sid-release |
firefox-esr (60.1.0esr-2) unstable; urgency=medium
* Upload to unstable.
* debian/upstream.mk: Use the same logic for betas as for releases to find
the source.
* debian/browser.links.in, debian/rules, debian/vendor.js: Use the
spellchecker.dictionary_path pref to set the hunspell directory.
* debian/browser.mozconfig.in: Allow unsigned addons in app and system
scopes.
* debian/rules: Work around the effect the above has on the
--{enable,with}-system-* check.
* debian/vendor.js: Remove extensions.unsignedScopes. The patch that added
the pref was changed to use a configure flag instead.
* debian/control*: Remove old conflicts. Thanks Sylvestre Ledru.
Closes: #882956.
* debian/l10n/recommends, debian/l10n/browser-l10n.control,
debian/control: Update dictionary recommendations, following these rules:
- Transitional myspell packages are not listed except when stable
doesn't have the corresponding hunspell package.
- Both hunspell and myspell packages are listed if they are different.
Closes: #813832, #825843
* debian/copyright, debian/rules: Refer to /usr/share/common-licenses/MPL*
instead of installing our own copy. Closes: #704303.
* debian/make.mk: Use the same code as dump target for the dump-% target.
* debian/control*, debian/rules: Add Recommends on all supported libavcodec
libraries for h264 playback. Closes: #901600.
* js/src/jit/mips-shared/MacroAssembler-mips-shared.cpp: Stubout
MacroAssembler::speculationBarrier. bz#1444834
* toolkit/modules/AppConstants.jsm, toolkit/modules/moz.build,
toolkit/moz.configure, toolkit/mozapps/extensions/internal/XPIInstall.jsm,
toolkit/mozapps/extensions/content/extensions.js,
toolkit/mozapps/extensions/internal/XPIDatabase.jsm: Change how addon
signature requirement relaxation is done. Closes: #899390.
-- Mike Hommey <email address hidden> Sun, 12 Aug 2018 13:43:20 +0900
| Superseded in stretch-release |
firefox-esr (52.9.0esr-1~deb9u1) stretch-security; urgency=medium
* New upstream release.
* Fixes for mfsa2018-17, also known as:
CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-5156,
CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366,
CVE-2018-12368, CVE-2018-5188.
* intl/icu_sources_data.py: Add --disable-layoutex when running ICU
configure. bz#1462859.
-- Mike Hommey <email address hidden> Wed, 27 Jun 2018 07:33:25 +0900
| Deleted in experimental-release (Reason: None provided.) |
firefox-esr (60.1.0esr-1) experimental; urgency=medium
* New upstream release.
* Fixes for mfsa2018-16, also known as:
CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362,
CVE-2018-5156, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365,
CVE-2018-12371, CVE-2018-12366, CVE-2018-12367, CVE-2018-12369,
CVE-2018-5187, CVE-2018-5188.
* debian/vendor.js: Relax the addon signature requirements.
* build/unix/elfhack/elfhack.cpp, build/unix/elfhack/inject.c,
build/unix/elfhack/test.c: Use run-time page size when changing mapping
permissions in elfhack injected code. bz#1470701. Closes: #902231.
* toolkit/mozapps/extensions/content/extensions.js,
toolkit/mozapps/extensions/internal/XPIDatabase.jsm: Allow to relax the
addon signature requirements.
-- Mike Hommey <email address hidden> Wed, 27 Jun 2018 10:15:42 +0900
firefox-esr (52.9.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-17, also known as:
CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-5156,
CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366,
CVE-2018-12368, CVE-2018-5188.
-- Mike Hommey <email address hidden> Wed, 27 Jun 2018 07:33:25 +0900
| Published in jessie-release |
firefox-esr (52.8.1esr-1~deb8u1) jessie-security; urgency=medium
* New upstream release.
* Fixes for mfsa2018-14, also known as CVE-2018-6126.
* debian/control*: Update Maintainer and Vcs fields, moving off alioth.
Closes: #899509
-- Mike Hommey <email address hidden> Fri, 08 Jun 2018 16:38:21 +0900
firefox-esr (52.8.1esr-2) unstable; urgency=medium
* intl/icu_sources_data.py: Add --disable-layoutex when running ICU
configure. bz#1462859.
-- Mike Hommey <email address hidden> Fri, 08 Jun 2018 23:28:03 +0900
| Superseded in sid-release |
firefox-esr (52.8.1esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-14, also known as CVE-2018-6126.
* debian/control*: Update Maintainer and Vcs fields, moving off alioth.
Closes: #899509
-- Mike Hommey <email address hidden> Fri, 08 Jun 2018 16:38:21 +0900
| Superseded in experimental-release |
firefox-esr (60.0.2esr-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2018-14, also known as CVE-2018-6126. * debian/browser.NEWS.in: Adjust to show the ESR version. -- Mike Hommey <email address hidden> Fri, 08 Jun 2018 17:49:37 +0900
| Superseded in experimental-release |
firefox-esr (60.0.1esr-2) experimental; urgency=medium
* third_party/rust/libc/.cargo-checksum.json,
third_party/rust/libc/src/unix/notbsd/linux/mod.rs,
third_party/rust/libc/src/unix/notbsd/linux/musl/mod.rs,
third_party/rust/libc/src/unix/notbsd/linux/other/mod.rs,
third_party/rust/libc/src/unix/notbsd/linux/s390x.rs: Apply upstream patch
to add struct ucred for Linux on MIPS.
* gfx/skia/skia/src/jumper/SkJumper_stages.cpp: Fix Skia build on arm64
linux with GCC. bz#1462868.
* intl/icu_sources_data.py: Add --disable-layoutex when running ICU
configure. bz#1462859.
* media/webrtc/trunk/gtest/moz.build: Link chromium_atomics to webrtc tests.
bz#1462873.
* media/webrtc/trunk/moz.build: Only build webrtc neon on aarch64.
* browser/locales/Makefile.in,
python/mozbuild/mozbuild/action/langpack_manifest.py,
python/mozbuild/mozbuild/test/action/test_langpack_manifest.py,
toolkit/locales/l10n.mk: Use MOZ_LANGPACK_EID in langpacks manifest.json.
bz#1455100. Closes: #899160.
* dom/media/webaudio/blink/DenormalDisabler.h: Avoid using vmrs/vmsr on
armel.
* mfbt/LinuxSignal.h, mfbt/moz.build,
tools/profiler/core/platform-linux-android.cpp: Remove
MOZ_SIGNAL_TRAMPOLINE. bz#1463035.
* build/autoconf/arch.m4: Add -mfloat-abi=softfp to NEON_FLAGS when it makes
sense. bz#1463036.
* xpcom/string/moz.build: Use HAVE_ARM_NEON instead of BUILD_ARM_NEON for
nsUTF8UtilsNEON.cpp. bz#1463036.
-- Mike Hommey <email address hidden> Tue, 22 May 2018 10:05:55 +0900
| Superseded in experimental-release |
firefox-esr (60.0.1esr-1) experimental; urgency=medium
* New upstream release.
* debian/browser.links.in: Remove /usr/lib/*/browser/icons symlink, leftover
after the removal of /usr/share/*/browser/icons. Closes: #893323.
* debian/control*: Remove mozplugger suggestion. Closes: #888396.
* debian/browser.install.in, debian/browser.mozconfig.in, debian/control.in,
debian/rules: Remove the option to build against gtk+2, it is not
supported anymore.
* debian/control*, debian/rules: Avoid hard dependency on libgtk2.0-0.
Closes: #885144.
* media/webrtc/trunk/moz.build: Attempt to fix building webrtc on non-x86.
* js/src/jit/mips-shared/LIR-mips-shared.h, js/src/jit/mips32/LIR-mips32.h,
js/src/jit/mips64/LIR-mips64.h: Fix FTBFS on mips*. bz#1444303.
-- Mike Hommey <email address hidden> Sat, 19 May 2018 07:25:23 +0900
| Superseded in experimental-release |
firefox-esr (60.0esr-1) experimental; urgency=medium
* New upstream release.
* Fixes for mfsa2018-11, also known as
CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158,
CVE-2018-5159, CVE-2018-5160, CVE-2018-5152, CVE-2018-5153,
CVE-2018-5163, CVE-2018-5164, CVE-2018-5166, CVE-2018-5167,
CVE-2018-5168, CVE-2018-5169, CVE-2018-5172, CVE-2018-5173,
CVE-2018-5175, CVE-2018-5176, CVE-2018-5177, CVE-2018-5165,
CVE-2018-5180, CVE-2018-5181, CVE-2018-5182, CVE-2018-5151,
CVE-2018-5150.
* debian/control*:
- Bump nspr, nss, sqlite, rustc and cargo build dependencies.
- Update Maintainer and Vcs fields, moving off alioth.
* debian/browser.js.in, debian/vendor.js: Use the new syntax for
locked and sticky prefs.
* debian/browser.NEWS.in: Add a NEWS about the deprecation of lockPref.
* debian/rules: Automatically find the ICU data file name.
* debian/browser.mozconfig.in: Revert workaround for bz#1341234.
* debian/browser.install.in, debian/rules: Don't install the ICU data
file, it's linked as a data section in libxul.
* debian/control, debian/rules: Remove iceweasel transitional packages
in non-backports.
* modules/libpref/parser/src/lib.rs: Adapt to upstream changes to
keep supporting lockPref() for transition purposes, now that upstream
has locked prefs out of the box.
-- Mike Hommey <email address hidden> Thu, 10 May 2018 09:36:46 +0900
firefox-esr (52.8.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-12, also known as
CVE-2018-5183, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157,
CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178,
CVE-2018-5150.
-- Mike Hommey <email address hidden> Thu, 10 May 2018 08:30:12 +0900
firefox-esr (52.7.3esr-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-10, also known as CVE-2018-5148. -- Mike Hommey <email address hidden> Tue, 27 Mar 2018 08:03:45 +0900
| Superseded in sid-release |
firefox-esr (52.7.2esr-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-08, also known as CVE-2018-5146, CVE-2018-5147. -- Mike Hommey <email address hidden> Sat, 17 Mar 2018 07:26:52 +0900
| Superseded in sid-release |
firefox-esr (52.7.1esr-1) unstable; urgency=medium
* New upstream release.
- Fixes search engines in Italian locale.
-- Mike Hommey <email address hidden> Thu, 15 Mar 2018 08:29:27 +0900
| Superseded in sid-release |
firefox-esr (52.7.0esr-1) unstable; urgency=medium
* New upstream release.
* Fixes for mfsa2018-07, also known as
CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131,
CVE-2018-5144, CVE-2018-5125, CVE-2018-5145.
-- Mike Hommey <email address hidden> Wed, 14 Mar 2018 07:11:34 +0900
| Superseded in stretch-release |
firefox-esr (52.6.0esr-1~deb9u1) stretch-security; urgency=medium
* New upstream release.
* Fixes for mfsa2018-03, also known as
CVE-2018-5091, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097,
CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103,
CVE-2018-5104, CVE-2018-5117, CVE-2018-5089.
-- Mike Hommey <email address hidden> Wed, 24 Jan 2018 06:51:46 +0900
firefox-esr (52.6.0esr-2) unstable; urgency=medium
* intl/icu/source/i18n/digitlst.cpp: Apply part of
http://bugs.icu-project.org/trac/changeset/40603 to fix FTBFS with glibc
2.26 on big endian platforms.
-- Mike Hommey <email address hidden> Wed, 24 Jan 2018 17:48:36 +0900
| 76 → 150 of 189 results | First • Previous • Next • Last |
