From fdc2c9abd97398fb0e68c1e6b722f41fa4e15eb0 Mon Sep 17 00:00:00 2001
From: yangcheng1203 <yc02267530@alibaba-inc.com>
Date: Thu, 19 Jun 2025 19:37:12 +0800
Subject: [PATCH] Update to 128.11.0 to fix CVE-2025-4918 and CVE-2025-5283

---
 download     | 4 ++--
 firefox.spec | 9 ++++++---
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/download b/download
index d44b304..cbd055e 100644
--- a/download
+++ b/download
@@ -1,4 +1,4 @@
-b0b79222aca166e362e9851805c9ba90  firefox-128.10.1esr.source.tar.xz
-247eadef646581ed920d5a6da4a7bc93  firefox-langpacks-128.10.1esr-20250519.tar.xz
+0c47aafa4d9bf5cd13617343335913b8  firefox-128.11.0esr.source.tar.xz
+bb3aec0b2ceb191de3963bdc50edf0e4  firefox-langpacks-128.11.0esr-20250521.tar.xz
 fc25f988b87b5187d4e2f006efa699a3  cbindgen-vendor.tar.xz
 b3c1d2ea615cb0195f4f62b005773262  mochitest-python.tar.gz
diff --git a/firefox.spec b/firefox.spec
index 314147e..97df57d 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -1,4 +1,4 @@
-%define anolis_release 2
+%define anolis_release 1
 %define homepage %(grep '^HOME_URL\s*=' /etc/os-release | sed 's/^HOME_URL\s*=//;s/^\s*"//;s/"\s*$//')
 
 # Produce debug (non-optimized) package build. Suitable for debugging only
@@ -60,7 +60,7 @@
 
 Summary:        Mozilla Firefox Web browser
 Name:           firefox
-Version:        128.10.1
+Version:        128.11.0
 Release:        %{anolis_release}%{?dist}
 URL:            https://www.mozilla.org/firefox/
 License:        MPLv1.1 or GPLv2+ or LGPLv2+
@@ -72,7 +72,7 @@ License:        MPLv1.1 or GPLv2+ or LGPLv2+
 # Link to original tarball: https://archive.mozilla.org/pub/firefox/releases/%%{version}%%{?pre_version}/source/firefox-%%{version}%%{?pre_version}.source.tar.xz
 Source0:        https://ftp.mozilla.org/pub/firefox/releases/%{version}esr/source/firefox-%{version}esr.source.tar.xz
 %if %{with langpacks}
-Source1:        firefox-langpacks-%{version}%{?pre_version}-20250519.tar.xz
+Source1:        firefox-langpacks-%{version}%{?pre_version}-20250521.tar.xz
 %endif
 Source2:        cbindgen-vendor.tar.xz
 Source3:        process-official-tarball
@@ -1575,6 +1575,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 
 #---------------------------------------------------------------------
 %changelog
+* Thu Jun 19 2025 Cheng Yang <yc02267530@alibaba-inc.com> - 128.11.0-1
+- Update to 128.11.0 to fix CVE-2025-4918 and CVE-2025-5283
+
 * Mon May 26 2025 Cheng Yang <yc02267530@alibaba-inc.com> - 128.10.1-1
 - Update to 128.10.1 to fix CVE-2025-4919
 
-- 
Gitee