Packages changed:
  MozillaFirefox (60.5.1 -> 60.6.1)
  xfce4-session

=== Details ===

==== MozillaFirefox ====
Version update (60.5.1 -> 60.6.1)
Subpackages: MozillaFirefox-translations-common MozillaFirefox-translations-other

- Mozilla Firefox 60.6.1esr
  MFSA 2019-10 (bsc#1130262)
  * CVE-2019-9810 (bmo#1537924)
    IonMonkey MArraySlice has incorrect alias information
  * CVE-2019-9813 (bmo#1538006)
    Ionmonkey type confusion with __proto__ mutations
- Mozilla Firefox 60.6.0esr
  MFSA 2019-08 (bsc#1129821)
  * CVE-2019-9790 bmo#1525145
    Use-after-free when removing in-use DOM elements
  * CVE-2019-9791 bmo#1530958
    Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey
  * CVE-2019-9792 bmo#1532599
    IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
  * CVE-2019-9793 bmo#1528829
    Improper bounds checks when Spectre mitigations are disabled
  * CVE-2019-9794 bmo#1530103
    Command line arguments not discarded during execution
  * CVE-2019-9795 bmo#1514682
    Type-confusion in IonMonkey JIT compiler
  * CVE-2019-9796 bmo#1531277
    Use-after-free with SMIL animation controller
  * CVE-2018-18506 bmo#1503393
    Proxy Auto-Configuration file can define localhost access to be proxied
  * CVE-2019-9788 bmo#1518001 bmo#1521304 bmo#1521214 bmo#1506665 bmo#1516834
    bmo#1518774 bmo#1524755 bmo#1523362 bmo#1524214 bmo#1529203
    Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6
- Mozilla Firefox 60.5.2esr:
  * Fix a frequent crash when reading various Reuters news articles
    (bmo#1505844)

==== xfce4-session ====
Subpackages: libxfsm-4_6-0 xfce4-session-lang

- Remove a hunk from xinitrd. Upstream already sets
  XDG_CURRENT_DESKTOP with commit 4daf68eb
  xfce4-session-adapt-session-scripts.patch
- Use autosetup for simpler quilt setup
  refresh add-light-locker-support.patch