MozillaFirefox/firefox-esr.changes
author Wolfgang Rosenauer <wr@rosenauer.org>
Sun, 06 Jan 2013 18:34:20 +0100
branchesr10
changeset 597 09090b64646a
parent 580 16718027c329
permissions -rw-r--r--
10.0.12esr
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
597
09090b64646a 10.0.12esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 580
diff changeset
     1
-------------------------------------------------------------------
09090b64646a 10.0.12esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 580
diff changeset
     2
Fri Jan  4 20:57:58 UTC 2013 - wr@rosenauer.org
09090b64646a 10.0.12esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 580
diff changeset
     3
09090b64646a 10.0.12esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 580
diff changeset
     4
- update to Firefox 10.0.12esr (bnc#796895)
09090b64646a 10.0.12esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 580
diff changeset
     5
580
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
     6
-------------------------------------------------------------------
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
     7
Tue Nov 20 20:46:00 UTC 2012 - wr@rosenauer.org
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
     8
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
     9
- update to Firefox 10.0.11esr (bnc#790140)
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    10
  * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    11
    Miscellaneous memory safety hazards
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    12
  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    13
    Buffer overflow while rendering GIF images
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    14
  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    15
    evalInSanbox location context incorrectly applied
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    16
  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    17
    Improper security filtering for cross-origin wrappers
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    18
  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    19
    Improper character decoding in HZ-GB-2312 charset
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    20
  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    21
    Frames can shadow top.location
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    22
  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    23
    CSS and HTML injection through Style Inspector
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    24
  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    25
    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    26
    CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    27
    Use-after-free and buffer overflow issues found using Address
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    28
    Sanitizer
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    29
  * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    30
    Use-after-free, buffer overflow, and memory corruption issues
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    31
    found using Address Sanitizer
16718027c329 10.0.11esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 570
diff changeset
    32
570
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    33
-------------------------------------------------------------------
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    34
Thu Oct 25 05:46:38 UTC 2012 - wr@rosenauer.org
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    35
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    36
- update to Firefox 10.0.10esr (bnc#786522)
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    37
  * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    38
    (bmo#800666, bmo#793121, bmo#802557)
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    39
    Fixes for Location object issues
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    40
- added mozilla-sqlite-nfs.patch
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    41
  (add hidden boolean pref storage.nfs_filesystem to true if your
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    42
  home directoy resides on an NFS share to avoid corruption in
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    43
  sqlite databases)
bcc669f726e5 10.0.10esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 561
diff changeset
    44
561
9139b0467f6c 10.0.9esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 559
diff changeset
    45
-------------------------------------------------------------------
9139b0467f6c 10.0.9esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 559
diff changeset
    46
Fri Oct 12 09:46:12 UTC 2012 - wr@rosenauer.org
9139b0467f6c 10.0.9esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 559
diff changeset
    47
9139b0467f6c 10.0.9esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 559
diff changeset
    48
- update to Firefox 10.0.9esr (bnc#783533)
9139b0467f6c 10.0.9esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 559
diff changeset
    49
  * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
9139b0467f6c 10.0.9esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 559
diff changeset
    50
    defaultValue security checks not applied
9139b0467f6c 10.0.9esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 559
diff changeset
    51
549
eed5124a1ab3 10.0.8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 532
diff changeset
    52
-------------------------------------------------------------------
eed5124a1ab3 10.0.8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 532
diff changeset
    53
Sat Oct  6 22:06:43 UTC 2012 - wr@rosenauer.org
eed5124a1ab3 10.0.8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 532
diff changeset
    54
eed5124a1ab3 10.0.8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 532
diff changeset
    55
- update to Firefox 10.0.8esr (bnc#783533)
559
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    56
  * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    57
    Location object can be shadowed using Object.defineProperty
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    58
  * MFSA 2012-74/CVE-2012-3982
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    59
    Miscellaneous memory safety hazards
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    60
  * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    61
    Some DOMWindowUtils methods bypass security checks
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    62
  * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    63
    DOS and crash with full screen and history navigation
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    64
  * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    65
    GetProperty function can bypass security checks
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    66
  * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    67
    top object and location property accessible by plugins
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    68
  * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    69
    Chrome Object Wrapper (COW) does not disallow acces to privileged
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    70
    functions or properties
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    71
  * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    72
    Spoofing and script injection through location.hash
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    73
  * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    74
    CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    75
    Use-after-free, buffer overflow, and out of bounds read issues
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    76
    found using Address Sanitizer
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    77
  * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    78
    CVE-2012-4188
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    79
    Heap memory corruption issues found using Address Sanitizer
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    80
  * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
701357e7b6e1 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 549
diff changeset
    81
    Use-after-free in the IME State Manager
549
eed5124a1ab3 10.0.8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 532
diff changeset
    82
532
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    83
-------------------------------------------------------------------
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    84
Sun Aug 26 13:56:19 UTC 2012 - wr@rosenauer.org
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    85
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    86
- update to Firefox 10.0.7esr (bnc#777588)
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    87
  * MFSA 2012-57/CVE-2012-1970
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    88
    Miscellaneous memory safety hazards
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    89
  * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    90
    CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    91
    CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    92
    Use-after-free issues found using Address Sanitizer
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    93
  * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    94
    Memory corruption with bitmap format images with negative height
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    95
  * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    96
    WebGL use-after-free and memory corruption
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    97
  * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    98
    SVG buffer overflow and use-after-free issues
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
    99
  * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   100
    Out-of-bounds read in format-number in XSLT
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   101
  * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   102
    Incorrect site SSL certificate data display
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   103
  * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   104
    Location object security checks bypassed by chrome code
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   105
  * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   106
    Web console eval capable of executing chrome-privileged code
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   107
- fixed gcc 4.7 related build errors
cde8c37e1592 10.0.7esr release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 499
diff changeset
   108
493
9fe1eb228610 10.0.6esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 459
diff changeset
   109
-------------------------------------------------------------------
9fe1eb228610 10.0.6esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 459
diff changeset
   110
Sat Jul 14 18:27:24 UTC 2012 - wr@rosenauer.org
9fe1eb228610 10.0.6esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 459
diff changeset
   111
499
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   112
- update to Firefox 10.0.6esr (bnc#771583)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   113
  * MFSA 2012-42/CVE-2012-1948
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   114
    Miscellaneous memory safety hazards
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   115
  * MFSA 2012-43/CVE-2012-1950
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   116
    Incorrect URL displayed in addressbar through drag and drop
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   117
  * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   118
    Gecko memory corruption
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   119
  * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   120
    Spoofing issue with location
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   121
  * MFSA 2012-46/CVE-2012-1966 (bmo#734076)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   122
    XSS through data: URLs
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   123
  * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   124
    Improper filtering of javascript in HTML feed-view
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   125
  * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   126
    use-after-free in nsGlobalWindow::PageHidden
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   127
  * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   128
    Same-compartment Security Wrappers can be bypassed
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   129
  * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   130
    X-Frame-Options header ignored when duplicated
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   131
  * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   132
    JSDependentString::undepend string conversion results in memory
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   133
    corruption
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   134
  * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   135
    Content Security Policy 1.0 implementation errors cause data
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   136
    leakage
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   137
  * MFSA 2012-54/CVE-2012-1964 (bmo#633691)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   138
    Clickjacking of certificate warning page
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   139
  * MFSA 2012-55/CVE-2012-1965 (bmo#758990)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   140
    feed: URLs with an innerURI inherit security context of page
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   141
  * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
f5a9af1c8605 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 493
diff changeset
   142
    Code execution through javascript: URLs
493
9fe1eb228610 10.0.6esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 459
diff changeset
   143
- require NSS 3.13.5
9fe1eb228610 10.0.6esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 459
diff changeset
   144
458
86d3e7b04f84 10.0.5esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 431
diff changeset
   145
-------------------------------------------------------------------
86d3e7b04f84 10.0.5esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 431
diff changeset
   146
Fri Jun  1 14:39:01 UTC 2012 - wr@rosenauer.org
86d3e7b04f84 10.0.5esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 431
diff changeset
   147
459
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   148
- update to Firefox 10.0.5esr (bnc#765204)
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   149
  * MFSA 2012-34/CVE-2012-1939/CVE-2012-1937/CVE-2011-3101
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   150
    Miscellaneous memory safety hazards
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   151
  * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   152
    Content Security Policy inline-script bypass
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   153
  * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   154
    Information disclosure though Windows file shares and shortcut
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   155
    files
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   156
  * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   157
    Use-after-free while replacing/inserting a node in a document
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   158
  * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   159
    Buffer overflow and use-after-free issues found using Address
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   160
    Sanitizer
458
86d3e7b04f84 10.0.5esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 431
diff changeset
   161
- require NSS 3.13.4
459
b5b1641a2795 10.0.5esr changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 458
diff changeset
   162
  * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
458
86d3e7b04f84 10.0.5esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 431
diff changeset
   163
429
3771f850eaa9 10.0.4esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 403
diff changeset
   164
-------------------------------------------------------------------
3771f850eaa9 10.0.4esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 403
diff changeset
   165
Sat Apr 21 11:54:44 UTC 2012 - wr@rosenauer.org
3771f850eaa9 10.0.4esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 403
diff changeset
   166
3771f850eaa9 10.0.4esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 403
diff changeset
   167
- update to Firefox 10.0.4esr (bnc#758408)
431
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   168
  * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   169
    Miscellaneous memory safety hazards
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   170
  * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   171
    use-after-free in IDBKeyRange
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   172
  * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   173
    Invalid frees causes heap corruption in gfxImageSurface
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   174
  * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   175
    Potential XSS via multibyte content processing errors
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   176
  * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   177
    Potential memory corruption during font rendering using cairo-dwrite
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   178
  * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   179
    WebGL.drawElements may read illegal video memory due to
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   180
    FindMaxUshortElement error
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   181
  * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   182
    Page load short-circuit can lead to XSS
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   183
  * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   184
    Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   185
  * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   186
    Crash with WebGL content using textImage2D
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   187
  * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   188
    Off-by-one error in OpenType Sanitizer
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   189
  * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
975b810e6b95 10.0.4 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 429
diff changeset
   190
    Potential site identity spoofing when loading RSS and Atom feeds
429
3771f850eaa9 10.0.4esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 403
diff changeset
   191
- this package replaces MozillaFirefox for distributions older
3771f850eaa9 10.0.4esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 403
diff changeset
   192
  than 11.3
3771f850eaa9 10.0.4esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 403
diff changeset
   193
396
c7b8a6aede34 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 393
diff changeset
   194
-------------------------------------------------------------------
403
86e36e15dcfb update to version 10.0.3 ESR
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 402
diff changeset
   195
Sun Mar  4 15:42:27 UTC 2012 - wr@rosenauer.org
86e36e15dcfb update to version 10.0.3 ESR
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 402
diff changeset
   196
86e36e15dcfb update to version 10.0.3 ESR
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 402
diff changeset
   197
- update to Firefox 10.0.3esr (bnc#750044)
86e36e15dcfb update to version 10.0.3 ESR
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 402
diff changeset
   198
  * added mozilla-system-nss.patch (bmo#710268)
86e36e15dcfb update to version 10.0.3 ESR
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 402
diff changeset
   199
- changed package name to firefox-esr
402
67e6342cfaaa Updated build requirements
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 396
diff changeset
   200
- require updated minimal NSPR and NSS versions
396
c7b8a6aede34 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 393
diff changeset
   201
- ported and reenabled KDE integration (bnc#746591)
402
67e6342cfaaa Updated build requirements
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 396
diff changeset
   202
- explicitely build-require X libs
396
c7b8a6aede34 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 393
diff changeset
   203
393
997d2e729a8c better plugin directory resolution (bnc#747320)
Petr Cerny <pcerny@suse.com>
parents: 388
diff changeset
   204
-------------------------------------------------------------------
997d2e729a8c better plugin directory resolution (bnc#747320)
Petr Cerny <pcerny@suse.com>
parents: 388
diff changeset
   205
Fri Feb 17 17:41:11 UTC 2012 - pcerny@suse.com
997d2e729a8c better plugin directory resolution (bnc#747320)
Petr Cerny <pcerny@suse.com>
parents: 388
diff changeset
   206
997d2e729a8c better plugin directory resolution (bnc#747320)
Petr Cerny <pcerny@suse.com>
parents: 388
diff changeset
   207
- better plugin directory resolution (bnc#747320)
997d2e729a8c better plugin directory resolution (bnc#747320)
Petr Cerny <pcerny@suse.com>
parents: 388
diff changeset
   208
388
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 384
diff changeset
   209
-------------------------------------------------------------------
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 384
diff changeset
   210
Thu Feb 16 08:47:31 UTC 2012 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 384
diff changeset
   211
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 384
diff changeset
   212
- update to Firefox 10.0.2 (bnc#747328)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 384
diff changeset
   213
  * CVE-2011-3026 (bmo#727401)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 384
diff changeset
   214
    libpng: integer overflow leading to heap-buffer overflow
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 384
diff changeset
   215
384
fa6644729e7f 10.0.1 with changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   216
-------------------------------------------------------------------
fa6644729e7f 10.0.1 with changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   217
Thu Feb  9 09:26:11 UTC 2012 - wr@rosenauer.org
fa6644729e7f 10.0.1 with changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   218
fa6644729e7f 10.0.1 with changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   219
- update to Firefox 10.0.1 (bnc#746616)
fa6644729e7f 10.0.1 with changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   220
  * MFSA 2012-10/CVE-2012-0452 (bmo#724284)
fa6644729e7f 10.0.1 with changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   221
    use after free in nsXBLDocumentInfo::ReadPrototypeBindings
fa6644729e7f 10.0.1 with changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   222
378
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   223
-------------------------------------------------------------------
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   224
Tue Feb  7 10:40:58 UTC 2012 - dvaleev@suse.com
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   225
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   226
- Use YARR interpreter instead of PCRE on platforms where YARR JIT
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   227
  is not supported, since PCRE doesnt build (bmo#691898)
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   228
- fix ppc64 build (bmo#703534)
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   229
373
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   230
-------------------------------------------------------------------
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   231
Mon Jan 30 09:41:59 UTC 2012 - wr@rosenauer.org
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   232
375
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   233
- update to Firefox 10.0 (bnc#744275)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   234
  * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   235
    Miscellaneous memory safety hazards
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   236
  * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   237
    <iframe> element exposed across domains via name attribute
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   238
  * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   239
    Child nodes from nsDOMAttribute still accessible after removal
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   240
    of nodes
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   241
  * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   242
    Frame scripts calling into untrusted objects bypass security
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   243
    checks
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   244
  * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   245
    Uninitialized memory appended when encoding icon images may
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   246
    cause information disclosure
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   247
  * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   248
    Potential Memory Corruption When Decoding Ogg Vorbis files
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   249
  * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   250
    Crash with malformed embedded XSLT stylesheets
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   251
- KDE integration has been disabled since it needs refactoring
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   252
- removed obsolete ppc64 patch
373
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   253
371
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   254
-------------------------------------------------------------------
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   255
Sun Jan 22 12:08:07 UTC 2012 - joop.boonen@opensuse.org
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   256
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   257
- Disable neon for arm as it doesn't build correctly
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   258
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   259
-------------------------------------------------------------------
366
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   260
Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   261
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   262
- update to Firefox 9.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   263
  * (strongparent) parentNode of element gets lost (bmo#335998)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   264
364
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   265
-------------------------------------------------------------------
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   266
Sun Dec 18 09:58:52 UTC 2011 - adrian@suse.de
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   267
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   268
- fix arm build, don't package crashreporter there
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   269
363
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   270
-------------------------------------------------------------------
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   271
Sun Dec 18 09:52:08 UTC 2011 - wr@rosenauer.org
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   272
364
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   273
- update to Firefox 9 (bnc#737533)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   274
  * MFSA 2011-53/CVE-2011-3660
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   275
    Miscellaneous memory safety hazards (rv:9.0)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   276
  * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   277
    Potentially exploitable crash in the YARR regular expression
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   278
    library
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   279
  * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   280
    nsSVGValue out-of-bounds access
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   281
  * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   282
    Key detection without JavaScript via SVG animation
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   283
  * MFSA 2011-58/VE-2011-3665 (bmo#701259)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   284
    Crash scaling <video> to extreme sizes
363
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   285
358
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   286
-------------------------------------------------------------------
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   287
Sun Nov 27 03:51:54 UTC 2011 - mgorse@suse.com
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   288
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   289
- Fix accessibility under GNOME 3 (bnc#732898)
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   290
355
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   291
-------------------------------------------------------------------
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   292
Sat Nov 12 15:16:38 UTC 2011 - dvaleev@suse.com
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   293
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   294
- fix ppc64 build
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   295
350
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   296
-------------------------------------------------------------------
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   297
Sun Nov  6 08:20:59 UTC 2011 - wr@rosenauer.org
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   298
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   299
- update to Firefox 8 (bnc#728520)
354
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   300
  * MFSA 2011-47/CVE-2011-3648 (bmo#690225)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   301
    Potential XSS against sites using Shift-JIS
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   302
  * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   303
    Miscellaneous memory safety hazards
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   304
  * MFSA 2011-49/CVE-2011-3650 (bmo#674776)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   305
    Memory corruption while profiling using Firebug
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   306
  * MFSA 2011-52/CVE-2011-3655 (bmo#672182)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   307
    Code execution via NoWaiverWrapper
350
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   308
- rebased patches
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   309
344
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   310
-------------------------------------------------------------------
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   311
Thu Oct 20 12:34:47 UTC 2011 - wr@rosenauer.org
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   312
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   313
- enable telemetry prompt
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   314
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   315
-------------------------------------------------------------------
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   316
Fri Sep 30 10:52:36 UTC 2011 - wr@rosenauer.org
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   317
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   318
- update to minor release 7.0.1
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   319
  * fixed staged addon updates
339
db8b891eeb1e locale should always match the system one in a package environment
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 337
diff changeset
   320
- set intl.locale.matchOS=true in the base package as it causes
db8b891eeb1e locale should always match the system one in a package environment
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 337
diff changeset
   321
  too much confusion when it's only available with branding-openSUSE
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   322
334
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   323
-------------------------------------------------------------------
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   324
Fri Sep 23 11:22:22 UTC 2011 - wr@rosenauer.org
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   325
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   326
- update to Firefox 7 (bnc#720264)
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   327
  including
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   328
  * Improve Responsiveness with Memory Reductions
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   329
  * Instant Sync
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   330
  * WebSocket protocol 8
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   331
  * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   332
    Miscellaneous memory safety hazards
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   333
  * MFSA 2011-39/CVE-2011-3000 (bmo#655389)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   334
    Defense against multiple Location headers due to CRLF Injection
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   335
  * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   336
    Code installation through holding down Enter
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   337
  * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   338
    Potentially exploitable WebGL crashes
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   339
  * MFSA 2011-42/CVE-2011-3232 (bmo#653672)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   340
    Potentially exploitable crash in the YARR regular expression
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   341
    library
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   342
  * MFSA 2011-43/CVE-2011-3004 (bmo#653926)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   343
    loadSubScript unwraps XPCNativeWrapper scope parameter
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   344
  * MFSA 2011-44/CVE-2011-3005 (bmo#675747)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   345
    Use after free reading OGG headers
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   346
  * MFSA 2011-45
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   347
    Inferring keystrokes from motion data
334
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   348
- removed obsolete mozilla-cairo-lcd.patch
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   349
- rebased patches
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   350
- removed XLIB_SKIP_ARGB_VISUALS=1 from environment in
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   351
  mozilla.sh.in (bnc#680758)
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   352
327
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   353
-------------------------------------------------------------------
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   354
Fri Sep 16 06:57:38 UTC 2011 - wr@rosenauer.org
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   355
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   356
- fixed loading of kde.js under KDE (bnc#718311)
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   357
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   358
-------------------------------------------------------------------
316
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   359
Wed Sep 14 07:02:04 UTC 2011 - wr@rosenauer.org
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   360
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   361
- add dbus-1-glib-devel to BuildRequires (not pulled in
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   362
  automatically anymore on 12.1)
316
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   363
- increase minversions for NSPR and NSS
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   364
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   365
-------------------------------------------------------------------
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   366
Fri Sep  9 20:44:15 UTC 2011 - wr@rosenauer.org
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   367
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   368
- recreated source archive to get correct source-stamp.txt
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   369
311
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   370
-------------------------------------------------------------------
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   371
Wed Sep  7 14:30:34 UTC 2011 - pcerny@suse.com
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   372
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   373
- security update to 6.0.2 (bnc#714931)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   374
  * Complete blocking of certificates issued by DigiNotar
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   375
    (bmo#683449)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   376
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   377
-------------------------------------------------------------------
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   378
Fri Sep  2 14:40:07 UTC 2011 - pcerny@suse.com
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   379
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   380
- security update to 6.0.1 (bnc#714931)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   381
  * MFSA 2011-34
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   382
    Protection against fraudulent DigiNotar certificates
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   383
    (bmo#682927)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   384
306
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   385
-------------------------------------------------------------------
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   386
Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   387
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   388
- update to 6.0 (bnc#712224)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   389
  included security fixes MFSA 2011-29
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   390
  * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   391
    Miscellaneous memory safety hazards
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   392
  * CVE-2011-2993 (bmo#657267)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   393
    Unsigned scripts can call script inside signed JAR
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   394
  * CVE-2011-2988 (bmo#665934)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   395
    Heap overflow in ANGLE library
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   396
  * CVE-2011-0084 (bmo#648094)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   397
    Crash in SVGTextElement.getCharNumAtPosition()
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   398
  * CVE-2011-2990
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   399
    Credential leakage using Content Security Policy reports
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   400
  * CVE-2011-2986 (bmo#655836)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   401
    Cross-origin data theft using canvas and Windows D2D
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   402
- removed obsolete curl header dependency (mozilla-curl.patch)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   403
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   404
-------------------------------------------------------------------
292
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   405
Fri Jul 22 13:34:12 UTC 2011 - wr@rosenauer.org
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   406
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   407
- update to 6.0b3
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   408
  * removed obsolete patches
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   409
    - firefox-shellservice.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   410
    - mozilla-gio.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   411
    - mozilla-ppc-ipc.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   412
    - firefox-linkorder.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   413
    - firefox-no-sync-l10n.patch
293
3fd4e37e5e52 fix symbolstore.py for linux3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 292
diff changeset
   414
- recognize linux3 as platform for symbolstore.py
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   415
288
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   416
-------------------------------------------------------------------
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   417
Fri Jul  1 19:53:18 CEST 2011 - vuntz@opensuse.org
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   418
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   419
- Add x-scheme-handler/ftp to the MimeType key in the .desktop, to
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   420
  let desktops know that Firefox can deal with ftp: URIs.
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   421
286
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   422
-------------------------------------------------------------------
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   423
Fri Jul  1 06:45:08 UTC 2011 - wr@rosenauer.org
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   424
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   425
- create upstream branding package again (supposedly empty)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   426
  (bnc#703401)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   427
- fix build on SLE11 (changes do not affect/are not applied for
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   428
  later versions)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   429
283
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   430
-------------------------------------------------------------------
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   431
Wed Jun 22 06:41:17 UTC 2011 - wr@rosenauer.org
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   432
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   433
- enable startup notification (bnc#701465)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   434
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   435
-------------------------------------------------------------------
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   436
Mon Jun 20 19:37:01 UTC 2011 - wr@rosenauer.org
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   437
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   438
- update to 5.0 final
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   439
- included fixes for security issues: (bnc#701296, bnc#700578)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   440
  * MFSA 2011-19/CVE-2011-2374 CVE-2011-2375
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   441
    Miscellaneous memory safety hazards
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   442
  * MFSA 2011-20/CVE-2011-2373 (bmo#617247)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   443
    Use-after-free vulnerability when viewing XUL document with
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   444
    script disabled
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   445
  * MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   446
    Memory corruption due to multipart/x-mixed-replace images
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   447
  * MFSA 2011-22/CVE-2011-2371 (bmo#664009)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   448
    Integer overflow and arbitrary code execution in
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   449
    Array.reduceRight()
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   450
  * MFSA 2011-25/CVE-2011-2366
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   451
    Stealing of cross-domain images using WebGL textures
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   452
  * MFSA 2011-26/CVE-2011-2367 CVE-2011-2368
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   453
    Multiple WebGL crashes
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   454
  * MFSA 2011-27/CVE-2011-2369 (bmo#650001)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   455
    XSS encoding hazard with inline SVG
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   456
  * MFSA 2011-28/CVE-2011-2370 (bmo#645699)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   457
    Non-whitelisted site can trigger xpinstall
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   458
279
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   459
-------------------------------------------------------------------
282
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   460
Mon Jun 20 09:17:42 UTC 2011 - wr@rosenauer.org
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   461
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   462
- update to 5.0b7
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   463
  * updated supported locales
282
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   464
- do not build dump_syms static (not needed for us)
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   465
  -> fix build for openSUSE 12.1 and above
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   466
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   467
-------------------------------------------------------------------
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   468
Wed Jun 15 14:59:32 UTC 2011 - wr@rosenauer.org
279
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   469
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   470
- update to 5.0b6
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   471
- include proper revision information into the build
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   472
- speedier find-external-requires.sh
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   473
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   474
-------------------------------------------------------------------
277
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   475
Tue May 31 06:53:55 UTC 2011 - wr@rosenauer.org
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   476
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   477
- update to 5.0b3
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   478
- transformed to standalone Firefox (not xulrunner based)
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   479
  (with new Firefox rapid release cycle it makes no sense anymore)
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   480
  * imported all relevant xulrunner patches
277
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   481
- do not compile in build timestamp
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   482
252
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   483
-------------------------------------------------------------------
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   484
Fri Apr 15 07:08:53 UTC 2011 - wr@rosenauer.org
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   485
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   486
- security update to 4.0.1 (bnc#689281)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   487
  * MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0079
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   488
    CVE-2011-0080 CVE-2011-0081
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   489
    Miscellaneous memory safety hazards
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   490
  * MFSA 2011-17/CVE-2011-0068 (bmo#623791)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   491
    WebGLES vulnerabilities
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   492
  * MFSA 2011-18/CVE-2011-1202 (bmo#640339)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   493
    XSLT generate-id() function heap address leak
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   494
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   495
-------------------------------------------------------------------
252
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   496
Wed Mar 30 11:24:36 UTC 2011 - wr@rosenauer.org
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   497
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   498
- add all available icon sizes
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   499
247
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   500
-------------------------------------------------------------------
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   501
Tue Mar 29 11:55:53 UTC 2011 - cfarrell@novell.com
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   502
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   503
- license update: MPLv1.1 or GPLv2+ or LGPLv2+
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   504
  Sync licenses with Fedora. MPL does not state ^or later^
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   505
236
a4f5954df3a3 update for 2.0/4.0rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 230
diff changeset
   506
-------------------------------------------------------------------
239
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   507
Fri Mar 18 08:49:15 UTC 2011 - wr@rosenauer.org
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   508
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   509
- update to version 4.0rc2
238
d537c4a65693 fixed rpm macros (bnc#679950)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 236
diff changeset
   510
- fixed rpm macros delivered with devel package (bnc#679950)
236
a4f5954df3a3 update for 2.0/4.0rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 230
diff changeset
   511
230
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   512
-------------------------------------------------------------------
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   513
Wed Feb 23 07:52:04 UTC 2011 - wr@rosenauer.org
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   514
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   515
- update to version 4.0b12
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   516
- rebased patches
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   517
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   518
-------------------------------------------------------------------
229
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   519
Fri Feb  4 09:32:50 UTC 2011 - wr@rosenauer.org
226
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   520
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   521
- update to version 4.0b11
229
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   522
  * loads of bugfixes compared to last beta
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   523
  * added "Do Not Track" option
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   524
- rebased patches
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   525
- disable testpilot
226
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   526
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   527
-------------------------------------------------------------------
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   528
Fri Jan 28 08:56:12 UTC 2011 - wr@rosenauer.org
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   529
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   530
- set correct desktop file name within KDE for 11.4 and up
225
5a7504b93699 Provide devel package with helper script and rpm macros for easier addon packaging. (patch submitted from Ludwig Nussel)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 223
diff changeset
   531
- add devel package with macros for extensions (from lnussel@suse.de)
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   532
221
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   533
-------------------------------------------------------------------
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   534
Sat Jan 22 22:21:52 UTC 2011 - wr@rosenauer.org
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   535
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   536
- update to version 4.0b10
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   537
- removed obsolete firefox-shell-bmo624267.patch
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   538
- testpilot moved to distribution/extensions
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   539
- updated locale provides and removed bn-IN from locales
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   540
210
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   541
-------------------------------------------------------------------
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   542
Tue Jan 11 06:13:40 UTC 2011 - wr@rosenauer.org
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   543
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   544
- update to version 4.0b9
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   545
- added x-scheme-handler for http and https to desktop file for
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   546
  newer Gnome environments
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   547
- fixed default browser check/set for GIO (bmo#611953)
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   548
  (mozilla-shellservice.patch)
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   549
- removed obsolete firefox-appname.patch (integrated into
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   550
  shellservice patch)
217
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   551
- renamed desktop file to firefox.desktop for 11.4 and newer
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   552
  (bnc#664211)
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   553
- removed support for 10.3 and older from the spec file
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   554
- removed obsolete "Ximian" categories from desktop file
210
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   555
207
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   556
-------------------------------------------------------------------
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   557
Mon Jan  3 17:35:46 CET 2011 - meissner@suse.de
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   558
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   559
- Mirror ac_add_options --disable-ipc from xulrunner for PowerPC.
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   560
203
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   561
-------------------------------------------------------------------
206
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   562
Wed Dec 15 07:49:45 UTC 2010 - wr@rosenauer.org
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   563
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   564
- update to version 4.0beta8
203
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   565
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   566
-------------------------------------------------------------------
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   567
Tue Nov 30 14:19:59 UTC 2010 - wr@rosenauer.org
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   568
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   569
- major update to version 4.0beta7
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   570
  * based on mozilla-xulrunner20
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   571
  * far too many internal changes to list
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   572
195
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   573
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   574
Wed Oct 27 07:12:14 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   575
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   576
- security update to 3.6.12 (bnc#649492)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   577
  * MFSA 2010-73/CVE-2010-3765 (bmo#607222)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   578
    Heap buffer overflow mixing document.write and DOM insertion
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   579
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   580
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   581
Wed Oct  6 07:13:52 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   582
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   583
- security update to 3.6.11 (bnc#645315)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   584
  * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   585
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   586
  * MFSA 2010-65/CVE-2010-3179 (bmo#583077)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   587
    Buffer overflow and memory corruption using document.write
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   588
  * MFSA 2010-66/CVE-2010-3180 (bmo#588929)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   589
    Use-after-free error in nsBarProp
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   590
  * MFSA 2010-67/CVE-2010-3183 (bmo#598669)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   591
    Dangling pointer vulnerability in LookupGetterOrSetter
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   592
  * MFSA 2010-68/CVE-2010-3177 (bmo#556734)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   593
    XSS in gopher parser when parsing hrefs
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   594
  * MFSA 2010-69/CVE-2010-3178 (bmo#576616)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   595
    Cross-site information disclosure via modal calls
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   596
  * MFSA 2010-70/CVE-2010-3170 (bmo#578697)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   597
    SSL wildcard certificate matching IP addresses
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   598
  * MFSA 2010-71/CVE-2010-3182 (bmo#590753)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   599
    Unsafe library loading vulnerabilities
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   600
  * MFSA 2010-72/CVE-2010-3173
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   601
    Insecure Diffie-Hellman key exchange
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   602
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   603
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   604
Wed Sep 15 07:39:22 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   605
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   606
- update to 3.6.10
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   607
  * fixing startup topcrash (bmo#594699)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   608
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   609
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   610
Thu Aug 26 07:40:28 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   611
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   612
- security update to 3.6.9 (bnc#637303)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   613
  * MFSA 2010-49/CVE-2010-3169
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   614
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   615
  * MFSA 2010-50/CVE-2010-2765 (bmo#576447)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   616
    Frameset integer overflow vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   617
  * MFSA 2010-51/CVE-2010-2767 (bmo#584512)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   618
    Dangling pointer vulnerability using DOM plugin array
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   619
  * MFSA 2010-53/CVE-2010-3166 (bmo#579655)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   620
    Heap buffer overflow in nsTextFrameUtils::TransformText
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   621
  * MFSA 2010-54/CVE-2010-2760 (bmo#585815)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   622
    Dangling pointer vulnerability in nsTreeSelection
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   623
  * MFSA 2010-55/CVE-2010-3168 (bmo#576075)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   624
    XUL tree removal crash and remote code execution
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   625
  * MFSA 2010-56/CVE-2010-3167 (bmo#576070)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   626
    Dangling pointer vulnerability in nsTreeContentView
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   627
  * MFSA 2010-57/CVE-2010-2766 (bmo#580445)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   628
    Crash and remote code execution in normalizeDocument
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   629
  * MFSA 2010-59/CVE-2010-2762 (bmo#584180)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   630
    SJOW creates scope chains ending in outer object
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   631
  * MFSA 2010-61/CVE-2010-2768 (bmo#579744)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   632
    UTF-7 XSS by overriding document charset using <object> type
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   633
    attribute
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   634
  * MFSA 2010-62/CVE-2010-2769 (bmo#520189)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   635
    Copy-and-paste or drag-and-drop into designMode document allows
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   636
    XSS
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   637
  * MFSA 2010-63/CVE-2010-2764 (bmo#552090)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   638
    Information leak via XMLHttpRequest statusText
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   639
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   640
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   641
Wed Jul 28 08:33:14 CEST 2010 - meissner@suse.de
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   642
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   643
- disable crash reporter for non x86/x86_64 to make it build.
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   644
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   645
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   646
Sat Jul 24 12:42:58 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   647
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   648
- security update to 3.6.8 (bnc#622506)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   649
  * MFSA 2010-48/CVE-2010-2755 (bmo#575836)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   650
    Dangling pointer crash regression from plugin parameter array
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   651
    fix
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   652
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   653
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   654
Fri Jul 16 06:48:44 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   655
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   656
- security update to 3.6.7 (bnc#622506)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   657
  * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   658
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   659
  * MFSA 2010-35/CVE-2010-1208 (bmo#572986)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   660
    DOM attribute cloning remote code execution vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   661
  * MFSA 2010-36/CVE-2010-1209 (bmo#552110)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   662
    Use-after-free error in NodeIterator
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   663
  * MFSA 2010-37/CVE-2010-1214 (bmo#572985)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   664
    Plugin parameter EnsureCachedAttrParamArrays remote code
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   665
    execution vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   666
  * MFSA 2010-38/CVE-2010-1215 (bmo#567069)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   667
    Arbitrary code execution using SJOW and fast native function
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   668
  * MFSA 2010-39/CVE-2010-2752 (bmo#574059)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   669
    nsCSSValue::Array index integer overflow
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   670
  * MFSA 2010-40/CVE-2010-2753 (bmo#571106)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   671
    nsTreeSelection dangling pointer remote code execution
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   672
    vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   673
  * MFSA 2010-41/CVE-2010-1205 (bmo#570451)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   674
    Remote code execution using malformed PNG image
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   675
  * MFSA 2010-42/CVE-2010-1213 (bmo#568148)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   676
    Cross-origin data disclosure via Web Workers and importScripts
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   677
  * MFSA 2010-43/CVE-2010-1207 (bmo#571287)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   678
    Same-origin bypass using canvas context
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   679
  * MFSA 2010-44/CVE-2010-1210 (bmo#564679)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   680
    Characters mapped to U+FFFD in 8 bit encodings cause subsequent
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   681
    character to vanish
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   682
  * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   683
    Multiple location bar spoofing vulnerabilities
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   684
  * MFSA 2010-46/CVE-2010-0654 (bmo#524223)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   685
    Cross-domain data theft using CSS
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   686
  * MFSA 2010-47/CVE-2010-2754 (bmo#568564)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   687
    Cross-origin data leakage from script filename in error messages
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   688
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   689
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   690
Sun Jun 27 20:24:31 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   691
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   692
- update to 3.6.6 release
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   693
  * modifies the crash protection feature to increase the amount 
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   694
    of time that plugins are allowed to be non-responsive before 
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   695
    being terminated.
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   696
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   697
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   698
Wed Jun 23 14:40:35 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   699
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   700
- update to final 3.6.4 release (bnc#603356)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   701
  * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   702
    CVE-2010-1203
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   703
    Crashes with evidence of memory corruption (rv:1.9.2.4)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   704
  * MFSA 2010-28/CVE-2010-1198 (bmo#532246)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   705
    Freed object reuse across plugin instances
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   706
  * MFSA 2010-29/CVE-2010-1196 (bmo#534666)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   707
    Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   708
  * MFSA 2010-30/CVE-2010-1199 (bmo#554255)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   709
    Integer Overflow in XSLT Node Sorting
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   710
  * MFSA 2010-31/CVE-2010-1125 (bmo#552255)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   711
    focus() behavior can be used to inject or steal keystrokes
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   712
  * MFSA 2010-32/CVE-2010-1197 (bmo#537120)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   713
    Content-Disposition: attachment ignored if
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   714
    Content-Type: multipart also present
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   715
  * MFSA 2010-33/CVE-2008-5913 (bmo#475585)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   716
    User tracking across sites using Math.random()
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   717
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   718
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   719
Mon Jun  7 07:07:33 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   720
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   721
- update to 3.6.4(build6)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   722
64
7bb1edb78dd5 Update to 1.9.2.4/3.6.4pre to prepare the bigger Lorentz merge
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 63
diff changeset
   723
-------------------------------------------------------------------
67
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   724
Sun Apr 18 09:42:40 CEST 2010 - wr@rosenauer.org
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   725
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   726
- security update to 3.6.4 (Lorentz)
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   727
  * enable crashreporter also for x86-64
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   728
  * Flash runs in a separate process to avoid crashing Firefox
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   729
    (ix86 only; x86-64 still uses nspluginwrapper)
64
7bb1edb78dd5 Update to 1.9.2.4/3.6.4pre to prepare the bigger Lorentz merge
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 63
diff changeset
   730
63
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   731
-------------------------------------------------------------------
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   732
Thu Apr  1 11:15:38 UTC 2010 - wr@rosenauer.org
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   733
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   734
- security update to 3.6.3
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   735
  * MFSA 2010-25/CVE-2010-1121 (bmo#555109)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   736
    Re-use of freed object due to scope confusion
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   737
59
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   738
-------------------------------------------------------------------
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   739
Thu Mar 18 06:43:33 CET 2010 - wr@rosenauer.org
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   740
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   741
- security update to version 3.6.2 (bnc#586567)
63
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   742
  * MFSA 2010-08/CVE-2010-1028
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   743
    WOFF heap corruption due to integer overflow
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   744
  * MFSA 2010-09/CVE-2010-0164 (bmo#547143)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   745
    Deleted frame reuse in multipart/x-mixed-replace image
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   746
  * MFSA 2010-10/CVE-2010-0170 (bmo#541530)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   747
    XSS via plugins and unprotected Location object
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   748
  * MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   749
    Crashes with evidence of memory corruption
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   750
  * MFSA 2010-12/CVE-2010-0171 (bmo#531364)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   751
    XSS using addEventListener and setTimeout on a wrapped object
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   752
  * MFSA 2010-13/CVE-2010-0168 (bmo#540642)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   753
    Content policy bypass with image preloading
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   754
  * MFSA 2010-14/CVE-2010-0169 (bmo#535806)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   755
    Browser chrome defacement via cached XUL stylesheets
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   756
  * MFSA 2010-15/CVE-2010-0172 (bmo#537862)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   757
    Asynchronous Auth Prompt attaches to wrong window
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   758
  * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   759
    Crashes with evidence of memory corruption
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   760
  * MFSA 2010-18/CVE-2010-0176 (bmo#538308)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   761
    Dangling pointer vulnerability in nsTreeContentView
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   762
  * MFSA 2010-19/CVE-2010-0177 (bmo#538310)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   763
    Dangling pointer vulnerability in nsPluginArray
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   764
  * MFSA 2010-20/CVE-2010-0178 (bmo#546909)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   765
    Chrome privilege escalation via forced URL drag and drop
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   766
  * MFSA 2010-22/CVE-2009-3555 (bmo#545755)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   767
    Update NSS to support TLS renegotiation indication
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   768
  * MFSA 2010-23/CVE-2010-0181 (bmo#452093)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   769
    Image src redirect to mailto: URL opens email editor
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   770
  * MFSA 2010-24/CVE-2010-0182 (bmo#490790)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   771
    XMLDocument::load() doesn't check nsIContentPolicy
59
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   772
52
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
   773
-------------------------------------------------------------------
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
   774
Mon Jan 18 09:42:50 CET 2010 - wr@rosenauer.org
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
   775
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
   776
- update to 3.6rc2 (already named 3.6.0)
59
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   777
- removed obsolete orbit-devel build requirement
52
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
   778
46
c743908ffe6f Update to 1.9.2rc1/3.6rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 39
diff changeset
   779
-------------------------------------------------------------------
c743908ffe6f Update to 1.9.2rc1/3.6rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 39
diff changeset
   780
Wed Jan  6 17:15:40 CET 2010 - wr@rosenauer.org
c743908ffe6f Update to 1.9.2rc1/3.6rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 39
diff changeset
   781
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   782
- major update to 3.6rc1
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   783
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   784
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   785
Fri Dec 25 09:39:42 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   786
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   787
- update to version 3.5.7 (bnc#568011)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   788
  * DNS resolution in MakeSN of nsAuthSSPI causing issues for
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   789
    proxy servers that support NTLM auth (bmo#535193)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   790
- added missing lockdown preferences (bnc#567131)
46
c743908ffe6f Update to 1.9.2rc1/3.6rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 39
diff changeset
   791
39
f3cc5e946292 Add Firefox changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 31
diff changeset
   792
-------------------------------------------------------------------
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   793
Thu Dec 17 20:06:38 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   794
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   795
- readded firefox-ui-lockdown.patch (bnc#546158)
39
f3cc5e946292 Add Firefox changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 31
diff changeset
   796
31
529467fa14cf MozillaFirefox changes
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 19
diff changeset
   797
-------------------------------------------------------------------
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   798
Thu Dec  3 21:53:59 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   799
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   800
- security update to version 3.5.6 (bnc#559807)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   801
  * MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   802
    Crashes with evidence of memory corruption (rv:1.9.1.6)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   803
  * MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   804
    Memory safety fixes in liboggplay media library
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   805
  * MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   806
    Integer overflow, crash in libtheora video library
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   807
  * MFSA 2009-68/CVE-2009-3983 (bmo#487872)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   808
    NTLM reflection vulnerability
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   809
  * MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   810
    Location bar spoofing vulnerabilities
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   811
  * MFSA 2009-70/VE-2009-3986 (bmo#522430)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   812
    Privilege escalation via chrome window.opener
19
f21a8e50d93d BNC#561027 - firefox urlbar style broken -> stripped down patch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 18
diff changeset
   813
- fixed firefox-browser-css.patch (bnc#561027)
18
c4da314d7975 Update to 1.9.2b5/3.6b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 12
diff changeset
   814
12
1f7c3dc01e1c Prepare MozillaFirefox for KDE integration
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 5
diff changeset
   815
-------------------------------------------------------------------
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   816
Mon Nov 23 22:31:21 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   817
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   818
- rebased patches for fuzz=0
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   819
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   820
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   821
Thu Nov  5 19:49:33 UTC 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   822
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   823
- update to version 3.5.5 (bnc#553172)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   824
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   825
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   826
Sat Oct 17 23:19:23 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   827
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   828
- security update to version 3.5.4 (bnc#545277)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   829
  * MFSA 2009-52/CVE-2009-3370 (bmo#511615)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   830
    Form history vulnerable to stealing
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   831
  * MFSA 2009-53/CVE-2009-3274 (bmo#514823)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   832
    Local downloaded file tampering
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   833
  * MFSA 2009-54/CVE-2009-3371 (bmo#514554)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   834
    Crash with recursive web-worker calls
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   835
  * MFSA 2009-55/CVE-2009-3372 (bmo#500644)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   836
    Crash in proxy auto-configuration regexp parsing
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   837
  * MFSA 2009-56/CVE-2009-3373 (bmo#511689)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   838
    Heap buffer overflow in GIF color map parser
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   839
  * MFSA 2009-57/CVE-2009-3374 (bmo#505988)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   840
    Chrome privilege escalation in XPCVariant::VariantDataToJS()
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   841
  * MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   842
    Heap buffer overflow in string to number conversion
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   843
  * MFSA 2009-61/CVE-2009-3375 (bmo#503226)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   844
    Cross-origin data theft through document.getSelection()
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   845
  * MFSA 2009-62/CVE-2009-3376 (bmo#511521)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   846
    Download filename spoofing with RTL override
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   847
  * MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   848
    Upgrade media libraries to fix memory safety bugs
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   849
  * MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   850
    Crashes with evidence of memory corruption
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   851
- removed upstreamed patch
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   852
  * firefox-bug506901.patch 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   853
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   854
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   855
Wed Oct  7 20:11:24 CEST 2009 - llunak@novell.com
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   856
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   857
- fix KDE button order in one more place (bnc#170055)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   858
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   859
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   860
Fri Oct  2 20:26:49 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   861
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   862
- improve UI colors to be usable with dark themes at all 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   863
  (firefox-browser-css.patch) (bnc#503351)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   864
- extend list of supported architectures as ABI identifier
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   865
  (mozilla-abi.patch) (bnc#543460)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   866
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   867
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   868
Mon Sep 14 00:07:55 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   869
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   870
- added KDE integration patch from llunak@novell.com  
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   871
  (firefox-kde.patch)  
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   872
  * support for knotify, making -kde4-addon obsolete  
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   873
  * KDE-specific support functional (bnc#170055)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   874
- do not build libnkgnomevfs (bmo#512671) (firefox-no-gnomevfs)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   875
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   876
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   877
Thu Sep 10 09:34:26 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   878
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   879
- security update to version 3.5.3 (bnc#534458)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   880
  * MFSA 2009-47/CVE-2009-3069/CVE-2009-3070/CVE-2009-3071/
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   881
    CVE-2009-3072/CVE-2009-3073/CVE-2009-3074/CVE-2009-3075
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   882
    Crashes with evidence of memory corruption
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   883
  * MFSA 2009-49/CVE-2009-3077 (bmo#506871)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   884
    TreeColumns dangling pointer vulnerability
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   885
  * MFSA 2009-50/CVE-2009-3078 (bmo#453827)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   886
    Location bar spoofing via tall line-height Unicode characters
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   887
  * MFSA 2009-51/CVE-2009-3079 (bmo#454363)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   888
    Chrome privilege escalation with FeedWriter
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   889
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   890
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   891
Wed Aug 19 22:14:07 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   892
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   893
- renamed patch firefox-contextmenu-gnome to firefox-cross-desktop
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   894
  as it contains more tweaks to handle non-Gnome environments and
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   895
  especially KDE integration: 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   896
  * added the ability to set the KDE default browser 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   897
    (still part of bnc#170055)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   898
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   899
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   900
Sat Aug  8 00:14:18 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   901
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   902
- split -translations package into -common and -other
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   903
  (bnc#529180)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   904
- remove "set as background" from context menu if not running in
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   905
  Gnome (part of bnc#170055)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   906
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   907
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   908
Fri Jul 31 09:01:57 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   909
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   910
- security update to version 3.5.2
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   911
  * MFSA 2009-38/CVE-2009-2470 (bmo#459524)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   912
    Data corruption with SOCKS5 reply containing DNS name longer
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   913
    than 15 characters
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   914
  * MFSA 2009-44/CVE-2009-2654 (bmo#451898)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   915
    Location bar and SSL indicator spoofing via window.open() on
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   916
    invalid URL
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   917
  * MFSA 2009-45
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   918
    Crashes with evidence of memory corruption
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   919
  * MFSA 2009-46 (bmo#498897)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   920
    Chrome privilege escalation due to incorrectly cached wrapper
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   921
  * various other stability fixes
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   922
- export MOZ_APP_LAUNCHER in the startscript (bmo#453689)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   923
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   924
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   925
Tue Jul 28 14:54:46 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   926
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   927
- fixed %exclude usage
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   928
- fixed preferences' advanced pane for fresh profiles (bmo#506901)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   929
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   930
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   931
Wed Jul 15 20:13:19 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   932
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   933
- security update to version 3.5.1
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   934
  * MFSA 2009-41
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   935
    Corrupt JIT state after deep return from native function
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   936
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   937
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   938
Mon Jul  6 12:33:47 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   939
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   940
- added mozilla-linkorder.patch to fix build with --as-needed
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   941
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   942
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   943
Tue Jun 30 08:52:00 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   944
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   945
- update to final version 3.5 (20090623)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   946
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   947
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   948
Tue Jun 23 09:39:50 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   949
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   950
- fixed build by linking to a real file
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   951
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   952
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   953
Thu Jun 18 10:19:40 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   954
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   955
- update to version 3.5rc2 (20090617)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   956
- BuildRequire mozilla-xulrunner191 = 1.9.1.0
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   957
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   958
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   959
Sat Jun  6 15:59:02 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   960
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   961
- update to version 3.5b99 (20090604)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   962
- BuildRequire mozilla-xulrunner191 = 1.9.1b99
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   963
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   964
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   965
Wed May 27 08:03:16 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   966
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   967
- fixed typos in improved xulrunner dependencies
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   968
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   969
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   970
Mon May 11 18:25:12 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   971
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   972
- use non-localized Downloads folder (bnc#501724)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   973
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   974
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   975
Mon May  4 07:57:50 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   976
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   977
- update to new major version 3.5b4
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   978
  * based on Gecko 1.9.1 (mozilla-xulrunner191)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   979
  * Private Browsing Mode
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   980
  * TraceMonkey JavaScript engine
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   981
  * Geolocation support
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   982
  * native JSON and web worker threads support
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   983
  * speculative parsing for faster content rendering
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   984
  * Some HTML5 support
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   985
- updated firefox.schemas
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   986
- improved firefox-no-update.patch
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   987
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   988
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   989
Tue Apr 28 10:47:54 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   990
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   991
- security update to 3.0.10
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   992
  * MFSA 2009-23/CVE-2009-1313 (bmo#489647)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   993
      Crash in nsTextFrame::ClearTextRun()
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   994
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   995
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   996
Thu Apr 16 13:52:21 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   997
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   998
- security update to 3.0.9 (bnc#495473)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
   999
  * MFSA 2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304/CVE-2009-1305
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1000
      Crashes with evidence of memory corruption (rv:1.9.0.9)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1001
  * MFSA 2009-15/CVE-2009-0652 (bmo#479336)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1002
      URL spoofing with box drawing character
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1003
  * MFSA 2009-16/CVE-2009-1306 (bmo#474536)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1004
      jar: scheme ignores the content-disposition: header on the
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1005
      inner URI
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1006
  * MFSA 2009-17/CVE-2009-1307 (bmo#481342)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1007
      Same-origin violations when Adobe Flash loaded via
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1008
      view-source: scheme
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1009
  * MFSA 2009-18/CVE-2009-1308 (bmo#481558)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1010
      XSS hazard using third-party stylesheets and XBL bindings
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1011
  * MFSA 2009-19/CVE-2009-1309 (bmo#482206,478433)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1012
      Same-origin violations in XMLHttpRequest and
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1013
      XPCNativeWrapper.toString
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1014
  * MFSA 2009-20/CVE-2009-1310 (bmo#483086)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1015
      Malicious search plugins can inject code into arbitrary sites
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1016
  * MFSA 2009-21/CVE-2009-1311 (bmo#471962)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1017
      POST data sent to wrong site when saving web page with
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1018
      embedded frame
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1019
  * MFSA 2009-22/CVE-2009-1312 (bmo#475636)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1020
      Firefox allows Refresh header to redirect to javascript: URIs
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1021
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1022
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1023
Fri Mar 27 09:43:43 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1024
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1025
- security update to 1.9.0.8 (bnc#488955,489411)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1026
  * MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1027
      Crash and remote code execution in XSL transformation
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1028
  * MFSA 2009-13/CVE-2009-1044 (bmo#484320)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1029
      Arbitrary code execution via XUL tree moveToEdgeShift
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1030
- allow RPM provides for stuff besides shared libraries
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1031
  (e.g. mime-types)
12
1f7c3dc01e1c Prepare MozillaFirefox for KDE integration
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 5
diff changeset
  1032
5
17b1dd932700 Add MozillaFirefox package
Wolfgang Rosenauer <wr@rosenauer.org>
parents:
diff changeset
  1033
-------------------------------------------------------------------
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1034
Sun Mar  1 11:08:58 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1035
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1036
- security update to 3.0.7 (bnc#478625)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1037
  * MFSA 2009-07 - Crashes with evidence of memory corruption
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1038
    CVE-2009-0771 - Layout Engine Crashes
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1039
    CVE-2009-0772 - Layout Engine Crashes
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1040
    CVE-2009-0773 - crashes in the JavaScript engine
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1041
    CVE-2009-0774 - Layout Engine Crashes
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1042
  * MFSA 2009-08/CVE-2009-0775 - (bmo#474456)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1043
    Mozilla Firefox XUL Linked Clones Double Free Vulnerability
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1044
  * MFSA 2009-09/CVE-2009-0776 (bmo#414540)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1045
    XML data theft via RDFXMLDataSource and cross-domain redirect
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1046
  * MFSA 2009-10/CVE-2009-0040 (bmo#478901)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1047
    Upgrade PNG library to fix memory safety hazards
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1048
  * MFSA 2009-11/CVE-2009-0777 (bmo#452979)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1049
    URL spoofing with invisible control characters
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1050
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1051
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1052
Wed Feb  4 18:58:59 EST 2009 - hfiguiere@suse.de
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1053
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1054
- Review and approve changes.
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1055
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1056
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1057
Wed Jan 28 13:48:00 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1058
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1059
- security update to 3.0.6 (bnc#470074)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1060
  * MFSA 2009-06/CVE-2009-0358: Directives to not cache pages ignored
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1061
    (bmo#441751)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1062
  * MFSA 2009-05/CVE-2009-0357: XMLHttpRequest allows reading 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1063
    HTTPOnly cookies (bmo#380418)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1064
  * MFSA 2009-04/CVE-2009-0356: Chrome privilege escalation via 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1065
    local .desktop files (bmo#460425)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1066
  * MFSA 2009-03/CVE-2009-0355: Local file stealing with SessionStore
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1067
    (bmo#466937)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1068
  * MFSA 2009-02/CVE-2009-0354: XSS using a chrome XBL method 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1069
    and window.eval (bmo#468581)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1070
  * MFSA 2009-01/CVE-2009-0352 - CVE-2009-0353: Crashes with 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1071
    evidence of memory corruption (rv:1.9.0.6) (bmo#452913, 
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1072
    bmo#449006, bmo#331088, bmo#401042, bmo#416461, bmo#422283,
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1073
    bmo#422301, bmo#431705, bmo#437142, bmo#421839, bmo#420697,
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1074
    bmo#461027)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1075
  * (non security) added lv locale
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1076
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1077
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1078
Thu Jan 22 11:09:42 EST 2009 - hfiguiere@suse.de
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1079