MozillaFirefox/MozillaFirefox.changes
author Ludwig Nussel <lnussel@suse.de>
Mon, 16 Sep 2013 17:39:33 +0200
branchfirefox24
changeset 666 0d913ca30238
parent 664 1276f5ff4bcb
child 667 6c1407488870
permissions -rw-r--r--
move greek to the translations-common package (bnc#840551)
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
539
b1134fe91f9a merge latest changes from firefox16
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 536
diff changeset
     1
-------------------------------------------------------------------
666
0d913ca30238 move greek to the translations-common package (bnc#840551)
Ludwig Nussel <lnussel@suse.de>
parents: 664
diff changeset
     2
Mon Sep 16 11:59:18 UTC 2013 - lnussel@suse.de
0d913ca30238 move greek to the translations-common package (bnc#840551)
Ludwig Nussel <lnussel@suse.de>
parents: 664
diff changeset
     3
0d913ca30238 move greek to the translations-common package (bnc#840551)
Ludwig Nussel <lnussel@suse.de>
parents: 664
diff changeset
     4
- move greek to the translations-common package (bnc#840551)
0d913ca30238 move greek to the translations-common package (bnc#840551)
Ludwig Nussel <lnussel@suse.de>
parents: 664
diff changeset
     5
0d913ca30238 move greek to the translations-common package (bnc#840551)
Ludwig Nussel <lnussel@suse.de>
parents: 664
diff changeset
     6
-------------------------------------------------------------------
664
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
     7
Sat Sep 14 14:39:58 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
     8
666
0d913ca30238 move greek to the translations-common package (bnc#840551)
Ludwig Nussel <lnussel@suse.de>
parents: 664
diff changeset
     9
- update to Firefox 24.0 (bnc#840485)
0d913ca30238 move greek to the translations-common package (bnc#840551)
Ludwig Nussel <lnussel@suse.de>
parents: 664
diff changeset
    10
- enable gstreamer via pref (gecko.js)
663
faf4f017af5c require NSS 3.15.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 661
diff changeset
    11
- require NSS 3.15.1
661
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    12
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    13
-------------------------------------------------------------------
664
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
    14
Mon Aug 26 07:35:36 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
    15
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
    16
- update to Firefox 23.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
    17
  * Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
    18
    (bmo#901527)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
    19
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 663
diff changeset
    20
-------------------------------------------------------------------
661
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    21
Sun Aug  4 18:30:11 UTC 2013 - wr@rosenauer.org
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    22
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    23
- update to Firefox 23.0 (bnc#833389)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    24
  * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    25
    Miscellaneous memory safety hazards
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    26
  * MFSA 2013-64/CVE-2013-1704 (bmo#883313)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    27
    Use after free mutating DOM during SetBody
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    28
  * MFSA 2013-65/CVE-2013-1705 (bmo#882865)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    29
    Buffer underflow when generating CRMF requests
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    30
  * MFSA 2013-67/CVE-2013-1708 (bmo#879924)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    31
    Crash during WAV audio file decoding
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    32
  * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    33
    Document URI misrepresentation and masquerading
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    34
  * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    35
    CRMF requests allow for code execution and XSS attacks
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    36
  * MFSA 2013-70/CVE-2013-1711 (bmo#843829)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    37
    Bypass of XrayWrappers using XBL Scopes
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    38
  * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    39
    Wrong principal used for validating URI for some Javascript
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    40
    components
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    41
  * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    42
    Same-origin bypass with web workers and XMLHttpRequest
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    43
  * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
aac91d5705b1 prepare 24.0beta
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 659
diff changeset
    44
    Local Java applets may read contents of local file system
653
38c67b6b2f37 Aurora 23 (20130616)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 650
diff changeset
    45
- requires NSPR 4.10 and NSS 3.15
659
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    46
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    47
-------------------------------------------------------------------
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    48
Wed Jul  3 17:14:35 UTC 2013 - dmueller@suse.com
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    49
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    50
- fix build on ARM (/-g/ matches /-grecord-switches/)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    51
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    52
-------------------------------------------------------------------
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    53
Sat Jun 22 17:48:06 UTC 2013 - wr@rosenauer.org
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    54
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    55
- update to Firefox 22.0 (bnc#825935)
650
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    56
  * removed obsolete patches
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    57
    + mozilla-qcms-ppc.patch
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    58
    + mozilla-gstreamer-760140.patch
659
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    59
  * GStreamer support does not build on 12.1 anymore (build only
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    60
    on 12.2 and later)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    61
  * MFSA 2013-49/CVE-2013-1682/CVE-2013-1683
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    62
    Miscellaneous memory safety hazards
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    63
  * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    64
    Memory corruption found using Address Sanitizer
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    65
  * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    66
    Privileged content access and execution via XBL
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    67
  * MFSA 2013-52/CVE-2013-1688 (bmo#873966)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    68
    Arbitrary code execution within Profiler
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    69
  * MFSA 2013-53/CVE-2013-1690 (bmo#857883)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    70
    Execution of unmapped memory through onreadystatechange event
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    71
  * MFSA 2013-54/CVE-2013-1692 (bmo#866915)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    72
    Data in the body of XHR HEAD requests leads to CSRF attacks
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    73
  * MFSA 2013-55/CVE-2013-1693 (bmo#711043)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    74
    SVG filters can lead to information disclosure
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    75
  * MFSA 2013-56/CVE-2013-1694 (bmo#848535)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    76
    PreserveWrapper has inconsistent behavior
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    77
  * MFSA 2013-57/CVE-2013-1695 (bmo#849791)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    78
    Sandbox restrictions not applied to nested frame elements
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    79
  * MFSA 2013-58/CVE-2013-1696 (bmo#761667)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    80
    X-Frame-Options ignored when using server push with multi-part
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    81
    responses
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    82
  * MFSA 2013-59/CVE-2013-1697 (bmo#858101)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    83
    XrayWrappers can be bypassed to run user defined methods in a
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    84
    privileged context
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    85
  * MFSA 2013-60/CVE-2013-1698 (bmo#876044)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    86
    getUserMedia permission dialog incorrectly displays location
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    87
  * MFSA 2013-61/CVE-2013-1699 (bmo#840882)
fa96cf6ffd14 Aurora 24 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 653
diff changeset
    88
    Homograph domain spoofing in .com, .net and .name
650
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    89
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    90
-------------------------------------------------------------------
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    91
Tue Jun 11 21:06:58 UTC 2013 - dvaleev@suse.com
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    92
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    93
- Fix qcms altivec include (mozilla-qcms-ppc.patch)
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    94
e8c83b144fd1 22.0b4 update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 647
diff changeset
    95
-------------------------------------------------------------------
647
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
    96
Fri May 10 05:25:39 UTC 2013 - wr@rosenauer.org
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
    97
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
    98
- update to Firefox 21.0 (bnc#819204)
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
    99
  * removed upstreamed patch firefox-712763.patch
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   100
  * removed disabled mozilla-disable-neon-option.patch
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   101
  * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   102
    Miscellaneous memory safety hazards
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   103
  * MFSA 2013-42/CVE-2013-1670 (bmo#853709)
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   104
    Privileged access for content level constructor
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   105
  * MFSA 2013-43/CVE-2013-1671 (bmo#842255)
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   106
    File input control has access to full path
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   107
  * MFSA 2013-46/CVE-2013-1674 (bmo#860971)
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   108
    Use-after-free with video and onresize event
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   109
  * MFSA 2013-47/CVE-2013-1675 (bmo#866825)
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   110
    Uninitialized functions in DOMSVGZoomEvent
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   111
  * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   112
    CVE-2013-1679/CVE-2013-1680/CVE-2013-1681
9d8bdcdd4d2a 21.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 645
diff changeset
   113
    Memory corruption found using Address Sanitizer
645
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 640
diff changeset
   114
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 640
diff changeset
   115
-------------------------------------------------------------------
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 640
diff changeset
   116
Tue Apr  9 06:41:31 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 640
diff changeset
   117
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 640
diff changeset
   118
- revert to use GStreamer 0.10 on 12.3 (bnc#814101)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 640
diff changeset
   119
  (remove mozilla-gstreamer-1.patch)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 640
diff changeset
   120
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 640
diff changeset
   121
-------------------------------------------------------------------
640
68ead6c93b7d Explicitly disable WebRTC support on non-x86, the configure script
schwab@linux-m68k.org
parents: 639
diff changeset
   122
Fri Apr  5 17:04:11 UTC 2013 - schwab@linux-m68k.org
68ead6c93b7d Explicitly disable WebRTC support on non-x86, the configure script
schwab@linux-m68k.org
parents: 639
diff changeset
   123
68ead6c93b7d Explicitly disable WebRTC support on non-x86, the configure script
schwab@linux-m68k.org
parents: 639
diff changeset
   124
- Explicitly disable WebRTC support on non-x86, the configure script
68ead6c93b7d Explicitly disable WebRTC support on non-x86, the configure script
schwab@linux-m68k.org
parents: 639
diff changeset
   125
  disables it only half-heartedly
68ead6c93b7d Explicitly disable WebRTC support on non-x86, the configure script
schwab@linux-m68k.org
parents: 639
diff changeset
   126
68ead6c93b7d Explicitly disable WebRTC support on non-x86, the configure script
schwab@linux-m68k.org
parents: 639
diff changeset
   127
-------------------------------------------------------------------
639
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   128
Fri Mar 29 22:15:21 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   129
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   130
- update to Firefox 20.0 (bnc#813026)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   131
  * requires NSPR 4.9.5 and NSS 3.14.3
640
68ead6c93b7d Explicitly disable WebRTC support on non-x86, the configure script
schwab@linux-m68k.org
parents: 639
diff changeset
   132
  * mozilla-webrtc-ppc.patch included upstream
639
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   133
  * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   134
    Miscellaneous memory safety hazards
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   135
  * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   136
    Out-of-bounds write in Cairo library
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   137
  * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   138
    WebGL crash with Mesa graphics driver on Linux
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   139
  * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   140
    Bypass of SOW protections allows cloning of protected nodes
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   141
  * MFSA 2013-37/CVE-2013-0794 (bmo#626775)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   142
    Bypass of tab-modal dialog origin disclosure
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   143
  * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   144
    Cross-site scripting (XSS) using timed history navigations
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   145
  * MFSA 2013-39/CVE-2013-0792 (bmo#722831)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 633
diff changeset
   146
    Memory corruption while rendering grayscale PNG images
625
9f6e14430916 Bug 806917 - support GStreamer 1.0
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 624
diff changeset
   147
- use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch)
633
7c6f56a37ed6 armv7hl build fixes
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 629 631
diff changeset
   148
7c6f56a37ed6 armv7hl build fixes
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 629 631
diff changeset
   149
-------------------------------------------------------------------
631
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   150
Tue Mar 12 23:08:15 UTC 2013 - dmueller@suse.com
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   151
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   152
- build fixes for armv7hl:
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   153
  * disable debug build as armv7hl does not have enough memory
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   154
  * disable webrtc on armv7hl as it is non-compiling
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   155
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   156
-------------------------------------------------------------------
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   157
Thu Mar  7 19:03:32 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   158
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   159
- update to Firefox 19.0.2 (bnc#808243)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   160
  * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   161
    Use-after-free in HTML Editor
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   162
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 623
diff changeset
   163
-------------------------------------------------------------------
623
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 619
diff changeset
   164
Thu Feb 28 22:06:36 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 619
diff changeset
   165
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 619
diff changeset
   166
- update to Firefox 19.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 619
diff changeset
   167
  * blocklist updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 619
diff changeset
   168
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 619
diff changeset
   169
-------------------------------------------------------------------
615
fb49ee6e3828 Firefox 19.0 goes release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 613
diff changeset
   170
Sat Feb 16 07:08:55 UTC 2013 - wr@rosenauer.org
fb49ee6e3828 Firefox 19.0 goes release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 613
diff changeset
   171
619
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   172
- update to Firefox 19.0 (bnc#804248)
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   173
  * MFSA 2013-21/CVE-2013-0783/2013-0784
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   174
    Miscellaneous memory safety hazards
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   175
  * MFSA 2013-22/CVE-2013-0772 (bmo#801366)
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   176
    Out-of-bounds read in image rendering
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   177
  * MFSA 2013-23/CVE-2013-0765 (bmo#830614)
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   178
    Wrapped WebIDL objects can be wrapped again
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   179
  * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   180
    Web content bypass of COW and SOW security wrappers
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   181
  * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   182
    Privacy leak in JavaScript Workers
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   183
  * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   184
    Use-after-free in nsImageLoadingContent
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   185
  * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   186
    Phishing on HTTPS connection through malicious proxy
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   187
  * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   188
    CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   189
    Use-after-free, out of bounds read, and buffer overflow issues
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   190
    found using Address Sanitizer
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   191
- removed obsolete patches
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   192
  * mozilla-webrtc.patch
666cf9899b82 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 616
diff changeset
   193
  * mozilla-gstreamer-803287.patch
616
f46af22f1079 Bug 712763 - Backout changes from bug 669272 to keep original window order when restoring a session
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 615
diff changeset
   194
- added patch to fix session restore window order (bmo#712763)
613
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 611
diff changeset
   195
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 611
diff changeset
   196
-------------------------------------------------------------------
611
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 609
diff changeset
   197
Sat Feb  2 08:40:52 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 609
diff changeset
   198
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 609
diff changeset
   199
- update to Firefox 18.0.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 609
diff changeset
   200
  * blocklist and CTP updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 609
diff changeset
   201
  * fixes in JS engine
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 609
diff changeset
   202
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 609
diff changeset
   203
-------------------------------------------------------------------
604
127a01719356 update to 18.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 603
diff changeset
   204
Wed Jan 16 20:51:55 UTC 2013 - wr@rosenauer.org
127a01719356 update to 18.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 603
diff changeset
   205
127a01719356 update to 18.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 603
diff changeset
   206
- update to Firefox 18.0.1
127a01719356 update to 18.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 603
diff changeset
   207
  * blocklist updates
127a01719356 update to 18.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 603
diff changeset
   208
  * backed out bmo#677092 (removed patch)
609
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 604
diff changeset
   209
  * fixed problems involving HTTP proxy transactions
604
127a01719356 update to 18.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 603
diff changeset
   210
127a01719356 update to 18.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 603
diff changeset
   211
-------------------------------------------------------------------
603
cfcae96df099 imported patch to fix PPC build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 601
diff changeset
   212
Sat Jan 12 17:25:11 UTC 2013 - schwab@linux-m68k.org
cfcae96df099 imported patch to fix PPC build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 601
diff changeset
   213
cfcae96df099 imported patch to fix PPC build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 601
diff changeset
   214
- Fix WebRTC to build on powerpc
cfcae96df099 imported patch to fix PPC build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 601
diff changeset
   215
cfcae96df099 imported patch to fix PPC build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 601
diff changeset
   216
-------------------------------------------------------------------
600
5eb2128332e5 18.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 595
diff changeset
   217
Sun Jan  6 21:54:18 UTC 2013 - wr@rosenauer.org
5eb2128332e5 18.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 595
diff changeset
   218
5eb2128332e5 18.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 595
diff changeset
   219
- update to Firefox 18.0 (bnc#796895)
601
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   220
  * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   221
    Miscellaneous memory safety hazards
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   222
  * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   223
    CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   224
    Use-after-free and buffer overflow issues found using Address Sanitizer
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   225
  * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   226
    Buffer Overflow in Canvas
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   227
  * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   228
    URL spoofing in addressbar during page loads
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   229
  * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   230
    Use-after-free when displaying table with many columns and column groups
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   231
  * MFSA 2013-06/CVE-2013-0751 (bmo#790454)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   232
    Touch events are shared across iframes
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   233
  * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   234
    Crash due to handling of SSL on threads
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   235
  * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   236
    AutoWrapperChanger fails to keep objects alive during garbage collection
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   237
  * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   238
    Compartment mismatch with quickstubs returned values
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   239
  * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   240
    Event manipulation in plugin handler to bypass same-origin policy
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   241
  * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   242
    Address space layout leaked in XBL objects
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   243
  * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   244
    Buffer overflow in Javascript string concatenation
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   245
  * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   246
    Memory corruption in XBL with XML bindings containing SVG
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   247
  * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   248
    Chrome Object Wrapper (COW) bypass through changing prototype
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   249
  * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   250
    Privilege escalation through plugin objects
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   251
  * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   252
    Use-after-free in serializeToStream
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   253
  * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   254
    Use-after-free in ListenerManager
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   255
  * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   256
    Use-after-free in Vibrate
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   257
  * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   258
    Use-after-free in Javascript Proxy objects
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   259
- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   260
- removed obsolete SLE11 patches (mozilla-gcc43*)
585
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   261
- reenable WebRTC
600
5eb2128332e5 18.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 595
diff changeset
   262
- added mozilla-libproxy-compat.patch for libproxy API compat
5eb2128332e5 18.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 595
diff changeset
   263
  on openSUSE 11.2 and earlier
601
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   264
- backed out restartless language packs as it broke multi-locale
006c98ae8607 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 600
diff changeset
   265
  setup (bmo#677092, bmo#818468)
585
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   266
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   267
-------------------------------------------------------------------
595
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   268
Thu Nov 29 19:56:51 UTC 2012 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   269
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   270
- update to Firefox 17.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   271
  * revert some useragent changes introduced in 17.0
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   272
  * leaving private browsing with social enabled doesn't reset all
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   273
    social components (bmo#815042)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   274
- fix KDE integration for file dialogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   275
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 585
diff changeset
   276
-------------------------------------------------------------------
585
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   277
Tue Nov 20 19:52:02 UTC 2012 - wr@rosenauer.org
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   278
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   279
- update to Firefox 17.0 (bnc#790140)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   280
  * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   281
    Miscellaneous memory safety hazards
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   282
  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   283
    Buffer overflow while rendering GIF images
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   284
  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   285
    evalInSanbox location context incorrectly applied
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   286
  * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   287
    Crash when combining SVG text on path with CSS
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   288
  * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   289
    Javascript: URLs run in privileged context on New Tab page
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   290
  * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   291
    Memory corruption in str_unescape
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   292
  * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   293
    XMLHttpRequest inherits incorrect principal within sandbox
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   294
  * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   295
    XrayWrappers exposes chrome-only properties when not in chrome
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   296
    compartment
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   297
  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   298
    Improper security filtering for cross-origin wrappers
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   299
  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   300
    Improper character decoding in HZ-GB-2312 charset
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   301
  * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   302
    Script entered into Developer Toolbar runs with chrome privileges
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   303
  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   304
    Frames can shadow top.location
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   305
  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   306
    CSS and HTML injection through Style Inspector
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   307
  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   308
    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   309
    CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   310
    Use-after-free and buffer overflow issues found using Address
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   311
    Sanitizer
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   312
  * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   313
    Use-after-free, buffer overflow, and memory corruption issues
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   314
    found using Address Sanitizer
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   315
- rebased patches
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   316
- disabled WebRTC since build is broken (bmo#776877)
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   317
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   318
-------------------------------------------------------------------
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   319
Tue Nov 20 15:42:55 UTC 2012 - pcerny@suse.com
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   320
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   321
- build on SLE11
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   322
  * mozilla-gcc43-enums.patch
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   323
  * mozilla-gcc43-template_hacks.patch
5a44d417c9b5 prepare for Beta 18 phase
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 572
diff changeset
   324
  * mozilla-gcc43-templates_instantiation.patch
568
2c74c5927ea2 first working Aurora 18 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 563
diff changeset
   325
2c74c5927ea2 first working Aurora 18 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 563
diff changeset
   326
-------------------------------------------------------------------
572
edcb48108200 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 568
diff changeset
   327
Wed Oct 24 08:27:29 UTC 2012 - wr@rosenauer.org
edcb48108200 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 568
diff changeset
   328
edcb48108200 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 568
diff changeset
   329
- update to Firefox 16.0.2 (bnc#786522)
edcb48108200 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 568
diff changeset
   330
  * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
edcb48108200 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 568
diff changeset
   331
    (bmo#800666, bmo#793121, bmo#802557)
edcb48108200 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 568
diff changeset
   332
    Fixes for Location object issues
edcb48108200 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 568
diff changeset
   333
- bring back Obsoletes for libproxy's mozjs plugin for distributions
edcb48108200 changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 568
diff changeset
   334
  before 12.2 to avoid crashes
539
b1134fe91f9a merge latest changes from firefox16
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 536
diff changeset
   335
414
88a71e903038 update to 12.0b2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 410
diff changeset
   336
-------------------------------------------------------------------
563
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   337
Thu Oct 11 01:51:16 UTC 2012 - wr@rosenauer.org
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   338
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   339
- update to Firefox 16.0.1 (bnc#783533)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   340
  * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   341
    Miscellaneous memory safety hazards
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   342
  * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   343
    defaultValue security checks not applied
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   344
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   345
-------------------------------------------------------------------
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   346
Sun Oct  7 21:40:14 UTC 2012 - wr@rosenauer.org
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   347
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   348
- update to Firefox 16.0 (bnc#783533)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   349
  * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   350
    Miscellaneous memory safety hazards
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   351
  * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   352
    select element persistance allows for attacks
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   353
  * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   354
    Continued access to initial origin after setting document.domain
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   355
  * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   356
    Some DOMWindowUtils methods bypass security checks
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   357
  * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   358
    DOS and crash with full screen and history navigation
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   359
  * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   360
    Crash with invalid cast when using instanceof operator
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   361
  * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   362
    GetProperty function can bypass security checks
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   363
  * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   364
    top object and location property accessible by plugins
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   365
  * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   366
    Chrome Object Wrapper (COW) does not disallow acces to privileged
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   367
    functions or properties
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   368
  * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   369
    Spoofing and script injection through location.hash
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   370
  * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   371
    CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   372
    Use-after-free, buffer overflow, and out of bounds read issues
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   373
    found using Address Sanitizer
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   374
  * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   375
    CVE-2012-4188
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   376
    Heap memory corruption issues found using Address Sanitizer
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   377
  * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   378
    Use-after-free in the IME State Manager
533
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   379
- requires NSPR 4.9.2
529
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   380
- improve GStreamer integration (bmo#760140)
533
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   381
- removed upstreamed mozilla-crashreporter-restart-args.patch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   382
- webapprt now included
536
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 533
diff changeset
   383
- use kmozillahelper's new REVEAL command (bnc#777415)
538
be682f8c9361 revert API version change for kmozillahelper
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 536
diff changeset
   384
  (requires mozilla-kde4-integration >= 0.6.4)
563
8349c239bff9 preparing Aurora 18
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   385
- updated translations-other with new languages
529
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   386
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   387
-------------------------------------------------------------------
541
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   388
Mon Sep 10 19:37:56 UTC 2012 - wr@rosenauer.org
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   389
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   390
- update to Firefox 15.0.1 (bnc#779936)
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   391
  * Sites visited while in Private Browsing mode could be found
547
65364282c9bc Aurora 20121003
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 543
diff changeset
   392
    through manual browser cache inspection (bmo#787743)
541
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   393
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   394
-------------------------------------------------------------------
533
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   395
Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   396
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   397
- update to Firefox 15.0 (bnc#777588)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   398
  * MFSA 2012-57/CVE-2012-1970
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   399
    Miscellaneous memory safety hazards
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   400
  * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   401
    CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   402
    CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   403
    Use-after-free issues found using Address Sanitizer
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   404
  * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   405
    Location object can be shadowed using Object.defineProperty
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   406
  * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   407
    Escalation of privilege through about:newtab
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   408
  * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   409
    Memory corruption with bitmap format images with negative height
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   410
  * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   411
    WebGL use-after-free and memory corruption
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   412
  * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   413
    SVG buffer overflow and use-after-free issues
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   414
  * MFSA 2012-64/CVE-2012-3971
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   415
    Graphite 2 memory corruption
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   416
  * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   417
    Out-of-bounds read in format-number in XSLT
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   418
  * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   419
    HTTPMonitor extension allows for remote debugging without explicit
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   420
    activation
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   421
  * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   422
    DOMParser loads linked resources in extensions when parsing
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   423
    text/html
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   424
  * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   425
    Incorrect site SSL certificate data display
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   426
  * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   427
    Location object security checks bypassed by chrome code
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   428
  * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   429
    Web console eval capable of executing chrome-privileged code
471
73b631ab214b adding fixes to spec file and changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 463
diff changeset
   430
- fix HTML5 video crash with GStreamer enabled (bmo#761030)
513
7a651f368dd8 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 500
diff changeset
   431
- GStreamer is only used for MP4 (no WebM, OGG)
491
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   432
- updated filelist
529
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   433
- moved browser specific preferences to correct location
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   434
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   435
-------------------------------------------------------------------
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   436
Sun Jul 29 08:34:39 UTC 2012 - aj@suse.de
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   437
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   438
- Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16)
491
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   439
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   440
-------------------------------------------------------------------
500
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   441
Sat Jul 14 19:31:51 UTC 2012 - wr@rosenauer.org
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   442
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   443
- update to 14.0.1 (bnc#771583)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   444
  * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   445
    Miscellaneous memory safety hazards
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   446
  * MFSA 2012-43/CVE-2012-1950
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   447
    Incorrect URL displayed in addressbar through drag and drop
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   448
  * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   449
    Gecko memory corruption
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   450
  * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   451
    Spoofing issue with location
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   452
  * MFSA 2012-46/CVE-2012-1966 (bmo#734076)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   453
    XSS through data: URLs
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   454
  * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   455
    Improper filtering of javascript in HTML feed-view
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   456
  * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   457
    use-after-free in nsGlobalWindow::PageHidden
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   458
  * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   459
    Same-compartment Security Wrappers can be bypassed
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   460
  * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   461
    Out of bounds read in QCMS
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   462
  * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   463
    X-Frame-Options header ignored when duplicated
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   464
  * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   465
    JSDependentString::undepend string conversion results in memory
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   466
    corruption
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   467
  * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   468
    Content Security Policy 1.0 implementation errors cause data
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   469
    leakage
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   470
  * MFSA 2012-55/CVE-2012-1965 (bmo#758990)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   471
    feed: URLs with an innerURI inherit security context of page
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   472
  * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   473
    Code execution through javascript: URLs
491
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   474
- license change from tri license to MPL-2.0
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   475
- fix crashreporter restart option (bmo#762780)
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   476
- require NSS 3.13.5
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   477
- remove mozjs pacrunner obsoletes again for now
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   478
- adopted mozilla-prefer_plugin_pref.patch
500
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   479
- PPC fixes:
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   480
  * reenabled mozilla-yarr-pcre.patch to fix build for PPC
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   481
  * add patches for bmo#750620 and bmo#746112
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   482
  * fix xpcshell segfault on ppc
491
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   483
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   484
-------------------------------------------------------------------
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   485
Fri Jun 15 12:37:09 UTC 2012 - wr@rosenauer.org
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   486
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   487
- update to Firefox 13.0.1
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   488
  * bugfix release
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   489
- obsolete libproxy's mozjs pacrunner (bnc#759123)
457
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   490
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   491
-------------------------------------------------------------------
462
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   492
Sat Jun  2 08:22:51 UTC 2012 - wr@rosenauer.org
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   493
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   494
- update to Firefox 13.0 (bnc#765204)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   495
  * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   496
    Miscellaneous memory safety hazards
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   497
  * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   498
    Content Security Policy inline-script bypass
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   499
  * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   500
    Information disclosure though Windows file shares and shortcut
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   501
    files
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   502
  * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   503
    Use-after-free while replacing/inserting a node in a document
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   504
  * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   505
    Buffer overflow and use-after-free issues found using Address
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   506
    Sanitizer
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   507
- require NSS 3.13.4
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   508
  * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   509
- fix sound notifications when filename/path contains a whitespace
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   510
  (bmo#749739)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   511
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   512
-------------------------------------------------------------------
457
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   513
Wed May 23 14:40:16 UTC 2012 - adrian@suse.de
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   514
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   515
- fix build on arm
435
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   516
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   517
-------------------------------------------------------------------
462
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   518
Wed May 16 05:34:01 UTC 2012 - wr@rosenauer.org
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   519
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   520
- reenabled crashreporter for Factory/12.2
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   521
  (fix in mozilla-gcc47.patch)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   522
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   523
-------------------------------------------------------------------
435
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   524
Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   525
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   526
- update to Firefox 12.0 (bnc#758408)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   527
  * rebased patches
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   528
  * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   529
    Miscellaneous memory safety hazards
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   530
  * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   531
    use-after-free in IDBKeyRange
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   532
  * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   533
    Invalid frees causes heap corruption in gfxImageSurface
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   534
  * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   535
    Potential XSS via multibyte content processing errors
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   536
  * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   537
    Potential memory corruption during font rendering using cairo-dwrite
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   538
  * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   539
    WebGL.drawElements may read illegal video memory due to
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   540
    FindMaxUshortElement error
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   541
  * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   542
    Page load short-circuit can lead to XSS
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   543
  * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   544
    Ambiguous IPv6 in Origin headers may bypass webserver access
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   545
    restrictions
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   546
  * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   547
    Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   548
  * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   549
    Crash with WebGL content using textImage2D
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   550
  * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   551
    Off-by-one error in OpenType Sanitizer
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   552
  * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   553
    HTTP Redirections and remote content can be read by javascript errors
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   554
  * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   555
    Potential site identity spoofing when loading RSS and Atom feeds
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   556
- added mozilla-libnotify.patch to allow fallback from libnotify
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   557
  to xul based events if no notification-daemon is running
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   558
- gcc 4.7 fixes
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   559
  * mozilla-gcc47.patch
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   560
  * disabled crashreporter temporarily for Factory
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   561
- recommend libcanberra0 for proper sound notifications
414
88a71e903038 update to 12.0b2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 410
diff changeset
   562
407
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 404
diff changeset
   563
-------------------------------------------------------------------
408
475395d00191 Firefox 11 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 407
diff changeset
   564
Fri Mar  9 21:47:07 UTC 2012 - wr@rosenauer.org
475395d00191 Firefox 11 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 407
diff changeset
   565
475395d00191 Firefox 11 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 407
diff changeset
   566
- update to Firefox 11.0 (bnc#750044)
410
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   567
  * MFSA 2012-13/CVE-2012-0455 (bmo#704354)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   568
    XSS with Drag and Drop and Javascript: URL
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   569
  * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   570
    SVG issues found with Address Sanitizer
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   571
  * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   572
    XSS with multiple Content Security Policy headers
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   573
  * MFSA 2012-16/CVE-2012-0458
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   574
    Escalation of privilege with Javascript: URL as home page
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   575
  * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   576
    Crash when accessing keyframe cssText after dynamic modification
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   577
  * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   578
    window.fullScreen writeable by untrusted content
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   579
  * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   580
    CVE-2012-0463
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   581
    Miscellaneous memory safety hazards
407
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 404
diff changeset
   582
- ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 404
diff changeset
   583
- explicitely build-require X libs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 404
diff changeset
   584
404
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   585
-------------------------------------------------------------------
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   586
Mon Mar  5 13:31:48 UTC 2012 - vdziewiecki@suse.com
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   587
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   588
- add Provides: browser(npapi) FATE#313084
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   589
398
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   590
-------------------------------------------------------------------
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   591
Fri Feb 17 17:41:11 UTC 2012 - pcerny@suse.com
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   592
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   593
- better plugin directory resolution (bnc#747320)
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   594
386
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   595
-------------------------------------------------------------------
387
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   596
Thu Feb 16 08:47:31 UTC 2012 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   597
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   598
- update to Firefox 10.0.2 (bnc#747328)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   599
  * CVE-2011-3026 (bmo#727401)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   600
    libpng: integer overflow leading to heap-buffer overflow
386
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   601
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   602
-------------------------------------------------------------------
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   603
Thu Feb  9 09:26:11 UTC 2012 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   604
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   605
- update to Firefox 10.0.1 (bnc#746616)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   606
  * MFSA 2012-10/CVE-2012-0452 (bmo#724284)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   607
    use after free in nsXBLDocumentInfo::ReadPrototypeBindings
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   608
378
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   609
-------------------------------------------------------------------
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   610
Tue Feb  7 10:40:58 UTC 2012 - dvaleev@suse.com
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   611
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   612
- Use YARR interpreter instead of PCRE on platforms where YARR JIT
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   613
  is not supported, since PCRE doesnt build (bmo#691898)
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   614
- fix ppc64 build (bmo#703534)
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   615
373
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   616
-------------------------------------------------------------------
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   617
Mon Jan 30 09:41:59 UTC 2012 - wr@rosenauer.org
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   618
375
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   619
- update to Firefox 10.0 (bnc#744275)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   620
  * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   621
    Miscellaneous memory safety hazards
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   622
  * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   623
    <iframe> element exposed across domains via name attribute
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   624
  * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   625
    Child nodes from nsDOMAttribute still accessible after removal
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   626
    of nodes
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   627
  * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   628
    Frame scripts calling into untrusted objects bypass security
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   629
    checks
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   630
  * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   631
    Uninitialized memory appended when encoding icon images may
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   632
    cause information disclosure
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   633
  * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   634
    Potential Memory Corruption When Decoding Ogg Vorbis files
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   635
  * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   636
    Crash with malformed embedded XSLT stylesheets
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   637
- KDE integration has been disabled since it needs refactoring
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   638
- removed obsolete ppc64 patch
373
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   639
371
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   640
-------------------------------------------------------------------
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   641
Sun Jan 22 12:08:07 UTC 2012 - joop.boonen@opensuse.org
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   642
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   643
- Disable neon for arm as it doesn't build correctly
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   644
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   645
-------------------------------------------------------------------
366
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   646
Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   647
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   648
- update to Firefox 9.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   649
  * (strongparent) parentNode of element gets lost (bmo#335998)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   650
364
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   651
-------------------------------------------------------------------
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   652
Sun Dec 18 09:58:52 UTC 2011 - adrian@suse.de
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   653
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   654
- fix arm build, don't package crashreporter there
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   655
363
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   656
-------------------------------------------------------------------
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   657
Sun Dec 18 09:52:08 UTC 2011 - wr@rosenauer.org
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   658
364
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   659
- update to Firefox 9 (bnc#737533)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   660
  * MFSA 2011-53/CVE-2011-3660
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   661
    Miscellaneous memory safety hazards (rv:9.0)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   662
  * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   663
    Potentially exploitable crash in the YARR regular expression
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   664
    library
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   665
  * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   666
    nsSVGValue out-of-bounds access
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   667
  * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   668
    Key detection without JavaScript via SVG animation
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   669
  * MFSA 2011-58/VE-2011-3665 (bmo#701259)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   670
    Crash scaling <video> to extreme sizes
363
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   671
358
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   672
-------------------------------------------------------------------
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   673
Sun Nov 27 03:51:54 UTC 2011 - mgorse@suse.com
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   674
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   675
- Fix accessibility under GNOME 3 (bnc#732898)
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   676
355
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   677
-------------------------------------------------------------------
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   678
Sat Nov 12 15:16:38 UTC 2011 - dvaleev@suse.com
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   679
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   680
- fix ppc64 build
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   681
350
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   682
-------------------------------------------------------------------
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   683
Sun Nov  6 08:20:59 UTC 2011 - wr@rosenauer.org
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   684
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   685
- update to Firefox 8 (bnc#728520)
354
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   686
  * MFSA 2011-47/CVE-2011-3648 (bmo#690225)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   687
    Potential XSS against sites using Shift-JIS
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   688
  * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   689
    Miscellaneous memory safety hazards
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   690
  * MFSA 2011-49/CVE-2011-3650 (bmo#674776)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   691
    Memory corruption while profiling using Firebug
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   692
  * MFSA 2011-52/CVE-2011-3655 (bmo#672182)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   693
    Code execution via NoWaiverWrapper
350
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   694
- rebased patches
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   695
344
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   696
-------------------------------------------------------------------
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   697
Thu Oct 20 12:34:47 UTC 2011 - wr@rosenauer.org
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   698
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   699
- enable telemetry prompt
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   700
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   701
-------------------------------------------------------------------
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   702
Fri Sep 30 10:52:36 UTC 2011 - wr@rosenauer.org
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   703
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   704
- update to minor release 7.0.1
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   705
  * fixed staged addon updates
339
db8b891eeb1e locale should always match the system one in a package environment
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 337
diff changeset
   706
- set intl.locale.matchOS=true in the base package as it causes
db8b891eeb1e locale should always match the system one in a package environment
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 337
diff changeset
   707
  too much confusion when it's only available with branding-openSUSE
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   708
334
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   709
-------------------------------------------------------------------
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   710
Fri Sep 23 11:22:22 UTC 2011 - wr@rosenauer.org
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   711
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   712
- update to Firefox 7 (bnc#720264)
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   713
  including
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   714
  * Improve Responsiveness with Memory Reductions
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   715
  * Instant Sync
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   716
  * WebSocket protocol 8
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   717
  * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   718
    Miscellaneous memory safety hazards
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   719
  * MFSA 2011-39/CVE-2011-3000 (bmo#655389)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   720
    Defense against multiple Location headers due to CRLF Injection
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   721
  * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   722
    Code installation through holding down Enter
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   723
  * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   724
    Potentially exploitable WebGL crashes
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   725
  * MFSA 2011-42/CVE-2011-3232 (bmo#653672)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   726
    Potentially exploitable crash in the YARR regular expression
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   727
    library
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   728
  * MFSA 2011-43/CVE-2011-3004 (bmo#653926)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   729
    loadSubScript unwraps XPCNativeWrapper scope parameter
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   730
  * MFSA 2011-44/CVE-2011-3005 (bmo#675747)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   731
    Use after free reading OGG headers
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   732
  * MFSA 2011-45
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   733
    Inferring keystrokes from motion data
334
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   734
- removed obsolete mozilla-cairo-lcd.patch
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   735
- rebased patches
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   736
- removed XLIB_SKIP_ARGB_VISUALS=1 from environment in
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   737
  mozilla.sh.in (bnc#680758)
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   738
327
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   739
-------------------------------------------------------------------
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   740
Fri Sep 16 06:57:38 UTC 2011 - wr@rosenauer.org
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   741
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   742
- fixed loading of kde.js under KDE (bnc#718311)
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   743
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   744
-------------------------------------------------------------------
316
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   745
Wed Sep 14 07:02:04 UTC 2011 - wr@rosenauer.org
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   746
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   747
- add dbus-1-glib-devel to BuildRequires (not pulled in
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   748
  automatically anymore on 12.1)
316
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   749
- increase minversions for NSPR and NSS
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   750
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   751
-------------------------------------------------------------------
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   752
Fri Sep  9 20:44:15 UTC 2011 - wr@rosenauer.org
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   753
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   754
- recreated source archive to get correct source-stamp.txt
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   755
311
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   756
-------------------------------------------------------------------
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   757
Wed Sep  7 14:30:34 UTC 2011 - pcerny@suse.com
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   758
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   759
- security update to 6.0.2 (bnc#714931)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   760
  * Complete blocking of certificates issued by DigiNotar
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   761
    (bmo#683449)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   762
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   763
-------------------------------------------------------------------
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   764
Fri Sep  2 14:40:07 UTC 2011 - pcerny@suse.com
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   765
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   766
- security update to 6.0.1 (bnc#714931)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   767
  * MFSA 2011-34
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   768
    Protection against fraudulent DigiNotar certificates
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   769
    (bmo#682927)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   770
306
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   771
-------------------------------------------------------------------
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   772
Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   773
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   774
- update to 6.0 (bnc#712224)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   775
  included security fixes MFSA 2011-29
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   776
  * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   777
    Miscellaneous memory safety hazards
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   778
  * CVE-2011-2993 (bmo#657267)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   779
    Unsigned scripts can call script inside signed JAR
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   780
  * CVE-2011-2988 (bmo#665934)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   781
    Heap overflow in ANGLE library
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   782
  * CVE-2011-0084 (bmo#648094)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   783
    Crash in SVGTextElement.getCharNumAtPosition()
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   784
  * CVE-2011-2990
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   785
    Credential leakage using Content Security Policy reports
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   786
  * CVE-2011-2986 (bmo#655836)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   787
    Cross-origin data theft using canvas and Windows D2D
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   788
- removed obsolete curl header dependency (mozilla-curl.patch)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   789
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   790
-------------------------------------------------------------------
292
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   791
Fri Jul 22 13:34:12 UTC 2011 - wr@rosenauer.org
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   792
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   793
- update to 6.0b3
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   794
  * removed obsolete patches
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   795
    - firefox-shellservice.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   796
    - mozilla-gio.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   797
    - mozilla-ppc-ipc.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   798
    - firefox-linkorder.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   799
    - firefox-no-sync-l10n.patch
293
3fd4e37e5e52 fix symbolstore.py for linux3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 292
diff changeset
   800
- recognize linux3 as platform for symbolstore.py
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   801
288
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   802
-------------------------------------------------------------------
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   803
Fri Jul  1 19:53:18 CEST 2011 - vuntz@opensuse.org
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   804
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   805
- Add x-scheme-handler/ftp to the MimeType key in the .desktop, to
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   806
  let desktops know that Firefox can deal with ftp: URIs.
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   807
286
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   808
-------------------------------------------------------------------
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   809
Fri Jul  1 06:45:08 UTC 2011 - wr@rosenauer.org
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   810
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   811
- create upstream branding package again (supposedly empty)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   812
  (bnc#703401)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   813
- fix build on SLE11 (changes do not affect/are not applied for
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   814
  later versions)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   815
283
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   816
-------------------------------------------------------------------
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   817
Wed Jun 22 06:41:17 UTC 2011 - wr@rosenauer.org
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   818
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   819
- enable startup notification (bnc#701465)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   820
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   821
-------------------------------------------------------------------
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   822
Mon Jun 20 19:37:01 UTC 2011 - wr@rosenauer.org
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   823
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   824
- update to 5.0 final
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   825
- included fixes for security issues: (bnc#701296, bnc#700578)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   826
  * MFSA 2011-19/CVE-2011-2374 CVE-2011-2375
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   827
    Miscellaneous memory safety hazards
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   828
  * MFSA 2011-20/CVE-2011-2373 (bmo#617247)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   829
    Use-after-free vulnerability when viewing XUL document with
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   830
    script disabled
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   831
  * MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   832
    Memory corruption due to multipart/x-mixed-replace images
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   833
  * MFSA 2011-22/CVE-2011-2371 (bmo#664009)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   834
    Integer overflow and arbitrary code execution in
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   835
    Array.reduceRight()
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   836
  * MFSA 2011-25/CVE-2011-2366
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   837
    Stealing of cross-domain images using WebGL textures
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   838
  * MFSA 2011-26/CVE-2011-2367 CVE-2011-2368
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   839
    Multiple WebGL crashes
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   840
  * MFSA 2011-27/CVE-2011-2369 (bmo#650001)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   841
    XSS encoding hazard with inline SVG
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   842
  * MFSA 2011-28/CVE-2011-2370 (bmo#645699)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   843
    Non-whitelisted site can trigger xpinstall
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   844
279
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   845
-------------------------------------------------------------------
282
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   846
Mon Jun 20 09:17:42 UTC 2011 - wr@rosenauer.org
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   847
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   848
- update to 5.0b7
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   849
  * updated supported locales
282
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   850
- do not build dump_syms static (not needed for us)
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   851
  -> fix build for openSUSE 12.1 and above
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   852
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   853
-------------------------------------------------------------------
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   854
Wed Jun 15 14:59:32 UTC 2011 - wr@rosenauer.org
279
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   855
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   856
- update to 5.0b6
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   857
- include proper revision information into the build
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   858
- speedier find-external-requires.sh
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   859
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   860
-------------------------------------------------------------------
277
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   861
Tue May 31 06:53:55 UTC 2011 - wr@rosenauer.org
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   862
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   863
- update to 5.0b3
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   864
- transformed to standalone Firefox (not xulrunner based)
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   865
  (with new Firefox rapid release cycle it makes no sense anymore)
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   866
  * imported all relevant xulrunner patches
277
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   867
- do not compile in build timestamp
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   868
252
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   869
-------------------------------------------------------------------
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   870
Fri Apr 15 07:08:53 UTC 2011 - wr@rosenauer.org
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   871
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   872
- security update to 4.0.1 (bnc#689281)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   873
  * MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0079
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   874
    CVE-2011-0080 CVE-2011-0081
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   875
    Miscellaneous memory safety hazards
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   876
  * MFSA 2011-17/CVE-2011-0068 (bmo#623791)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   877
    WebGLES vulnerabilities
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   878
  * MFSA 2011-18/CVE-2011-1202 (bmo#640339)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   879
    XSLT generate-id() function heap address leak
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   880
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   881
-------------------------------------------------------------------
252
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   882
Wed Mar 30 11:24:36 UTC 2011 - wr@rosenauer.org
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   883
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   884
- add all available icon sizes
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   885
247
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   886
-------------------------------------------------------------------
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   887
Tue Mar 29 11:55:53 UTC 2011 - cfarrell@novell.com
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   888
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   889
- license update: MPLv1.1 or GPLv2+ or LGPLv2+
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   890
  Sync licenses with Fedora. MPL does not state ^or later^
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   891
236
a4f5954df3a3 update for 2.0/4.0rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 230
diff changeset
   892
-------------------------------------------------------------------
239
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   893
Fri Mar 18 08:49:15 UTC 2011 - wr@rosenauer.org
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   894
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   895
- update to version 4.0rc2
238
d537c4a65693 fixed rpm macros (bnc#679950)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 236
diff changeset
   896
- fixed rpm macros delivered with devel package (bnc#679950)
236
a4f5954df3a3 update for 2.0/4.0rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 230
diff changeset
   897
230
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   898
-------------------------------------------------------------------
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   899
Wed Feb 23 07:52:04 UTC 2011 - wr@rosenauer.org
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   900
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   901
- update to version 4.0b12
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   902
- rebased patches
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   903
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   904
-------------------------------------------------------------------
229
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   905
Fri Feb  4 09:32:50 UTC 2011 - wr@rosenauer.org
226
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   906
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   907
- update to version 4.0b11
229
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   908
  * loads of bugfixes compared to last beta
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   909
  * added "Do Not Track" option
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   910
- rebased patches
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   911
- disable testpilot
226
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   912
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   913
-------------------------------------------------------------------
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   914
Fri Jan 28 08:56:12 UTC 2011 - wr@rosenauer.org
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   915
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   916
- set correct desktop file name within KDE for 11.4 and up
225
5a7504b93699 Provide devel package with helper script and rpm macros for easier addon packaging. (patch submitted from Ludwig Nussel)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 223
diff changeset
   917
- add devel package with macros for extensions (from lnussel@suse.de)
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   918
221
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   919
-------------------------------------------------------------------
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   920
Sat Jan 22 22:21:52 UTC 2011 - wr@rosenauer.org
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   921
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   922
- update to version 4.0b10
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   923
- removed obsolete firefox-shell-bmo624267.patch
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   924
- testpilot moved to distribution/extensions
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   925
- updated locale provides and removed bn-IN from locales
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   926
210
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   927
-------------------------------------------------------------------
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   928
Tue Jan 11 06:13:40 UTC 2011 - wr@rosenauer.org
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   929
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   930
- update to version 4.0b9
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   931
- added x-scheme-handler for http and https to desktop file for
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   932
  newer Gnome environments
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   933
- fixed default browser check/set for GIO (bmo#611953)
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   934
  (mozilla-shellservice.patch)
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   935
- removed obsolete firefox-appname.patch (integrated into
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   936
  shellservice patch)
217
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   937
- renamed desktop file to firefox.desktop for 11.4 and newer
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   938
  (bnc#664211)
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   939
- removed support for 10.3 and older from the spec file
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   940
- removed obsolete "Ximian" categories from desktop file
210
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   941
207
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   942
-------------------------------------------------------------------
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   943
Mon Jan  3 17:35:46 CET 2011 - meissner@suse.de
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   944
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   945
- Mirror ac_add_options --disable-ipc from xulrunner for PowerPC.
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   946
203
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   947
-------------------------------------------------------------------
206
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   948
Wed Dec 15 07:49:45 UTC 2010 - wr@rosenauer.org
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   949
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   950
- update to version 4.0beta8
203
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   951
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   952
-------------------------------------------------------------------
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   953
Tue Nov 30 14:19:59 UTC 2010 - wr@rosenauer.org
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   954
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   955
- major update to version 4.0beta7
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   956
  * based on mozilla-xulrunner20
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   957
  * far too many internal changes to list
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   958
195
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   959
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   960
Wed Oct 27 07:12:14 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   961
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   962
- security update to 3.6.12 (bnc#649492)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   963
  * MFSA 2010-73/CVE-2010-3765 (bmo#607222)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   964
    Heap buffer overflow mixing document.write and DOM insertion
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   965
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   966
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   967
Wed Oct  6 07:13:52 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   968
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   969
- security update to 3.6.11 (bnc#645315)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   970
  * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   971
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   972
  * MFSA 2010-65/CVE-2010-3179 (bmo#583077)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   973
    Buffer overflow and memory corruption using document.write
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   974
  * MFSA 2010-66/CVE-2010-3180 (bmo#588929)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   975
    Use-after-free error in nsBarProp
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   976
  * MFSA 2010-67/CVE-2010-3183 (bmo#598669)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   977
    Dangling pointer vulnerability in LookupGetterOrSetter
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   978
  * MFSA 2010-68/CVE-2010-3177 (bmo#556734)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   979
    XSS in gopher parser when parsing hrefs
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   980
  * MFSA 2010-69/CVE-2010-3178 (bmo#576616)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   981
    Cross-site information disclosure via modal calls
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   982
  * MFSA 2010-70/CVE-2010-3170 (bmo#578697)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   983
    SSL wildcard certificate matching IP addresses
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   984
  * MFSA 2010-71/CVE-2010-3182 (bmo#590753)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   985
    Unsafe library loading vulnerabilities
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   986
  * MFSA 2010-72/CVE-2010-3173
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   987
    Insecure Diffie-Hellman key exchange
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   988
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   989
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   990
Wed Sep 15 07:39:22 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   991
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   992
- update to 3.6.10
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   993
  * fixing startup topcrash (bmo#594699)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   994
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   995
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   996
Thu Aug 26 07:40:28 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   997
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   998
- security update to 3.6.9 (bnc#637303)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   999
  * MFSA 2010-49/CVE-2010-3169
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1000
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1001
  * MFSA 2010-50/CVE-2010-2765 (bmo#576447)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1002
    Frameset integer overflow vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1003
  * MFSA 2010-51/CVE-2010-2767 (bmo#584512)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1004
    Dangling pointer vulnerability using DOM plugin array
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1005
  * MFSA 2010-53/CVE-2010-3166 (bmo#579655)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1006
    Heap buffer overflow in nsTextFrameUtils::TransformText
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1007
  * MFSA 2010-54/CVE-2010-2760 (bmo#585815)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1008
    Dangling pointer vulnerability in nsTreeSelection
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1009
  * MFSA 2010-55/CVE-2010-3168 (bmo#576075)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1010
    XUL tree removal crash and remote code execution
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1011
  * MFSA 2010-56/CVE-2010-3167 (bmo#576070)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1012
    Dangling pointer vulnerability in nsTreeContentView
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1013
  * MFSA 2010-57/CVE-2010-2766 (bmo#580445)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1014
    Crash and remote code execution in normalizeDocument
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1015
  * MFSA 2010-59/CVE-2010-2762 (bmo#584180)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1016
    SJOW creates scope chains ending in outer object
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1017
  * MFSA 2010-61/CVE-2010-2768 (bmo#579744)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1018
    UTF-7 XSS by overriding document charset using <object> type
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1019
    attribute
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1020
  * MFSA 2010-62/CVE-2010-2769 (bmo#520189)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1021
    Copy-and-paste or drag-and-drop into designMode document allows
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1022
    XSS
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1023
  * MFSA 2010-63/CVE-2010-2764 (bmo#552090)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1024
    Information leak via XMLHttpRequest statusText
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1025
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1026
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1027
Wed Jul 28 08:33:14 CEST 2010 - meissner@suse.de
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1028
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1029
- disable crash reporter for non x86/x86_64 to make it build.
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1030
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1031
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1032
Sat Jul 24 12:42:58 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1033
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1034
- security update to 3.6.8 (bnc#622506)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1035
  * MFSA 2010-48/CVE-2010-2755 (bmo#575836)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1036
    Dangling pointer crash regression from plugin parameter array
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1037
    fix
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1038
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1039
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1040
Fri Jul 16 06:48:44 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1041
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1042
- security update to 3.6.7 (bnc#622506)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1043
  * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1044
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1045
  * MFSA 2010-35/CVE-2010-1208 (bmo#572986)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1046
    DOM attribute cloning remote code execution vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1047
  * MFSA 2010-36/CVE-2010-1209 (bmo#552110)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1048
    Use-after-free error in NodeIterator
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1049
  * MFSA 2010-37/CVE-2010-1214 (bmo#572985)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1050
    Plugin parameter EnsureCachedAttrParamArrays remote code
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1051
    execution vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1052
  * MFSA 2010-38/CVE-2010-1215 (bmo#567069)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1053
    Arbitrary code execution using SJOW and fast native function
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1054
  * MFSA 2010-39/CVE-2010-2752 (bmo#574059)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1055
    nsCSSValue::Array index integer overflow
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1056
  * MFSA 2010-40/CVE-2010-2753 (bmo#571106)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1057
    nsTreeSelection dangling pointer remote code execution
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1058
    vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1059
  * MFSA 2010-41/CVE-2010-1205 (bmo#570451)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1060
    Remote code execution using malformed PNG image
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1061
  * MFSA 2010-42/CVE-2010-1213 (bmo#568148)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1062
    Cross-origin data disclosure via Web Workers and importScripts
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1063
  * MFSA 2010-43/CVE-2010-1207 (bmo#571287)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1064
    Same-origin bypass using canvas context
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1065
  * MFSA 2010-44/CVE-2010-1210 (bmo#564679)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1066
    Characters mapped to U+FFFD in 8 bit encodings cause subsequent
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1067
    character to vanish
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1068
  * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1069
    Multiple location bar spoofing vulnerabilities
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1070
  * MFSA 2010-46/CVE-2010-0654 (bmo#524223)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1071
    Cross-domain data theft using CSS
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1072
  * MFSA 2010-47/CVE-2010-2754 (bmo#568564)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1073
    Cross-origin data leakage from script filename in error messages
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1074
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1075
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1076
Sun Jun 27 20:24:31 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1077
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1078
- update to 3.6.6 release
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1079
  * modifies the crash protection feature to increase the amount 
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1080
    of time that plugins are allowed to be non-responsive before 
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1081
    being terminated.
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1082
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1083
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1084
Wed Jun 23 14:40:35 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
  1085
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset