MozillaFirefox/firefox-esr.changes
author Wolfgang Rosenauer <wr@rosenauer.org>
Mon, 24 Jun 2013 12:09:20 +0200
branchesr17
changeset 655 f812ab6b56ac
parent 652 c3618c6a868d
child 665 efc8a8a62a09
permissions -rw-r--r--
17.0.7
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
539
b1134fe91f9a merge latest changes from firefox16
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 536
diff changeset
     1
-------------------------------------------------------------------
655
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 652
diff changeset
     2
Wed Jun 19 21:05:21 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 652
diff changeset
     3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 652
diff changeset
     4
- update to Firefox 17.0.7esr (bnc#)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 652
diff changeset
     5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 652
diff changeset
     6
-------------------------------------------------------------------
652
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
     7
Fri May 10 11:44:50 UTC 2013 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
     8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
     9
- update to Firefox 17.0.6esr (bnc#819204)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    10
  * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    11
    Miscellaneous memory safety hazards
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    12
  * MFSA 2013-42/CVE-2013-1670 (bmo#853709)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    13
    Privileged access for content level constructor
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    14
  * MFSA 2013-46/CVE-2013-1674 (bmo#860971)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    15
    Use-after-free with video and onresize event
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    16
  * MFSA 2013-47/CVE-2013-1675 (bmo#866825)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    17
    Uninitialized functions in DOMSVGZoomEvent
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    18
  * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    19
    CVE-2013-1679/CVE-2013-1680/CVE-2013-1681
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    20
    Memory corruption found using Address Sanitizer
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    21
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 638
diff changeset
    22
-------------------------------------------------------------------
638
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    23
Fri Mar 29 16:24:43 UTC 2013 - wr@rosenauer.org
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    24
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    25
- update to Firefox 17.0.5esr (bnc#813026)
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    26
  * requires NSPR 4.9.5 and NSS 3.14.3
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    27
  * MFSA 2013-30/CVE-2013-0788
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    28
    Miscellaneous memory safety hazards
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    29
  * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    30
    Out-of-bounds write in Cairo library
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    31
  * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    32
    WebGL crash with Mesa graphics driver on Linux
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    33
  * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    34
    Bypass of SOW protections allows cloning of protected nodes
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    35
  * MFSA 2013-37/CVE-2013-0794 (bmo#626775)
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    36
    Bypass of tab-modal dialog origin disclosure
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    37
  * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    38
    Cross-site scripting (XSS) using timed history navigations
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    39
3a72bcb470fb 17.0.5esr update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 632
diff changeset
    40
-------------------------------------------------------------------
632
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    41
Fri Mar  8 08:36:26 UTC 2013 - wr@rosenauer.org
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    42
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    43
- update to Firefox 17.0.4 (bnc#808243)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    44
  * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    45
    Use-after-free in HTML Editor
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    46
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    47
-------------------------------------------------------------------
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    48
Sat Feb 16 17:16:35 UTC 2013 - wr@rosenauer.org
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    49
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    50
- update to Firefox 17.0.3esr (bnc#804248)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    51
  * MFSA 2013-21/CVE-2013-0783
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    52
    Miscellaneous memory safety hazards
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    53
  * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    54
    Web content bypass of COW and SOW security wrappers
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    55
  * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    56
    Privacy leak in JavaScript Workers
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    57
  * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    58
    Use-after-free in nsImageLoadingContent
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    59
  * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    60
    Phishing on HTTPS connection through malicious proxy
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    61
  * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    62
    Use-after-free, out of bounds read, and buffer overflow issues
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    63
    found using Address Sanitizer
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    64
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    65
-------------------------------------------------------------------
598
92044e416d59 17.0.2esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 593
diff changeset
    66
Sat Jan  5 14:42:07 UTC 2013 - wr@rosenauer.org
92044e416d59 17.0.2esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 593
diff changeset
    67
92044e416d59 17.0.2esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 593
diff changeset
    68
- update to Firefox 17.0.2esr (bnc#796895)
632
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    69
  * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    70
    Miscellaneous memory safety hazards
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    71
  * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    72
    CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    73
    Use-after-free and buffer overflow issues found using Address Sanitizer
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    74
  * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    75
    Buffer Overflow in Canvas
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    76
  * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    77
    URL spoofing in addressbar during page loads
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    78
  * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    79
    Use-after-free when displaying table with many columns and column groups
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    80
  * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    81
    Crash due to handling of SSL on threads
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    82
  * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    83
    AutoWrapperChanger fails to keep objects alive during garbage collection
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    84
  * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    85
    Compartment mismatch with quickstubs returned values
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    86
  * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    87
    Event manipulation in plugin handler to bypass same-origin policy
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    88
  * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    89
    Address space layout leaked in XBL objects
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    90
  * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    91
    Buffer overflow in Javascript string concatenation
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    92
  * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    93
    Memory corruption in XBL with XML bindings containing SVG
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    94
  * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    95
    Chrome Object Wrapper (COW) bypass through changing prototype
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    96
  * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    97
    Privilege escalation through plugin objects
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    98
  * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
    99
    Use-after-free in serializeToStream
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
   100
  * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
   101
    Use-after-free in ListenerManager
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
   102
  * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
   103
    Use-after-free in Vibrate
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
   104
  * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
   105
    Use-after-free in Javascript Proxy objects
b83636a26466 update to 17.0.4
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 598
diff changeset
   106
- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
598
92044e416d59 17.0.2esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 593
diff changeset
   107
92044e416d59 17.0.2esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 593
diff changeset
   108
-------------------------------------------------------------------
593
0bf9876985d9 17.0.1esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 590
diff changeset
   109
Thu Nov 29 20:13:39 UTC 2012 - wr@rosenauer.org
0bf9876985d9 17.0.1esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 590
diff changeset
   110
598
92044e416d59 17.0.2esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 593
diff changeset
   111
- update to Firefox 17.0.1esr
593
0bf9876985d9 17.0.1esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 590
diff changeset
   112
  * revert some useragent changes introduced in 17.0
0bf9876985d9 17.0.1esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 590
diff changeset
   113
  * leaving private browsing with social enabled doesn't reset all
0bf9876985d9 17.0.1esr
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 590
diff changeset
   114
    social components (bmo#815042)
590
882053767ede fix KDE filedialogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 582
diff changeset
   115
- fix KDE integration for file dialogs
882053767ede fix KDE filedialogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 582
diff changeset
   116
882053767ede fix KDE filedialogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 582
diff changeset
   117
-------------------------------------------------------------------
582
185659cb030f create esr17 branch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 581
diff changeset
   118
Wed Nov 21 10:34:54 UTC 2012 - wr@rosenauer.org
185659cb030f create esr17 branch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 581
diff changeset
   119
185659cb030f create esr17 branch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 581
diff changeset
   120
- rebrand package to firefox-esr
185659cb030f create esr17 branch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 581
diff changeset
   121
185659cb030f create esr17 branch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 581
diff changeset
   122
-------------------------------------------------------------------
576
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   123
Tue Nov 20 19:52:02 UTC 2012 - wr@rosenauer.org
574
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   124
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   125
- update to Firefox 17.0 (bnc#790140)
576
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   126
  * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   127
    Miscellaneous memory safety hazards
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   128
  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   129
    Buffer overflow while rendering GIF images
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   130
  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   131
    evalInSanbox location context incorrectly applied
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   132
  * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   133
    Crash when combining SVG text on path with CSS
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   134
  * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   135
    Javascript: URLs run in privileged context on New Tab page
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   136
  * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   137
    Memory corruption in str_unescape
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   138
  * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   139
    XMLHttpRequest inherits incorrect principal within sandbox
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   140
  * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   141
    XrayWrappers exposes chrome-only properties when not in chrome
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   142
    compartment
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   143
  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   144
    Improper security filtering for cross-origin wrappers
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   145
  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   146
    Improper character decoding in HZ-GB-2312 charset
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   147
  * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   148
    Script entered into Developer Toolbar runs with chrome privileges
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   149
  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   150
    Frames can shadow top.location
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   151
  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   152
    CSS and HTML injection through Style Inspector
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   153
  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   154
    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   155
    CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   156
    Use-after-free and buffer overflow issues found using Address
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   157
    Sanitizer
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   158
  * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   159
    Use-after-free, buffer overflow, and memory corruption issues
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   160
    found using Address Sanitizer
564
9852e10fdf9b bump to 17.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 562
diff changeset
   161
- rebased patches
574
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   162
- disabled WebRTC since build is broken (bmo#776877)
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   163
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   164
-------------------------------------------------------------------
576
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   165
Tue Nov 20 15:42:55 UTC 2012 - pcerny@suse.com
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   166
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   167
- build on SLE11
578
24b1b4bbe9d4 fixing specfile and a bit more context for changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 576
diff changeset
   168
  * mozilla-gcc43-enums.patch
24b1b4bbe9d4 fixing specfile and a bit more context for changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 576
diff changeset
   169
  * mozilla-gcc43-template_hacks.patch
24b1b4bbe9d4 fixing specfile and a bit more context for changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 576
diff changeset
   170
  * mozilla-gcc43-templates_instantiation.patch
576
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   171
862df7280e53 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 574
diff changeset
   172
-------------------------------------------------------------------
574
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   173
Wed Oct 24 08:27:29 UTC 2012 - wr@rosenauer.org
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   174
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   175
- update to Firefox 16.0.2 (bnc#786522)
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   176
  * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   177
    (bmo#800666, bmo#793121, bmo#802557)
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   178
    Fixes for Location object issues
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   179
- bring back Obsoletes for libproxy's mozjs plugin for distributions
3f9d8370653d 17.0 final release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 564
diff changeset
   180
  before 12.2 to avoid crashes
539
b1134fe91f9a merge latest changes from firefox16
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 536
diff changeset
   181
414
88a71e903038 update to 12.0b2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 410
diff changeset
   182
-------------------------------------------------------------------
562
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   183
Thu Oct 11 01:51:16 UTC 2012 - wr@rosenauer.org
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   184
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   185
- update to Firefox 16.0.1 (bnc#783533)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   186
  * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   187
    Miscellaneous memory safety hazards
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   188
  * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   189
    defaultValue security checks not applied
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   190
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   191
-------------------------------------------------------------------
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   192
Sun Oct  7 21:40:14 UTC 2012 - wr@rosenauer.org
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   193
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   194
- update to Firefox 16.0 (bnc#783533)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   195
  * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   196
    Miscellaneous memory safety hazards
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   197
  * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   198
    select element persistance allows for attacks
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   199
  * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   200
    Continued access to initial origin after setting document.domain
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   201
  * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   202
    Some DOMWindowUtils methods bypass security checks
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   203
  * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   204
    DOS and crash with full screen and history navigation
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   205
  * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   206
    Crash with invalid cast when using instanceof operator
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   207
  * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   208
    GetProperty function can bypass security checks
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   209
  * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   210
    top object and location property accessible by plugins
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   211
  * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   212
    Chrome Object Wrapper (COW) does not disallow acces to privileged
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   213
    functions or properties
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   214
  * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   215
    Spoofing and script injection through location.hash
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   216
  * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   217
    CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   218
    Use-after-free, buffer overflow, and out of bounds read issues
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   219
    found using Address Sanitizer
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   220
  * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   221
    CVE-2012-4188
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   222
    Heap memory corruption issues found using Address Sanitizer
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   223
  * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   224
    Use-after-free in the IME State Manager
533
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   225
- requires NSPR 4.9.2
529
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   226
- improve GStreamer integration (bmo#760140)
533
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   227
- removed upstreamed mozilla-crashreporter-restart-args.patch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   228
- webapprt now included
536
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 533
diff changeset
   229
- use kmozillahelper's new REVEAL command (bnc#777415)
538
be682f8c9361 revert API version change for kmozillahelper
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 536
diff changeset
   230
  (requires mozilla-kde4-integration >= 0.6.4)
562
9069817b5cac Firefox 17.0b1 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 547
diff changeset
   231
- updated translations-other with new languages
529
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   232
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   233
-------------------------------------------------------------------
541
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   234
Mon Sep 10 19:37:56 UTC 2012 - wr@rosenauer.org
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   235
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   236
- update to Firefox 15.0.1 (bnc#779936)
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   237
  * Sites visited while in Private Browsing mode could be found
547
65364282c9bc Aurora 20121003
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 543
diff changeset
   238
    through manual browser cache inspection (bmo#787743)
541
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   239
830e50bbfc79 working Aurora 17.0 build
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 540
diff changeset
   240
-------------------------------------------------------------------
533
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   241
Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   242
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   243
- update to Firefox 15.0 (bnc#777588)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   244
  * MFSA 2012-57/CVE-2012-1970
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   245
    Miscellaneous memory safety hazards
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   246
  * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   247
    CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   248
    CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   249
    Use-after-free issues found using Address Sanitizer
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   250
  * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   251
    Location object can be shadowed using Object.defineProperty
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   252
  * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   253
    Escalation of privilege through about:newtab
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   254
  * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   255
    Memory corruption with bitmap format images with negative height
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   256
  * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   257
    WebGL use-after-free and memory corruption
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   258
  * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   259
    SVG buffer overflow and use-after-free issues
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   260
  * MFSA 2012-64/CVE-2012-3971
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   261
    Graphite 2 memory corruption
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   262
  * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   263
    Out-of-bounds read in format-number in XSLT
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   264
  * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   265
    HTTPMonitor extension allows for remote debugging without explicit
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   266
    activation
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   267
  * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   268
    DOMParser loads linked resources in extensions when parsing
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   269
    text/html
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   270
  * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   271
    Incorrect site SSL certificate data display
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   272
  * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   273
    Location object security checks bypassed by chrome code
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   274
  * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 529
diff changeset
   275
    Web console eval capable of executing chrome-privileged code
471
73b631ab214b adding fixes to spec file and changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 463
diff changeset
   276
- fix HTML5 video crash with GStreamer enabled (bmo#761030)
513
7a651f368dd8 changelog update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 500
diff changeset
   277
- GStreamer is only used for MP4 (no WebM, OGG)
491
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   278
- updated filelist
529
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   279
- moved browser specific preferences to correct location
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   280
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   281
-------------------------------------------------------------------
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   282
Sun Jul 29 08:34:39 UTC 2012 - aj@suse.de
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   283
4812378b5646 import GStreamer improvement from bmo#760140 (support mpeg audio)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 513
diff changeset
   284
- Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16)
491
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   285
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   286
-------------------------------------------------------------------
500
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   287
Sat Jul 14 19:31:51 UTC 2012 - wr@rosenauer.org
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   288
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   289
- update to 14.0.1 (bnc#771583)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   290
  * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   291
    Miscellaneous memory safety hazards
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   292
  * MFSA 2012-43/CVE-2012-1950
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   293
    Incorrect URL displayed in addressbar through drag and drop
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   294
  * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   295
    Gecko memory corruption
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   296
  * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   297
    Spoofing issue with location
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   298
  * MFSA 2012-46/CVE-2012-1966 (bmo#734076)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   299
    XSS through data: URLs
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   300
  * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   301
    Improper filtering of javascript in HTML feed-view
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   302
  * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   303
    use-after-free in nsGlobalWindow::PageHidden
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   304
  * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   305
    Same-compartment Security Wrappers can be bypassed
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   306
  * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   307
    Out of bounds read in QCMS
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   308
  * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   309
    X-Frame-Options header ignored when duplicated
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   310
  * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   311
    JSDependentString::undepend string conversion results in memory
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   312
    corruption
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   313
  * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   314
    Content Security Policy 1.0 implementation errors cause data
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   315
    leakage
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   316
  * MFSA 2012-55/CVE-2012-1965 (bmo#758990)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   317
    feed: URLs with an innerURI inherit security context of page
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   318
  * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   319
    Code execution through javascript: URLs
491
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   320
- license change from tri license to MPL-2.0
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   321
- fix crashreporter restart option (bmo#762780)
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   322
- require NSS 3.13.5
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   323
- remove mozjs pacrunner obsoletes again for now
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   324
- adopted mozilla-prefer_plugin_pref.patch
500
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   325
- PPC fixes:
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   326
  * reenabled mozilla-yarr-pcre.patch to fix build for PPC
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   327
  * add patches for bmo#750620 and bmo#746112
c2c5bb5248b0 changelogs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 491
diff changeset
   328
  * fix xpcshell segfault on ppc
491
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   329
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   330
-------------------------------------------------------------------
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   331
Fri Jun 15 12:37:09 UTC 2012 - wr@rosenauer.org
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   332
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   333
- update to Firefox 13.0.1
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   334
  * bugfix release
43deb5e6462d snapshot 20120625
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 471
diff changeset
   335
- obsolete libproxy's mozjs pacrunner (bnc#759123)
457
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   336
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   337
-------------------------------------------------------------------
462
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   338
Sat Jun  2 08:22:51 UTC 2012 - wr@rosenauer.org
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   339
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   340
- update to Firefox 13.0 (bnc#765204)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   341
  * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   342
    Miscellaneous memory safety hazards
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   343
  * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   344
    Content Security Policy inline-script bypass
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   345
  * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   346
    Information disclosure though Windows file shares and shortcut
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   347
    files
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   348
  * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   349
    Use-after-free while replacing/inserting a node in a document
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   350
  * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   351
    Buffer overflow and use-after-free issues found using Address
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   352
    Sanitizer
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   353
- require NSS 3.13.4
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   354
  * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   355
- fix sound notifications when filename/path contains a whitespace
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   356
  (bmo#749739)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   357
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   358
-------------------------------------------------------------------
457
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   359
Wed May 23 14:40:16 UTC 2012 - adrian@suse.de
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   360
0c2249d015b6 fixed ARM build
Adrian Schr?ter <adrian@suse.de>
parents: 447
diff changeset
   361
- fix build on arm
435
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   362
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   363
-------------------------------------------------------------------
462
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   364
Wed May 16 05:34:01 UTC 2012 - wr@rosenauer.org
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   365
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   366
- reenabled crashreporter for Factory/12.2
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   367
  (fix in mozilla-gcc47.patch)
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   368
2d86bdb4277f 14.0b6 (Aurora->Beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 457
diff changeset
   369
-------------------------------------------------------------------
435
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   370
Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   371
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   372
- update to Firefox 12.0 (bnc#758408)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   373
  * rebased patches
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   374
  * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   375
    Miscellaneous memory safety hazards
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   376
  * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   377
    use-after-free in IDBKeyRange
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   378
  * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   379
    Invalid frees causes heap corruption in gfxImageSurface
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   380
  * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   381
    Potential XSS via multibyte content processing errors
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   382
  * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   383
    Potential memory corruption during font rendering using cairo-dwrite
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   384
  * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   385
    WebGL.drawElements may read illegal video memory due to
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   386
    FindMaxUshortElement error
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   387
  * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   388
    Page load short-circuit can lead to XSS
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   389
  * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   390
    Ambiguous IPv6 in Origin headers may bypass webserver access
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   391
    restrictions
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   392
  * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   393
    Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   394
  * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   395
    Crash with WebGL content using textImage2D
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   396
  * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   397
    Off-by-one error in OpenType Sanitizer
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   398
  * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   399
    HTTP Redirections and remote content can be read by javascript errors
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   400
  * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   401
    Potential site identity spoofing when loading RSS and Atom feeds
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   402
- added mozilla-libnotify.patch to allow fallback from libnotify
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   403
  to xul based events if no notification-daemon is running
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   404
- gcc 4.7 fixes
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   405
  * mozilla-gcc47.patch
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   406
  * disabled crashreporter temporarily for Factory
df9c4a6e84f8 update version/tree information for Aurora 14 cycle
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 423
diff changeset
   407
- recommend libcanberra0 for proper sound notifications
414
88a71e903038 update to 12.0b2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 410
diff changeset
   408
407
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 404
diff changeset
   409
-------------------------------------------------------------------
408
475395d00191 Firefox 11 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 407
diff changeset
   410
Fri Mar  9 21:47:07 UTC 2012 - wr@rosenauer.org
475395d00191 Firefox 11 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 407
diff changeset
   411
475395d00191 Firefox 11 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 407
diff changeset
   412
- update to Firefox 11.0 (bnc#750044)
410
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   413
  * MFSA 2012-13/CVE-2012-0455 (bmo#704354)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   414
    XSS with Drag and Drop and Javascript: URL
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   415
  * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   416
    SVG issues found with Address Sanitizer
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   417
  * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   418
    XSS with multiple Content Security Policy headers
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   419
  * MFSA 2012-16/CVE-2012-0458
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   420
    Escalation of privilege with Javascript: URL as home page
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   421
  * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   422
    Crash when accessing keyframe cssText after dynamic modification
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   423
  * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   424
    window.fullScreen writeable by untrusted content
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   425
  * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   426
    CVE-2012-0463
0af1b0003b9f working 12.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 408
diff changeset
   427
    Miscellaneous memory safety hazards
407
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 404
diff changeset
   428
- ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 404
diff changeset
   429
- explicitely build-require X libs
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 404
diff changeset
   430
404
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   431
-------------------------------------------------------------------
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   432
Mon Mar  5 13:31:48 UTC 2012 - vdziewiecki@suse.com
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   433
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   434
- add Provides: browser(npapi) FATE#313084
5f3bccaf6d52 provide browser(npapi)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 401
diff changeset
   435
398
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   436
-------------------------------------------------------------------
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   437
Fri Feb 17 17:41:11 UTC 2012 - pcerny@suse.com
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   438
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   439
- better plugin directory resolution (bnc#747320)
937669e1c537 ported and reenabled KDE integration (bnc#746591)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 387
diff changeset
   440
386
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   441
-------------------------------------------------------------------
387
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   442
Thu Feb 16 08:47:31 UTC 2012 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   443
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   444
- update to Firefox 10.0.2 (bnc#747328)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   445
  * CVE-2011-3026 (bmo#727401)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 386
diff changeset
   446
    libpng: integer overflow leading to heap-buffer overflow
386
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   447
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   448
-------------------------------------------------------------------
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   449
Thu Feb  9 09:26:11 UTC 2012 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   450
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   451
- update to Firefox 10.0.1 (bnc#746616)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   452
  * MFSA 2012-10/CVE-2012-0452 (bmo#724284)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   453
    use after free in nsXBLDocumentInfo::ReadPrototypeBindings
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 378
diff changeset
   454
378
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   455
-------------------------------------------------------------------
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   456
Tue Feb  7 10:40:58 UTC 2012 - dvaleev@suse.com
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   457
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   458
- Use YARR interpreter instead of PCRE on platforms where YARR JIT
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   459
  is not supported, since PCRE doesnt build (bmo#691898)
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   460
- fix ppc64 build (bmo#703534)
dfb824794771 import upstream patches to fix PPC64
Dinar Valeev
parents: 375
diff changeset
   461
373
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   462
-------------------------------------------------------------------
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   463
Mon Jan 30 09:41:59 UTC 2012 - wr@rosenauer.org
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   464
375
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   465
- update to Firefox 10.0 (bnc#744275)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   466
  * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   467
    Miscellaneous memory safety hazards
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   468
  * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   469
    <iframe> element exposed across domains via name attribute
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   470
  * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   471
    Child nodes from nsDOMAttribute still accessible after removal
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   472
    of nodes
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   473
  * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   474
    Frame scripts calling into untrusted objects bypass security
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   475
    checks
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   476
  * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   477
    Uninitialized memory appended when encoding icon images may
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   478
    cause information disclosure
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   479
  * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   480
    Potential Memory Corruption When Decoding Ogg Vorbis files
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   481
  * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   482
    Crash with malformed embedded XSLT stylesheets
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   483
- KDE integration has been disabled since it needs refactoring
d75cd0dac058 final 10.0 updates (changelog)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 373
diff changeset
   484
- removed obsolete ppc64 patch
373
db704efaedab Firefox 10.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 371
diff changeset
   485
371
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   486
-------------------------------------------------------------------
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   487
Sun Jan 22 12:08:07 UTC 2012 - joop.boonen@opensuse.org
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   488
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   489
- Disable neon for arm as it doesn't build correctly
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   490
ead21d122ed0 introduce --disable-neon option and use on ARM
Joop Boonen <joop.boonen@opensuse.org>
parents: 366
diff changeset
   491
-------------------------------------------------------------------
366
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   492
Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   493
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   494
- update to Firefox 9.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   495
  * (strongparent) parentNode of element gets lost (bmo#335998)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 364
diff changeset
   496
364
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   497
-------------------------------------------------------------------
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   498
Sun Dec 18 09:58:52 UTC 2011 - adrian@suse.de
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   499
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   500
- fix arm build, don't package crashreporter there
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   501
363
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   502
-------------------------------------------------------------------
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   503
Sun Dec 18 09:52:08 UTC 2011 - wr@rosenauer.org
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   504
364
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   505
- update to Firefox 9 (bnc#737533)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   506
  * MFSA 2011-53/CVE-2011-3660
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   507
    Miscellaneous memory safety hazards (rv:9.0)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   508
  * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   509
    Potentially exploitable crash in the YARR regular expression
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   510
    library
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   511
  * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   512
    nsSVGValue out-of-bounds access
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   513
  * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   514
    Key detection without JavaScript via SVG animation
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   515
  * MFSA 2011-58/VE-2011-3665 (bmo#701259)
0f5c150b9dcd merge changes from mozilla:Factory including full changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 363
diff changeset
   516
    Crash scaling <video> to extreme sizes
363
48596576f932 update to 9.0 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 358
diff changeset
   517
358
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   518
-------------------------------------------------------------------
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   519
Sun Nov 27 03:51:54 UTC 2011 - mgorse@suse.com
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   520
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   521
- Fix accessibility under GNOME 3 (bnc#732898)
b28670af14d5 Read a11y status from Gnome3
Michael Gorse <mgorse@suse.com>
parents: 355
diff changeset
   522
355
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   523
-------------------------------------------------------------------
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   524
Sat Nov 12 15:16:38 UTC 2011 - dvaleev@suse.com
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   525
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   526
- fix ppc64 build
91b462c0fd72 fix ppc64 build
Dinar Valeev <dvaleev@suse.com>
parents: 354
diff changeset
   527
350
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   528
-------------------------------------------------------------------
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   529
Sun Nov  6 08:20:59 UTC 2011 - wr@rosenauer.org
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   530
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   531
- update to Firefox 8 (bnc#728520)
354
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   532
  * MFSA 2011-47/CVE-2011-3648 (bmo#690225)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   533
    Potential XSS against sites using Shift-JIS
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   534
  * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   535
    Miscellaneous memory safety hazards
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   536
  * MFSA 2011-49/CVE-2011-3650 (bmo#674776)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   537
    Memory corruption while profiling using Firebug
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   538
  * MFSA 2011-52/CVE-2011-3655 (bmo#672182)
7044f3366d64 changelog updates
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 353
diff changeset
   539
    Code execution via NoWaiverWrapper
350
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   540
- rebased patches
9d46eaac2549 update to Firefox 8 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 344
diff changeset
   541
344
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   542
-------------------------------------------------------------------
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   543
Thu Oct 20 12:34:47 UTC 2011 - wr@rosenauer.org
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   544
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   545
- enable telemetry prompt
880a90eb0f92 enable telemetry opt-in prompt
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 339
diff changeset
   546
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   547
-------------------------------------------------------------------
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   548
Fri Sep 30 10:52:36 UTC 2011 - wr@rosenauer.org
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   549
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   550
- update to minor release 7.0.1
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   551
  * fixed staged addon updates
339
db8b891eeb1e locale should always match the system one in a package environment
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 337
diff changeset
   552
- set intl.locale.matchOS=true in the base package as it causes
db8b891eeb1e locale should always match the system one in a package environment
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 337
diff changeset
   553
  too much confusion when it's only available with branding-openSUSE
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   554
334
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   555
-------------------------------------------------------------------
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   556
Fri Sep 23 11:22:22 UTC 2011 - wr@rosenauer.org
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   557
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   558
- update to Firefox 7 (bnc#720264)
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   559
  including
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   560
  * Improve Responsiveness with Memory Reductions
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   561
  * Instant Sync
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   562
  * WebSocket protocol 8
337
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   563
  * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   564
    Miscellaneous memory safety hazards
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   565
  * MFSA 2011-39/CVE-2011-3000 (bmo#655389)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   566
    Defense against multiple Location headers due to CRLF Injection
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   567
  * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   568
    Code installation through holding down Enter
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   569
  * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   570
    Potentially exploitable WebGL crashes
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   571
  * MFSA 2011-42/CVE-2011-3232 (bmo#653672)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   572
    Potentially exploitable crash in the YARR regular expression
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   573
    library
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   574
  * MFSA 2011-43/CVE-2011-3004 (bmo#653926)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   575
    loadSubScript unwraps XPCNativeWrapper scope parameter
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   576
  * MFSA 2011-44/CVE-2011-3005 (bmo#675747)
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   577
    Use after free reading OGG headers
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   578
  * MFSA 2011-45
cf16b6560dd1 update to 7.0.1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 334
diff changeset
   579
    Inferring keystrokes from motion data
334
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   580
- removed obsolete mozilla-cairo-lcd.patch
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   581
- rebased patches
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   582
- removed XLIB_SKIP_ARGB_VISUALS=1 from environment in
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   583
  mozilla.sh.in (bnc#680758)
1256d8842872 update to version 7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 327
diff changeset
   584
327
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   585
-------------------------------------------------------------------
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   586
Fri Sep 16 06:57:38 UTC 2011 - wr@rosenauer.org
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   587
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   588
- fixed loading of kde.js under KDE (bnc#718311)
34013ee9fafd fixed loading of kde.js under KDE (bnc#718311)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 316
diff changeset
   589
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   590
-------------------------------------------------------------------
316
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   591
Wed Sep 14 07:02:04 UTC 2011 - wr@rosenauer.org
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   592
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   593
- add dbus-1-glib-devel to BuildRequires (not pulled in
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   594
  automatically anymore on 12.1)
316
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   595
- increase minversions for NSPR and NSS
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   596
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   597
-------------------------------------------------------------------
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   598
Fri Sep  9 20:44:15 UTC 2011 - wr@rosenauer.org
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   599
a5e121de2e2f changelog sync
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 312
diff changeset
   600
- recreated source archive to get correct source-stamp.txt
312
fab4bf560637 add dbus-1-glib-devel to BuildRequires (not pulled in automatically anymore on 12.1)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 311
diff changeset
   601
311
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   602
-------------------------------------------------------------------
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   603
Wed Sep  7 14:30:34 UTC 2011 - pcerny@suse.com
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   604
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   605
- security update to 6.0.2 (bnc#714931)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   606
  * Complete blocking of certificates issued by DigiNotar
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   607
    (bmo#683449)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   608
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   609
-------------------------------------------------------------------
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   610
Fri Sep  2 14:40:07 UTC 2011 - pcerny@suse.com
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   611
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   612
- security update to 6.0.1 (bnc#714931)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   613
  * MFSA 2011-34
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   614
    Protection against fraudulent DigiNotar certificates
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   615
    (bmo#682927)
861ec6217558 version 7.0b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 306
diff changeset
   616
306
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   617
-------------------------------------------------------------------
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   618
Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   619
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   620
- update to 6.0 (bnc#712224)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   621
  included security fixes MFSA 2011-29
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   622
  * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   623
    Miscellaneous memory safety hazards
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   624
  * CVE-2011-2993 (bmo#657267)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   625
    Unsigned scripts can call script inside signed JAR
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   626
  * CVE-2011-2988 (bmo#665934)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   627
    Heap overflow in ANGLE library
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   628
  * CVE-2011-0084 (bmo#648094)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   629
    Crash in SVGTextElement.getCharNumAtPosition()
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   630
  * CVE-2011-2990
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   631
    Credential leakage using Content Security Policy reports
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   632
  * CVE-2011-2986 (bmo#655836)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   633
    Cross-origin data theft using canvas and Windows D2D
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   634
- removed obsolete curl header dependency (mozilla-curl.patch)
e6df4625c730 update to 7.0b1 (aurora->beta)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 293
diff changeset
   635
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   636
-------------------------------------------------------------------
292
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   637
Fri Jul 22 13:34:12 UTC 2011 - wr@rosenauer.org
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   638
058eaa15d5d8 update to 6.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 291
diff changeset
   639
- update to 6.0b3
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   640
  * removed obsolete patches
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   641
    - firefox-shellservice.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   642
    - mozilla-gio.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   643
    - mozilla-ppc-ipc.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   644
    - firefox-linkorder.patch
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   645
    - firefox-no-sync-l10n.patch
293
3fd4e37e5e52 fix symbolstore.py for linux3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 292
diff changeset
   646
- recognize linux3 as platform for symbolstore.py
289
3c0dff7ca9c4 Update to version 6.0b1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 288
diff changeset
   647
288
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   648
-------------------------------------------------------------------
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   649
Fri Jul  1 19:53:18 CEST 2011 - vuntz@opensuse.org
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   650
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   651
- Add x-scheme-handler/ftp to the MimeType key in the .desktop, to
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   652
  let desktops know that Firefox can deal with ftp: URIs.
d51f3999a1c2 make Firefox an ftp handler
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 286
diff changeset
   653
286
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   654
-------------------------------------------------------------------
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   655
Fri Jul  1 06:45:08 UTC 2011 - wr@rosenauer.org
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   656
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   657
- create upstream branding package again (supposedly empty)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   658
  (bnc#703401)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   659
- fix build on SLE11 (changes do not affect/are not applied for
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   660
  later versions)
b1d254616456 reenable branding-upstream package
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 283
diff changeset
   661
283
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   662
-------------------------------------------------------------------
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   663
Wed Jun 22 06:41:17 UTC 2011 - wr@rosenauer.org
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   664
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   665
- enable startup notification (bnc#701465)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   666
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   667
-------------------------------------------------------------------
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   668
Mon Jun 20 19:37:01 UTC 2011 - wr@rosenauer.org
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   669
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   670
- update to 5.0 final
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   671
- included fixes for security issues: (bnc#701296, bnc#700578)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   672
  * MFSA 2011-19/CVE-2011-2374 CVE-2011-2375
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   673
    Miscellaneous memory safety hazards
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   674
  * MFSA 2011-20/CVE-2011-2373 (bmo#617247)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   675
    Use-after-free vulnerability when viewing XUL document with
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   676
    script disabled
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   677
  * MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   678
    Memory corruption due to multipart/x-mixed-replace images
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   679
  * MFSA 2011-22/CVE-2011-2371 (bmo#664009)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   680
    Integer overflow and arbitrary code execution in
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   681
    Array.reduceRight()
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   682
  * MFSA 2011-25/CVE-2011-2366
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   683
    Stealing of cross-domain images using WebGL textures
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   684
  * MFSA 2011-26/CVE-2011-2367 CVE-2011-2368
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   685
    Multiple WebGL crashes
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   686
  * MFSA 2011-27/CVE-2011-2369 (bmo#650001)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   687
    XSS encoding hazard with inline SVG
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   688
  * MFSA 2011-28/CVE-2011-2370 (bmo#645699)
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   689
    Non-whitelisted site can trigger xpinstall
418b5f502ff2 update to 5.0final
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 282
diff changeset
   690
279
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   691
-------------------------------------------------------------------
282
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   692
Mon Jun 20 09:17:42 UTC 2011 - wr@rosenauer.org
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   693
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   694
- update to 5.0b7
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   695
  * updated supported locales
282
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   696
- do not build dump_syms static (not needed for us)
78a523efc513 fix build for 12.1 and above by building dump_syms dynamic
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 281
diff changeset
   697
  -> fix build for openSUSE 12.1 and above
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   698
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   699
-------------------------------------------------------------------
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   700
Wed Jun 15 14:59:32 UTC 2011 - wr@rosenauer.org
279
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   701
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   702
- update to 5.0b6
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   703
- include proper revision information into the build
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   704
- speedier find-external-requires.sh
eb9e33036fb4 update to 5.0b6
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 277
diff changeset
   705
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   706
-------------------------------------------------------------------
277
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   707
Tue May 31 06:53:55 UTC 2011 - wr@rosenauer.org
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   708
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   709
- update to 5.0b3
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   710
- transformed to standalone Firefox (not xulrunner based)
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   711
  (with new Firefox rapid release cycle it makes no sense anymore)
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   712
  * imported all relevant xulrunner patches
277
37db3d6540b8 update to 5.0b3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 276
diff changeset
   713
- do not compile in build timestamp
263
64adf7ca3005 standalone firefox building now; runtime untested
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 252
diff changeset
   714
252
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   715
-------------------------------------------------------------------
281
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   716
Fri Apr 15 07:08:53 UTC 2011 - wr@rosenauer.org
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   717
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   718
- security update to 4.0.1 (bnc#689281)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   719
  * MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0079
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   720
    CVE-2011-0080 CVE-2011-0081
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   721
    Miscellaneous memory safety hazards
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   722
  * MFSA 2011-17/CVE-2011-0068 (bmo#623791)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   723
    WebGLES vulnerabilities
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   724
  * MFSA 2011-18/CVE-2011-1202 (bmo#640339)
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   725
    XSLT generate-id() function heap address leak
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   726
0bdc059f7280 update for 5.0b7
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 279
diff changeset
   727
-------------------------------------------------------------------
252
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   728
Wed Mar 30 11:24:36 UTC 2011 - wr@rosenauer.org
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   729
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   730
- add all available icon sizes
5477a696d8f6 install all icons
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 247
diff changeset
   731
247
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   732
-------------------------------------------------------------------
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   733
Tue Mar 29 11:55:53 UTC 2011 - cfarrell@novell.com
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   734
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   735
- license update: MPLv1.1 or GPLv2+ or LGPLv2+
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   736
  Sync licenses with Fedora. MPL does not state ^or later^
71521dfedb0b license update: MPLv1.1 or GPLv2+ or LGPLv2+
cfarrell@novell.com
parents: 239
diff changeset
   737
236
a4f5954df3a3 update for 2.0/4.0rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 230
diff changeset
   738
-------------------------------------------------------------------
239
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   739
Fri Mar 18 08:49:15 UTC 2011 - wr@rosenauer.org
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   740
99a267a3f1d3 update to rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 238
diff changeset
   741
- update to version 4.0rc2
238
d537c4a65693 fixed rpm macros (bnc#679950)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 236
diff changeset
   742
- fixed rpm macros delivered with devel package (bnc#679950)
236
a4f5954df3a3 update for 2.0/4.0rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 230
diff changeset
   743
230
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   744
-------------------------------------------------------------------
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   745
Wed Feb 23 07:52:04 UTC 2011 - wr@rosenauer.org
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   746
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   747
- update to version 4.0b12
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   748
- rebased patches
e4846f1b81c5 real update to 4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 229
diff changeset
   749
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   750
-------------------------------------------------------------------
229
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   751
Fri Feb  4 09:32:50 UTC 2011 - wr@rosenauer.org
226
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   752
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   753
- update to version 4.0b11
229
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   754
  * loads of bugfixes compared to last beta
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   755
  * added "Do Not Track" option
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   756
- rebased patches
298263f797be update to 2.0b12/4.0b12
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 226
diff changeset
   757
- disable testpilot
226
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   758
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   759
-------------------------------------------------------------------
6bf3bb4c115e update for 2.0b11/4.0b11
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 225
diff changeset
   760
Fri Jan 28 08:56:12 UTC 2011 - wr@rosenauer.org
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   761
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   762
- set correct desktop file name within KDE for 11.4 and up
225
5a7504b93699 Provide devel package with helper script and rpm macros for easier addon packaging. (patch submitted from Ludwig Nussel)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 223
diff changeset
   763
- add devel package with macros for extensions (from lnussel@suse.de)
223
4555a5d0d661 patch reorganization
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 221
diff changeset
   764
221
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   765
-------------------------------------------------------------------
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   766
Sat Jan 22 22:21:52 UTC 2011 - wr@rosenauer.org
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   767
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   768
- update to version 4.0b10
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   769
- removed obsolete firefox-shell-bmo624267.patch
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   770
- testpilot moved to distribution/extensions
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   771
- updated locale provides and removed bn-IN from locales
488440b896fe fixed testpilot packaging
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 217
diff changeset
   772
210
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   773
-------------------------------------------------------------------
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   774
Tue Jan 11 06:13:40 UTC 2011 - wr@rosenauer.org
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   775
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   776
- update to version 4.0b9
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   777
- added x-scheme-handler for http and https to desktop file for
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   778
  newer Gnome environments
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   779
- fixed default browser check/set for GIO (bmo#611953)
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   780
  (mozilla-shellservice.patch)
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   781
- removed obsolete firefox-appname.patch (integrated into
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   782
  shellservice patch)
217
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   783
- renamed desktop file to firefox.desktop for 11.4 and newer
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   784
  (bnc#664211)
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   785
- removed support for 10.3 and older from the spec file
4b1284f6082b changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 210
diff changeset
   786
- removed obsolete "Ximian" categories from desktop file
210
f4f4388b26a8 update to 2.0b9/4.0b9
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 207
diff changeset
   787
207
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   788
-------------------------------------------------------------------
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   789
Mon Jan  3 17:35:46 CET 2011 - meissner@suse.de
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   790
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   791
- Mirror ac_add_options --disable-ipc from xulrunner for PowerPC.
2c6c3d0a8b61 Disable IPC for PowerPC (patch by Marcus Meissner)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 206
diff changeset
   792
203
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   793
-------------------------------------------------------------------
206
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   794
Wed Dec 15 07:49:45 UTC 2010 - wr@rosenauer.org
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   795
80e6366ea8ce update for 2.0b8/4.0b8
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 203
diff changeset
   796
- update to version 4.0beta8
203
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   797
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   798
-------------------------------------------------------------------
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   799
Tue Nov 30 14:19:59 UTC 2010 - wr@rosenauer.org
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   800
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   801
- major update to version 4.0beta7
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   802
  * based on mozilla-xulrunner20
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   803
  * far too many internal changes to list
3820fe99f0fe Update to latest snapshot (20101207)
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 195
diff changeset
   804
195
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   805
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   806
Wed Oct 27 07:12:14 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   807
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   808
- security update to 3.6.12 (bnc#649492)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   809
  * MFSA 2010-73/CVE-2010-3765 (bmo#607222)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   810
    Heap buffer overflow mixing document.write and DOM insertion
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   811
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   812
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   813
Wed Oct  6 07:13:52 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   814
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   815
- security update to 3.6.11 (bnc#645315)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   816
  * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   817
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   818
  * MFSA 2010-65/CVE-2010-3179 (bmo#583077)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   819
    Buffer overflow and memory corruption using document.write
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   820
  * MFSA 2010-66/CVE-2010-3180 (bmo#588929)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   821
    Use-after-free error in nsBarProp
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   822
  * MFSA 2010-67/CVE-2010-3183 (bmo#598669)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   823
    Dangling pointer vulnerability in LookupGetterOrSetter
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   824
  * MFSA 2010-68/CVE-2010-3177 (bmo#556734)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   825
    XSS in gopher parser when parsing hrefs
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   826
  * MFSA 2010-69/CVE-2010-3178 (bmo#576616)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   827
    Cross-site information disclosure via modal calls
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   828
  * MFSA 2010-70/CVE-2010-3170 (bmo#578697)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   829
    SSL wildcard certificate matching IP addresses
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   830
  * MFSA 2010-71/CVE-2010-3182 (bmo#590753)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   831
    Unsafe library loading vulnerabilities
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   832
  * MFSA 2010-72/CVE-2010-3173
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   833
    Insecure Diffie-Hellman key exchange
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   834
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   835
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   836
Wed Sep 15 07:39:22 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   837
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   838
- update to 3.6.10
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   839
  * fixing startup topcrash (bmo#594699)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   840
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   841
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   842
Thu Aug 26 07:40:28 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   843
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   844
- security update to 3.6.9 (bnc#637303)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   845
  * MFSA 2010-49/CVE-2010-3169
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   846
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   847
  * MFSA 2010-50/CVE-2010-2765 (bmo#576447)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   848
    Frameset integer overflow vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   849
  * MFSA 2010-51/CVE-2010-2767 (bmo#584512)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   850
    Dangling pointer vulnerability using DOM plugin array
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   851
  * MFSA 2010-53/CVE-2010-3166 (bmo#579655)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   852
    Heap buffer overflow in nsTextFrameUtils::TransformText
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   853
  * MFSA 2010-54/CVE-2010-2760 (bmo#585815)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   854
    Dangling pointer vulnerability in nsTreeSelection
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   855
  * MFSA 2010-55/CVE-2010-3168 (bmo#576075)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   856
    XUL tree removal crash and remote code execution
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   857
  * MFSA 2010-56/CVE-2010-3167 (bmo#576070)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   858
    Dangling pointer vulnerability in nsTreeContentView
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   859
  * MFSA 2010-57/CVE-2010-2766 (bmo#580445)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   860
    Crash and remote code execution in normalizeDocument
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   861
  * MFSA 2010-59/CVE-2010-2762 (bmo#584180)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   862
    SJOW creates scope chains ending in outer object
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   863
  * MFSA 2010-61/CVE-2010-2768 (bmo#579744)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   864
    UTF-7 XSS by overriding document charset using <object> type
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   865
    attribute
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   866
  * MFSA 2010-62/CVE-2010-2769 (bmo#520189)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   867
    Copy-and-paste or drag-and-drop into designMode document allows
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   868
    XSS
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   869
  * MFSA 2010-63/CVE-2010-2764 (bmo#552090)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   870
    Information leak via XMLHttpRequest statusText
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   871
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   872
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   873
Wed Jul 28 08:33:14 CEST 2010 - meissner@suse.de
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   874
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   875
- disable crash reporter for non x86/x86_64 to make it build.
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   876
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   877
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   878
Sat Jul 24 12:42:58 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   879
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   880
- security update to 3.6.8 (bnc#622506)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   881
  * MFSA 2010-48/CVE-2010-2755 (bmo#575836)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   882
    Dangling pointer crash regression from plugin parameter array
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   883
    fix
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   884
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   885
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   886
Fri Jul 16 06:48:44 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   887
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   888
- security update to 3.6.7 (bnc#622506)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   889
  * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   890
    Miscellaneous memory safety hazards
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   891
  * MFSA 2010-35/CVE-2010-1208 (bmo#572986)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   892
    DOM attribute cloning remote code execution vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   893
  * MFSA 2010-36/CVE-2010-1209 (bmo#552110)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   894
    Use-after-free error in NodeIterator
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   895
  * MFSA 2010-37/CVE-2010-1214 (bmo#572985)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   896
    Plugin parameter EnsureCachedAttrParamArrays remote code
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   897
    execution vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   898
  * MFSA 2010-38/CVE-2010-1215 (bmo#567069)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   899
    Arbitrary code execution using SJOW and fast native function
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   900
  * MFSA 2010-39/CVE-2010-2752 (bmo#574059)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   901
    nsCSSValue::Array index integer overflow
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   902
  * MFSA 2010-40/CVE-2010-2753 (bmo#571106)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   903
    nsTreeSelection dangling pointer remote code execution
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   904
    vulnerability
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   905
  * MFSA 2010-41/CVE-2010-1205 (bmo#570451)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   906
    Remote code execution using malformed PNG image
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   907
  * MFSA 2010-42/CVE-2010-1213 (bmo#568148)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   908
    Cross-origin data disclosure via Web Workers and importScripts
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   909
  * MFSA 2010-43/CVE-2010-1207 (bmo#571287)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   910
    Same-origin bypass using canvas context
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   911
  * MFSA 2010-44/CVE-2010-1210 (bmo#564679)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   912
    Characters mapped to U+FFFD in 8 bit encodings cause subsequent
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   913
    character to vanish
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   914
  * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   915
    Multiple location bar spoofing vulnerabilities
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   916
  * MFSA 2010-46/CVE-2010-0654 (bmo#524223)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   917
    Cross-domain data theft using CSS
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   918
  * MFSA 2010-47/CVE-2010-2754 (bmo#568564)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   919
    Cross-origin data leakage from script filename in error messages
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   920
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   921
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   922
Sun Jun 27 20:24:31 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   923
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   924
- update to 3.6.6 release
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   925
  * modifies the crash protection feature to increase the amount 
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   926
    of time that plugins are allowed to be non-responsive before 
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   927
    being terminated.
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   928
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   929
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   930
Wed Jun 23 14:40:35 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   931
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   932
- update to final 3.6.4 release (bnc#603356)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   933
  * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   934
    CVE-2010-1203
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   935
    Crashes with evidence of memory corruption (rv:1.9.2.4)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   936
  * MFSA 2010-28/CVE-2010-1198 (bmo#532246)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   937
    Freed object reuse across plugin instances
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   938
  * MFSA 2010-29/CVE-2010-1196 (bmo#534666)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   939
    Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   940
  * MFSA 2010-30/CVE-2010-1199 (bmo#554255)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   941
    Integer Overflow in XSLT Node Sorting
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   942
  * MFSA 2010-31/CVE-2010-1125 (bmo#552255)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   943
    focus() behavior can be used to inject or steal keystrokes
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   944
  * MFSA 2010-32/CVE-2010-1197 (bmo#537120)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   945
    Content-Disposition: attachment ignored if
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   946
    Content-Type: multipart also present
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   947
  * MFSA 2010-33/CVE-2008-5913 (bmo#475585)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   948
    User tracking across sites using Math.random()
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   949
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   950
-------------------------------------------------------------------
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   951
Mon Jun  7 07:07:33 CEST 2010 - wr@rosenauer.org
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   952
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   953
- update to 3.6.4(build6)
50b5cb1f2b86 sync with latest 3.6.x changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 67
diff changeset
   954
64
7bb1edb78dd5 Update to 1.9.2.4/3.6.4pre to prepare the bigger Lorentz merge
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 63
diff changeset
   955
-------------------------------------------------------------------
67
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   956
Sun Apr 18 09:42:40 CEST 2010 - wr@rosenauer.org
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   957
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   958
- security update to 3.6.4 (Lorentz)
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   959
  * enable crashreporter also for x86-64
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   960
  * Flash runs in a separate process to avoid crashing Firefox
a05eb1c8699f Prepare for final 3.6.4 release
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 64
diff changeset
   961
    (ix86 only; x86-64 still uses nspluginwrapper)
64
7bb1edb78dd5 Update to 1.9.2.4/3.6.4pre to prepare the bigger Lorentz merge
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 63
diff changeset
   962
63
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   963
-------------------------------------------------------------------
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   964
Thu Apr  1 11:15:38 UTC 2010 - wr@rosenauer.org
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   965
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   966
- security update to 3.6.3
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   967
  * MFSA 2010-25/CVE-2010-1121 (bmo#555109)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   968
    Re-use of freed object due to scope confusion
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   969
59
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   970
-------------------------------------------------------------------
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   971
Thu Mar 18 06:43:33 CET 2010 - wr@rosenauer.org
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   972
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
   973
- security update to version 3.6.2 (bnc#586567)
63
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   974
  * MFSA 2010-08/CVE-2010-1028
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   975
    WOFF heap corruption due to integer overflow
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   976
  * MFSA 2010-09/CVE-2010-0164 (bmo#547143)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   977
    Deleted frame reuse in multipart/x-mixed-replace image
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   978
  * MFSA 2010-10/CVE-2010-0170 (bmo#541530)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   979
    XSS via plugins and unprotected Location object
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   980
  * MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   981
    Crashes with evidence of memory corruption
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   982
  * MFSA 2010-12/CVE-2010-0171 (bmo#531364)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   983
    XSS using addEventListener and setTimeout on a wrapped object
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   984
  * MFSA 2010-13/CVE-2010-0168 (bmo#540642)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   985
    Content policy bypass with image preloading
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   986
  * MFSA 2010-14/CVE-2010-0169 (bmo#535806)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   987
    Browser chrome defacement via cached XUL stylesheets
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   988
  * MFSA 2010-15/CVE-2010-0172 (bmo#537862)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   989
    Asynchronous Auth Prompt attaches to wrong window
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   990
  * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   991
    Crashes with evidence of memory corruption
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   992
  * MFSA 2010-18/CVE-2010-0176 (bmo#538308)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   993
    Dangling pointer vulnerability in nsTreeContentView
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   994
  * MFSA 2010-19/CVE-2010-0177 (bmo#538310)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   995
    Dangling pointer vulnerability in nsPluginArray
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   996
  * MFSA 2010-20/CVE-2010-0178 (bmo#546909)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   997
    Chrome privilege escalation via forced URL drag and drop
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   998
  * MFSA 2010-22/CVE-2009-3555 (bmo#545755)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
   999
    Update NSS to support TLS renegotiation indication
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
  1000
  * MFSA 2010-23/CVE-2010-0181 (bmo#452093)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
  1001
    Image src redirect to mailto: URL opens email editor
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
  1002
  * MFSA 2010-24/CVE-2010-0182 (bmo#490790)
9213a0672227 Update to 1.9.2.3/3.6.3
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 59
diff changeset
  1003
    XMLDocument::load() doesn't check nsIContentPolicy
59
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
  1004
52
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
  1005
-------------------------------------------------------------------
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
  1006
Mon Jan 18 09:42:50 CET 2010 - wr@rosenauer.org
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
  1007
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
  1008
- update to 3.6rc2 (already named 3.6.0)
59
604517bb16d8 Update to 1.9.2.2/3.6.2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 52
diff changeset
  1009
- removed obsolete orbit-devel build requirement
52
024a595d7885 Update to 1.9.2rc2/3.6rc2
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 48
diff changeset
  1010
46
c743908ffe6f Update to 1.9.2rc1/3.6rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 39
diff changeset
  1011
-------------------------------------------------------------------
c743908ffe6f Update to 1.9.2rc1/3.6rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 39
diff changeset
  1012
Wed Jan  6 17:15:40 CET 2010 - wr@rosenauer.org
c743908ffe6f Update to 1.9.2rc1/3.6rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 39
diff changeset
  1013
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1014
- major update to 3.6rc1
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1015
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1016
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1017
Fri Dec 25 09:39:42 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1018
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1019
- update to version 3.5.7 (bnc#568011)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1020
  * DNS resolution in MakeSN of nsAuthSSPI causing issues for
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1021
    proxy servers that support NTLM auth (bmo#535193)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1022
- added missing lockdown preferences (bnc#567131)
46
c743908ffe6f Update to 1.9.2rc1/3.6rc1
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 39
diff changeset
  1023
39
f3cc5e946292 Add Firefox changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 31
diff changeset
  1024
-------------------------------------------------------------------
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1025
Thu Dec 17 20:06:38 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1026
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1027
- readded firefox-ui-lockdown.patch (bnc#546158)
39
f3cc5e946292 Add Firefox changelog
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 31
diff changeset
  1028
31
529467fa14cf MozillaFirefox changes
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 19
diff changeset
  1029
-------------------------------------------------------------------
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1030
Thu Dec  3 21:53:59 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1031
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1032
- security update to version 3.5.6 (bnc#559807)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1033
  * MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1034
    Crashes with evidence of memory corruption (rv:1.9.1.6)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1035
  * MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1036
    Memory safety fixes in liboggplay media library
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1037
  * MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1038
    Integer overflow, crash in libtheora video library
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1039
  * MFSA 2009-68/CVE-2009-3983 (bmo#487872)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1040
    NTLM reflection vulnerability
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1041
  * MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1042
    Location bar spoofing vulnerabilities
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1043
  * MFSA 2009-70/VE-2009-3986 (bmo#522430)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1044
    Privilege escalation via chrome window.opener
19
f21a8e50d93d BNC#561027 - firefox urlbar style broken -> stripped down patch
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 18
diff changeset
  1045
- fixed firefox-browser-css.patch (bnc#561027)
18
c4da314d7975 Update to 1.9.2b5/3.6b5
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 12
diff changeset
  1046
12
1f7c3dc01e1c Prepare MozillaFirefox for KDE integration
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 5
diff changeset
  1047
-------------------------------------------------------------------
48
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1048
Mon Nov 23 22:31:21 CET 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1049
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1050
- rebased patches for fuzz=0
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1051
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1052
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1053
Thu Nov  5 19:49:33 UTC 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1054
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1055
- update to version 3.5.5 (bnc#553172)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1056
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1057
-------------------------------------------------------------------
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1058
Sat Oct 17 23:19:23 CEST 2009 - wr@rosenauer.org
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1059
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1060
- security update to version 3.5.4 (bnc#545277)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1061
  * MFSA 2009-52/CVE-2009-3370 (bmo#511615)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1062
    Form history vulnerable to stealing
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1063
  * MFSA 2009-53/CVE-2009-3274 (bmo#514823)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1064
    Local downloaded file tampering
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1065
  * MFSA 2009-54/CVE-2009-3371 (bmo#514554)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1066
    Crash with recursive web-worker calls
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1067
  * MFSA 2009-55/CVE-2009-3372 (bmo#500644)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1068
    Crash in proxy auto-configuration regexp parsing
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1069
  * MFSA 2009-56/CVE-2009-3373 (bmo#511689)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1070
    Heap buffer overflow in GIF color map parser
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1071
  * MFSA 2009-57/CVE-2009-3374 (bmo#505988)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1072
    Chrome privilege escalation in XPCVariant::VariantDataToJS()
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1073
  * MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1074
    Heap buffer overflow in string to number conversion
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1075
  * MFSA 2009-61/CVE-2009-3375 (bmo#503226)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1076
    Cross-origin data theft through document.getSelection()
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1077
  * MFSA 2009-62/CVE-2009-3376 (bmo#511521)
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1078
    Download filename spoofing with RTL override
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1079
  * MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1080
    Upgrade media libraries to fix memory safety bugs
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1081
  * MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383
f20f41829b2b Reset changelog to go to Factory as MozillaFirefox update
Wolfgang Rosenauer <wr@rosenauer.org>
parents: 46
diff changeset
  1082
    Crashes with evidence of memory corruption