Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox48
changeset 924 199d5cf40e86
parent 923 3cc9f17ca9bb
child 925 05d175c5957e
equal deleted inserted replaced
923:3cc9f17ca9bb 924:199d5cf40e86 
     1 -------------------------------------------------------------------
 
     1 -------------------------------------------------------------------
 
     2 Mon Aug  1 12:37:05 UTC 2016 - wr@rosenauer.org
 
     2 Mon Aug  1 12:37:05 UTC 2016 - wr@rosenauer.org
 
     3 
     3 
     4 - update to Firefox 48.0 (boo#)
 
     4 - update to Firefox 48.0 (boo#991809)
 
     5   * requires NSS 3.24
 
     5   * requires NSS 3.24
 
     6   * Process separation (e10s) is enabled for some of you
 
     6   * Process separation (e10s) is enabled for some of you
 
     7   * Add-ons that have not been verified and signed by Mozilla will not load
 
     7   * Add-ons that have not been verified and signed by Mozilla will not load
 
     8   * WebRTC embetterments
 
     8   * WebRTC embetterments
 
     9   * The media parser has been redeveloped using the Rust programming
 
     9   * The media parser has been redeveloped using the Rust programming
 
    10     language
 
    10     language
 
    11   * better Canvas performance with speedy Skia support
 
    11   * better Canvas performance with speedy Skia support
 
       
    12   security fixes:
 
       
    13   * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836
 
       
    14     Miscellaneous memory safety hazards
 
       
    15   * MFSA 2016-63/CVE-2016-2830 (bmo#1255270)
 
       
    16     Favicon network connection can persist when page is closed
 
       
    17   * MFSA 2016-64/CVE-2016-2838 (bmo#1279814)
 
       
    18     Buffer overflow rendering SVG with bidirectional content
 
       
    19   * MFSA 2016-65/CVE-2016-2839 (bmo#1275339)
 
       
    20     Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
 
       
    21   * MFSA 2016-66/CVE-2016-5251 (bmo#1255570)
 
       
    22     Location bar spoofing via data URLs with malformed/invalid mediatypes
 
       
    23   * MFSA 2016-67/CVE-2016-5252 (bmo#1268854)
 
       
    24     Stack underflow during 2D graphics rendering
 
       
    25   * MFSA 2016-68/CVE-2016-0718 (bmo#1236923)
 
       
    26     Out-of-bounds read during XML parsing in Expat library
 
       
    27   * MFSA 2016-69/CVE-2016-5253 (bmo#1246944)
 
       
    28     Arbitrary file manipulation by local user through Mozilla updater
 
       
    29     and callback application path parameter (Windows-only)
 
       
    30   * MFSA 2016-70/CVE-2016-5254 (bmo#1266963)
 
       
    31     Use-after-free when using alt key and toplevel menus
 
       
    32   * MFSA 2016-71/CVE-2016-5255 (bmo#1212356)
 
       
    33     Crash in incremental garbage collection in JavaScript
 
       
    34   * MFSA 2016-72/CVE-2016-5258 (bmo#1279146)
 
       
    35     Use-after-free in DTLS during WebRTC session shutdown
 
       
    36   * MFSA 2016-73/CVE-2016-5259 (bmo#1282992)
 
       
    37     Use-after-free in service workers with nested sync events
 
       
    38   * MFSA 2016-74/CVE-2016-5260 (bmo#1280294)
 
       
    39     Form input type change from password to text can store plain
 
       
    40     text password in session restore file
 
       
    41   * MFSA 2016-75/CVE-2016-5261 (bmo#1287266)
 
       
    42     Integer overflow in WebSockets during data buffering
 
       
    43   * MFSA 2016-76/CVE-2016-5262 (bmo#1277475)
 
       
    44     Scripts on marquee tag can execute in sandboxed iframes
 
       
    45   * MFSA 2016-77/CVE-2016-2837 (bmo#1274637)
 
       
    46     Buffer overflow in ClearKey Content Decryption Module (CDM)
 
       
    47     during video playback
 
       
    48   * MFSA 2016-78/CVE-2016-5263 (bmo#1276897)
 
       
    49     Type confusion in display transformation
 
       
    50   * MFSA 2016-79/CVE-2016-5264 (bmo#1286183)
 
       
    51     Use-after-free when applying SVG effects
 
       
    52   * MFSA 2016-80/CVE-2016-5265 (bmo#1278013)
 
       
    53     Same-origin policy violation using local HTML file and saved shortcut file
 
       
    54   * MFSA 2016-81/CVE-2016-5266 (bmo#1226977)
 
       
    55     Information disclosure and local file manipulation through drag and drop
 
       
    56   * MFSA 2016-82/CVE-2016-5267 (bmo#1284372)
 
       
    57     Addressbar spoofing with right-to-left characters on Firefox for Android
 
       
    58     (Android only)
 
       
    59   * MFSA 2016-83/CVE-2016-5268 (bmo#1253673)
 
       
    60     Spoofing attack through text injection into internal error pages
 
       
    61   * MFSA 2016-84/CVE-2016-5250 (bmo#1254688)
 
       
    62     Information disclosure through Resource Timing API during page navigation
 
    12 - removed obsolete mozilla-gcc6.patch
 
    63 - removed obsolete mozilla-gcc6.patch
 
    13 
    64 
    14 -------------------------------------------------------------------
 
    65 -------------------------------------------------------------------
 
    15 Fri Jul 29 01:26:13 UTC 2016 - badshah400@gmail.com
 
    66 Fri Jul 29 01:26:13 UTC 2016 - badshah400@gmail.com
 
    16 
    67
mozilla