1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Sat Nov 17 06:47:11 UTC 2012 - wr@rosenauer.org |
2 Tue Nov 20 20:15:23 UTC 2012 - wr@rosenauer.org |
3 |
3 |
4 - update to 17.0 (bnc#790140) |
4 - update to 17.0 (bnc#790140) |
|
5 * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 |
|
6 Miscellaneous memory safety hazards |
|
7 * MFSA 2012-92/CVE-2012-4202 (bmo#758200) |
|
8 Buffer overflow while rendering GIF images |
|
9 * MFSA 2012-93/CVE-2012-4201 (bmo#747607) |
|
10 evalInSanbox location context incorrectly applied |
|
11 * MFSA 2012-94/CVE-2012-5836 (bmo#792857) |
|
12 Crash when combining SVG text on path with CSS |
|
13 * MFSA 2012-95/CVE-2012-4203 (bmo#765628) |
|
14 Javascript: URLs run in privileged context on New Tab page |
|
15 * MFSA 2012-96/CVE-2012-4204 (bmo#778603) |
|
16 Memory corruption in str_unescape |
|
17 * MFSA 2012-97/CVE-2012-4205 (bmo#779821) |
|
18 XMLHttpRequest inherits incorrect principal within sandbox |
|
19 * MFSA 2012-99/CVE-2012-4208 (bmo#798264) |
|
20 XrayWrappers exposes chrome-only properties when not in chrome |
|
21 compartment |
|
22 * MFSA 2012-100/CVE-2012-5841 (bmo#805807) |
|
23 Improper security filtering for cross-origin wrappers |
|
24 * MFSA 2012-101/CVE-2012-4207 (bmo#801681) |
|
25 Improper character decoding in HZ-GB-2312 charset |
|
26 * MFSA 2012-102/CVE-2012-5837 (bmo#800363) |
|
27 Script entered into Developer Toolbar runs with chrome privileges |
|
28 * MFSA 2012-103/CVE-2012-4209 (bmo#792405) |
|
29 Frames can shadow top.location |
|
30 * MFSA 2012-104/CVE-2012-4210 (bmo#796866) |
|
31 CSS and HTML injection through Style Inspector |
|
32 * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ |
|
33 CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ |
|
34 CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 |
|
35 Use-after-free and buffer overflow issues found using Address |
|
36 Sanitizer |
|
37 * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 |
|
38 Use-after-free, buffer overflow, and memory corruption issues |
|
39 found using Address Sanitizer |
5 - rebased patches |
40 - rebased patches |
6 - disabled WebRTC since build is broken (bmo#776877) |
41 - disabled WebRTC since build is broken (bmo#776877) |
7 |
42 |
8 ------------------------------------------------------------------- |
43 ------------------------------------------------------------------- |
9 Wed Oct 24 08:28:49 UTC 2012 - wr@rosenauer.org |
44 Wed Oct 24 08:28:49 UTC 2012 - wr@rosenauer.org |