Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox52
changeset 987 322da3cf60a2
parent 980 c0c95a18e37c
child 989 a72735108dbe
equal deleted inserted replaced
980:c0c95a18e37c 987:322da3cf60a2 
       
     1 -------------------------------------------------------------------
 
       
     2 Tue Aug  8 18:13:34 UTC 2017 - wr@rosenauer.org
 
       
     3 
       
     4 - update to Firefox 52.3esr (boo#1052829)
 
       
     5   MFSA 2017-19
 
       
     6   * CVE-2017-7798 (bmo#1371586, bmo#1372112)
 
       
     7     XUL injection in the style editor in devtools
 
       
     8   * CVE-2017-7800 (bmo#1374047)
 
       
     9     Use-after-free in WebSockets during disconnection
 
       
    10   * CVE-2017-7801 (bmo#1371259)
 
       
    11     Use-after-free with marquee during window resizing
 
       
    12   * CVE-2017-7784 (bmo#1376087)
 
       
    13     Use-after-free with image observers
 
       
    14   * CVE-2017-7802 (bmo#1378147)
 
       
    15     Use-after-free resizing image elements
 
       
    16   * CVE-2017-7785 (bmo#1356985)
 
       
    17     Buffer overflow manipulating ARIA attributes in DOM
 
       
    18   * CVE-2017-7786 (bmo#1365189)
 
       
    19     Buffer overflow while painting non-displayable SVG
 
       
    20   * CVE-2017-7753 (bmo#1353312)
 
       
    21     Out-of-bounds read with cached style data and pseudo-elements#
 
       
    22   * CVE-2017-7787 (bmo#1322896)
 
       
    23     Same-origin policy bypass with iframes through page reloads
 
       
    24   * CVE-2017-7807 (bmo#1376459)
 
       
    25     Domain hijacking through AppCache fallback
 
       
    26   * CVE-2017-7792 (bmo#1368652)
 
       
    27     Buffer overflow viewing certificates with an extremely long OID
 
       
    28   * CVE-2017-7804 (bmo#1372849)
 
       
    29     Memory protection bypass through WindowsDllDetourPatcher
 
       
    30   * CVE-2017-7791 (bmo#1365875)
 
       
    31     Spoofing following page navigation with data: protocol and modal alerts
 
       
    32   * CVE-2017-7782 (bmo#1344034)
 
       
    33     WindowsDllDetourPatcher allocates memory without DEP protections
 
       
    34   * CVE-2017-7803 (bmo#1377426)
 
       
    35     CSP containing 'sandbox' improperly applied
 
       
    36   * CVE-2017-7779
 
       
    37     Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
 
       
    38 
       
    39 -------------------------------------------------------------------
 
       
    40 Wed Jul  5 07:26:32 UTC 2017 - astieger@suse.com
 
       
    41 
       
    42 - Mozilla Firefox 52.2.1esr:
 
       
    43   * Printing text does not work on Windows when Direct2D is
 
       
    44     disabled (bmo#1318845)
 
       
    45 
     1 -------------------------------------------------------------------
 
    46 -------------------------------------------------------------------
 
     2 Wed Jun 14 07:08:29 UTC 2017 - wr@rosenauer.org
 
    47 Wed Jun 14 07:08:29 UTC 2017 - wr@rosenauer.org
 
     3 
    48 
     4 - update to Firefox 52.2esr (boo#1043960)
 
    49 - update to Firefox 52.2esr (boo#1043960)
 
     5   MFSA 2017-16
 
    50   MFSA 2017-16
mozilla