1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Sun Nov 16 15:03:49 UTC 2014 - wr@rosenauer.org |
2 Sat Jan 10 18:36:37 UTC 2015 - wr@rosenauer.org |
3 |
3 |
4 - Aurora 35 (20141115) aka Firefox Developer Edition |
4 - update to Firefox 35.0 (bnc#910669) |
5 * Aurora does not use branding subpackages anymore |
5 notable features: |
|
6 * Firefox Hello with new rooms-based conversations model |
|
7 * Implemented HTTP Public Key Pinning Extension (for enhanced |
|
8 authentication of encrypted connections) |
|
9 security fixes: |
|
10 * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 |
|
11 Miscellaneous memory safety hazards |
|
12 * MFSA 2015-02/CVE-2014-8637 (bmo#1094536) |
|
13 Uninitialized memory use during bitmap rendering |
|
14 * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) |
|
15 sendBeacon requests lack an Origin header |
|
16 * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) |
|
17 Cookie injection through Proxy Authenticate responses |
|
18 * MFSA 2015-05/CVE-2014-8640 (bmo#1100409) |
|
19 Read of uninitialized memory in Web Audio |
|
20 * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) |
|
21 Read-after-free in WebRTC |
|
22 * MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) |
|
23 Gecko Media Plugin sandbox escape |
|
24 * MFSA 2015-08/CVE-2014-8642 (bmo#1079658) |
|
25 Delegated OCSP responder certificates failure with |
|
26 id-pkix-ocsp-nocheck extension |
|
27 * MFSA 2015-09/CVE-2014-8636 (bmo#987794) |
|
28 XrayWrapper bypass through DOM objects |
6 - rebased patches |
29 - rebased patches |
7 - dropped explicit support for everything older than 12.3 |
30 - dropped explicit support for everything older than 12.3 |
8 (including SLES11) |
31 (including SLES11) |
9 * merge firefox-kde.patch and firefox-kde-114.patch |
32 * merge firefox-kde.patch and firefox-kde-114.patch |
10 * dropped mozilla-sle11.patch |
33 * dropped mozilla-sle11.patch |
11 - reworked specfile to build conditionally based on release channel |
34 - reworked specfile to build conditionally based on release channel |
12 either Firefox or Firefox Developer Edition |
35 either Firefox or Firefox Developer Edition |
13 - added mozilla-openaes-decl.patch to fix implicit declarations |
36 - added mozilla-openaes-decl.patch to fix implicit declarations |
|
37 - obsolete tracker-miner-firefox < 0.15 because it leads to startup |
|
38 crashes (bnc#908892) |
|
39 |
|
40 ------------------------------------------------------------------- |
|
41 Sat Dec 13 22:13:00 UTC 2014 - Led <ledest@gmail.com> |
|
42 |
|
43 - fix bashism in mozilla.sh script |
14 |
44 |
15 ------------------------------------------------------------------- |
45 ------------------------------------------------------------------- |
16 Sat Nov 29 21:23:03 UTC 2014 - wr@rosenauer.org |
46 Sat Nov 29 21:23:03 UTC 2014 - wr@rosenauer.org |
17 |
47 |
18 - update to Firefox 34.0.5 (bnc#908009) |
48 - update to Firefox 34.0.5 (bnc#908009) |