1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Fri Aug 5 09:35:34 UTC 2011 - wr@rosenauer.org |
2 Fri Aug 5 09:35:34 UTC 2011 - wr@rosenauer.org |
3 |
3 |
4 - security update to 1.9.2.20 (bnc#711954) |
4 - security update to 1.9.2.20 (bnc#712224) |
5 * fixed issues |
5 fixed security issues MFSA 2011-30 |
6 https://www.mozilla.org/security/known-vulnerabilities/firefox36.html |
6 * CVE-2011-2982 |
|
7 Miscellaneous memory safety hazards |
|
8 * CVE-2011-0084 (bmo#648094) |
|
9 Crash in SVGTextElement.getCharNumAtPosition() |
|
10 * CVE-2011-2981 |
|
11 Privilege escalation using event handlers |
|
12 * CVE-2011-2378 (bmo#572129) |
|
13 Privilege escalation dropping a tab element in content area |
|
14 * CVE-2011-2980 (bmo#642469) |
|
15 Binary planting vulnerability in ThinkPadSensor::Startup |
|
16 * CVE-2011-2983 (bmo#626297) |
|
17 Private data leakage using RegExp.input |
7 - added mozilla-implicit-declarations.patch to fix rpmlint/gcc |
18 - added mozilla-implicit-declarations.patch to fix rpmlint/gcc |
8 checks |
19 checks |
9 - added mozilla-curl.patch to remove obsolete header dependency |
20 - added mozilla-curl.patch to remove obsolete header dependency |
10 - added mozilla-linux3.patch to make python symbol dumper aware |
21 - added mozilla-linux3.patch to make python symbol dumper aware |
11 of the "linux3" platform |
22 of the "linux3" platform |