1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Fri Oct 26 10:59:41 UTC 2012 - wr@rosenauer.org |
2 Wed Nov 21 08:54:09 UTC 2012 - wr@rosenauer.org |
3 |
3 |
4 - update to Aurora 18 (20121025) |
4 - update to Firefox 18.0b1 |
5 * requires NSS 3.14 |
5 * requires NSS 3.14 |
6 - enable system NSPR |
6 * removed obsolete SLE11 patches (mozilla-gcc43*) |
7 - ported patches |
7 - ported patches |
|
8 - reenable WebRTC |
|
9 |
|
10 ------------------------------------------------------------------- |
|
11 Tue Nov 20 19:52:02 UTC 2012 - wr@rosenauer.org |
|
12 |
|
13 - update to Firefox 17.0 (bnc#790140) |
|
14 * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 |
|
15 Miscellaneous memory safety hazards |
|
16 * MFSA 2012-92/CVE-2012-4202 (bmo#758200) |
|
17 Buffer overflow while rendering GIF images |
|
18 * MFSA 2012-93/CVE-2012-4201 (bmo#747607) |
|
19 evalInSanbox location context incorrectly applied |
|
20 * MFSA 2012-94/CVE-2012-5836 (bmo#792857) |
|
21 Crash when combining SVG text on path with CSS |
|
22 * MFSA 2012-95/CVE-2012-4203 (bmo#765628) |
|
23 Javascript: URLs run in privileged context on New Tab page |
|
24 * MFSA 2012-96/CVE-2012-4204 (bmo#778603) |
|
25 Memory corruption in str_unescape |
|
26 * MFSA 2012-97/CVE-2012-4205 (bmo#779821) |
|
27 XMLHttpRequest inherits incorrect principal within sandbox |
|
28 * MFSA 2012-99/CVE-2012-4208 (bmo#798264) |
|
29 XrayWrappers exposes chrome-only properties when not in chrome |
|
30 compartment |
|
31 * MFSA 2012-100/CVE-2012-5841 (bmo#805807) |
|
32 Improper security filtering for cross-origin wrappers |
|
33 * MFSA 2012-101/CVE-2012-4207 (bmo#801681) |
|
34 Improper character decoding in HZ-GB-2312 charset |
|
35 * MFSA 2012-102/CVE-2012-5837 (bmo#800363) |
|
36 Script entered into Developer Toolbar runs with chrome privileges |
|
37 * MFSA 2012-103/CVE-2012-4209 (bmo#792405) |
|
38 Frames can shadow top.location |
|
39 * MFSA 2012-104/CVE-2012-4210 (bmo#796866) |
|
40 CSS and HTML injection through Style Inspector |
|
41 * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ |
|
42 CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ |
|
43 CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 |
|
44 Use-after-free and buffer overflow issues found using Address |
|
45 Sanitizer |
|
46 * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 |
|
47 Use-after-free, buffer overflow, and memory corruption issues |
|
48 found using Address Sanitizer |
|
49 - rebased patches |
|
50 - disabled WebRTC since build is broken (bmo#776877) |
|
51 |
|
52 ------------------------------------------------------------------- |
|
53 Tue Nov 20 15:42:55 UTC 2012 - pcerny@suse.com |
|
54 |
|
55 - build on SLE11 |
|
56 * mozilla-gcc43-enums.patch |
|
57 * mozilla-gcc43-template_hacks.patch |
|
58 * mozilla-gcc43-templates_instantiation.patch |
8 |
59 |
9 ------------------------------------------------------------------- |
60 ------------------------------------------------------------------- |
10 Wed Oct 24 08:27:29 UTC 2012 - wr@rosenauer.org |
61 Wed Oct 24 08:27:29 UTC 2012 - wr@rosenauer.org |
11 |
62 |
12 - update to Firefox 16.0.2 (bnc#786522) |
63 - update to Firefox 16.0.2 (bnc#786522) |