Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/firefox-esr.changes
branchesr10
changeset 559 701357e7b6e1
parent 549 eed5124a1ab3
child 561 9139b0467f6c
equal deleted inserted replaced
550:6f1c629eb77d 559:701357e7b6e1 
     1 -------------------------------------------------------------------
 
     1 -------------------------------------------------------------------
 
     2 Sat Oct  6 22:06:43 UTC 2012 - wr@rosenauer.org
 
     2 Sat Oct  6 22:06:43 UTC 2012 - wr@rosenauer.org
 
     3 
     3 
     4 - update to Firefox 10.0.8esr (bnc#783533)
 
     4 - update to Firefox 10.0.8esr (bnc#783533)
 
       
     5   * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
 
       
     6     Location object can be shadowed using Object.defineProperty
 
       
     7   * MFSA 2012-74/CVE-2012-3982
 
       
     8     Miscellaneous memory safety hazards
 
       
     9   * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
 
       
    10     Some DOMWindowUtils methods bypass security checks
 
       
    11   * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
 
       
    12     DOS and crash with full screen and history navigation
 
       
    13   * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
 
       
    14     GetProperty function can bypass security checks
 
       
    15   * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
 
       
    16     top object and location property accessible by plugins
 
       
    17   * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
 
       
    18     Chrome Object Wrapper (COW) does not disallow acces to privileged
 
       
    19     functions or properties
 
       
    20   * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
 
       
    21     Spoofing and script injection through location.hash
 
       
    22   * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
 
       
    23     CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
 
       
    24     Use-after-free, buffer overflow, and out of bounds read issues
 
       
    25     found using Address Sanitizer
 
       
    26   * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
 
       
    27     CVE-2012-4188
 
       
    28     Heap memory corruption issues found using Address Sanitizer
 
       
    29   * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
 
       
    30     Use-after-free in the IME State Manager
 
     5 
    31 
     6 -------------------------------------------------------------------
 
    32 -------------------------------------------------------------------
 
     7 Sun Aug 26 13:56:19 UTC 2012 - wr@rosenauer.org
 
    33 Sun Aug 26 13:56:19 UTC 2012 - wr@rosenauer.org
 
     8 
    34 
     9 - update to Firefox 10.0.7esr (bnc#777588)
 
    35 - update to Firefox 10.0.7esr (bnc#777588)
mozilla