|
1 ------------------------------------------------------------------- |
|
2 Mon Apr 11 22:49:24 UTC 2016 - astieger@suse.com |
|
3 |
|
4 - Mozilla Firefox 45.0.2: |
|
5 * Fix an issue impacting the cookie header when third-party |
|
6 cookies are blocked (bmo#1257861) |
|
7 * Fix a web compatibility regression impacting the srcset |
|
8 attribute of the image tag (bmo#1259482) |
|
9 * Fix a crash impacting the video playback with Media Source |
|
10 Extension (bmo#1258562) |
|
11 * Fix a regression impacting some specific uploads (bmo#1255735) |
|
12 * Fix a regression with the copy and paste with some old versions |
|
13 of some Gecko applications like Thunderbird (bmo#1254980) |
|
14 |
|
15 ------------------------------------------------------------------- |
|
16 Fri Mar 18 08:52:58 UTC 2016 - astieger@suse.com |
|
17 |
|
18 - Mozilla Firefox 45.0.1: |
|
19 * Fix a regression causing search engine settings to be lost in |
|
20 some context (bmo#1254694) |
|
21 * Bring back non-standard jar: URIs to fix a regression in IBM |
|
22 iNotes (bmo#1255139) |
|
23 * XSLTProcessor.importStylesheet was failing when <import> was |
|
24 used (bmo#1249572) |
|
25 * Fix an issue which could cause the list of search provider to |
|
26 be empty (bmo#1255605) |
|
27 * Fix a regression when using the location bar (bmo#1254503) |
|
28 * Fix some loading issues when Accept third-party cookies: was |
|
29 set to Never (bmo#1254856) |
|
30 * Disabled Graphite font shaping library |
|
31 |
1 ------------------------------------------------------------------- |
32 ------------------------------------------------------------------- |
2 Sun Mar 6 19:52:13 UTC 2016 - wr@rosenauer.org |
33 Sun Mar 6 19:52:13 UTC 2016 - wr@rosenauer.org |
3 |
34 |
4 - update to Firefox 45.0 |
35 - update to Firefox 45.0 (boo#969894) |
5 * requires NSPR 4.12 / NSS 3.21.1 |
36 * requires NSPR 4.12 / NSS 3.21.1 |
6 * Instant browser tab sharing through Hello |
37 * Instant browser tab sharing through Hello |
7 * Synced Tabs button in button bar |
38 * Synced Tabs button in button bar |
8 * Tabs synced via Firefox Accounts from other devices are now shown |
39 * Tabs synced via Firefox Accounts from other devices are now shown |
9 in dropdown area of Awesome Bar when searching |
40 in dropdown area of Awesome Bar when searching |
10 * Introduce a new preference (network.dns.blockDotOnion) to allow |
41 * Introduce a new preference (network.dns.blockDotOnion) to allow |
11 blocking .onion at the DNS level |
42 blocking .onion at the DNS level |
12 * Tab Groups (Panorama) feature removed |
43 * Tab Groups (Panorama) feature removed |
|
44 * MFSA 2016-16/CVE-2016-1952/CVE-2016-1953 |
|
45 Miscellaneous memory safety hazards |
|
46 * MFSA 2016-17/CVE-2016-1954 (bmo#1243178) |
|
47 Local file overwriting and potential privilege escalation through |
|
48 CSP reports |
|
49 * MFSA 2016-18/CVE-2016-1955 (bmo#1208946) |
|
50 CSP reports fail to strip location information for embedded iframe pages |
|
51 * MFSA 2016-19/CVE-2016-1956 (bmo#1199923) |
|
52 Linux video memory DOS with Intel drivers |
|
53 * MFSA 2016-20/CVE-2016-1957 (bmo#1227052) |
|
54 Memory leak in libstagefright when deleting an array during MP4 |
|
55 processing |
|
56 * MFSA 2016-21/CVE-2016-1958 (bmo#1228754) |
|
57 Displayed page address can be overridden |
|
58 * MFSA 2016-22/CVE-2016-1959 (bmo#1234949) |
|
59 Service Worker Manager out-of-bounds read in Service Worker Manager |
|
60 * MFSA 2016-23/CVE-2016-1960/ZDI-CAN-3545 (bmo#1246014) |
|
61 Use-after-free in HTML5 string parser |
|
62 * MFSA 2016-24/CVE-2016-1961/ZDI-CAN-3574 (bmo#1249377) |
|
63 Use-after-free in SetBody |
|
64 * MFSA 2016-25/CVE-2016-1962 (bmo#1240760) |
|
65 Use-after-free when using multiple WebRTC data channels |
|
66 * MFSA 2016-26/CVE-2016-1963 (bmo#1238440) |
|
67 Memory corruption when modifying a file being read by FileReader |
|
68 * MFSA 2016-27/CVE-2016-1964 (bmo#1243335) |
|
69 Use-after-free during XML transformations |
|
70 * MFSA 2016-28/CVE-2016-1965 (bmo#1245264) |
|
71 Addressbar spoofing though history navigation and Location protocol |
|
72 property |
|
73 * MFSA 2016-29/CVE-2016-1967 (bmo#1246956) |
|
74 Same-origin policy violation using perfomance.getEntries and |
|
75 history navigation with session restore |
|
76 * MFSA 2016-30/CVE-2016-1968 (bmo#1246742) |
|
77 Buffer overflow in Brotli decompression |
|
78 * MFSA 2016-31/CVE-2016-1966 (bmo#1246054) |
|
79 Memory corruption with malicious NPAPI plugin |
|
80 * MFSA 2016-32/CVE-2016-1970/CVE-2016-1971/CVE-2016-1975/ |
|
81 CVE-2016-1976/CVE-2016-1972 |
|
82 WebRTC and LibVPX vulnerabilities found through code inspection |
|
83 * MFSA 2016-33/CVE-2016-1973 (bmo#1219339) |
|
84 Use-after-free in GetStaticInstance in WebRTC |
|
85 * MFSA 2016-34/CVE-2016-1974 (bmo#1228103) |
|
86 Out-of-bounds read in HTML parser following a failed allocation |
|
87 * MFSA 2016-35/CVE-2016-1950 (bmo#1245528) |
|
88 Buffer overflow during ASN.1 decoding in NSS |
|
89 (fixed by requiring 3.21.1) |
|
90 * MFSA 2016-36/CVE-2016-1979 (bmo#1185033) |
|
91 Use-after-free during processing of DER encoded keys in NSS |
|
92 (fixed by requiring 3.21.1) |
|
93 * MFSA 2016-37/CVE-2016-1977/CVE-2016-2790/CVE-2016-2791/ |
|
94 CVE-2016-2792/CVE-2016-2793/CVE-2016-2794/CVE-2016-2795/ |
|
95 CVE-2016-2796/CVE-2016-2797/CVE-2016-2798/CVE-2016-2799/ |
|
96 CVE-2016-2800/CVE-2016-2801/CVE-2016-2802 |
|
97 Font vulnerabilities in the Graphite 2 library |
13 |
98 |
14 ------------------------------------------------------------------- |
99 ------------------------------------------------------------------- |
15 Sat Mar 5 15:27:00 UTC 2016 - olaf@aepfle.de |
100 Sat Mar 5 15:27:00 UTC 2016 - olaf@aepfle.de |
16 |
101 |
17 - Remove B_CNT from symbols.zip filename to reduce build-compare noise |
102 - Remove B_CNT from symbols.zip filename to reduce build-compare noise |