1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Mon Aug 20 06:53:05 UTC 2012 - wr@rosenauer.org |
2 Tue Sep 11 09:55:36 UTC 2012 - wr@rosenauer.org |
3 |
3 |
4 - update to Aurora 16.0 |
4 - update to Aurora 17 (20120910) |
|
5 |
|
6 ------------------------------------------------------------------- |
|
7 Tue Sep 11 06:16:38 UTC 2012 - wr@rosenauer.org |
|
8 |
|
9 - update to Firefox 16.0b2 |
|
10 - requires NSPR 4.9.2 |
5 - improve GStreamer integration (bmo#760140) |
11 - improve GStreamer integration (bmo#760140) |
6 |
12 - removed upstreamed mozilla-crashreporter-restart-args.patch |
7 ------------------------------------------------------------------- |
13 - webapprt now included |
8 Fri Aug 10 17:13:28 UTC 2012 - wr@rosenauer.org |
14 - use kmozillahelper's new REVEAL command (bnc#777415) |
9 |
15 (requires new API version 7) |
10 - update to Firefox 15.0b4 |
16 |
|
17 ------------------------------------------------------------------- |
|
18 Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org |
|
19 |
|
20 - update to Firefox 15.0 (bnc#777588) |
|
21 * MFSA 2012-57/CVE-2012-1970 |
|
22 Miscellaneous memory safety hazards |
|
23 * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 |
|
24 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 |
|
25 CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 |
|
26 Use-after-free issues found using Address Sanitizer |
|
27 * MFSA 2012-59/CVE-2012-1956 (bmo#756719) |
|
28 Location object can be shadowed using Object.defineProperty |
|
29 * MFSA 2012-60/CVE-2012-3965 (bmo#769108) |
|
30 Escalation of privilege through about:newtab |
|
31 * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) |
|
32 Memory corruption with bitmap format images with negative height |
|
33 * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 |
|
34 WebGL use-after-free and memory corruption |
|
35 * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 |
|
36 SVG buffer overflow and use-after-free issues |
|
37 * MFSA 2012-64/CVE-2012-3971 |
|
38 Graphite 2 memory corruption |
|
39 * MFSA 2012-65/CVE-2012-3972 (bmo#746855) |
|
40 Out-of-bounds read in format-number in XSLT |
|
41 * MFSA 2012-66/CVE-2012-3973 (bmo#757128) |
|
42 HTTPMonitor extension allows for remote debugging without explicit |
|
43 activation |
|
44 * MFSA 2012-68/CVE-2012-3975 (bmo#770684) |
|
45 DOMParser loads linked resources in extensions when parsing |
|
46 text/html |
|
47 * MFSA 2012-69/CVE-2012-3976 (bmo#768568) |
|
48 Incorrect site SSL certificate data display |
|
49 * MFSA 2012-70/CVE-2012-3978 (bmo#770429) |
|
50 Location object security checks bypassed by chrome code |
|
51 * MFSA 2012-72/CVE-2012-3980 (bmo#771859) |
|
52 Web console eval capable of executing chrome-privileged code |
11 - fix HTML5 video crash with GStreamer enabled (bmo#761030) |
53 - fix HTML5 video crash with GStreamer enabled (bmo#761030) |
12 - GStreamer is only used for MP4 (no WebM, OGG) |
54 - GStreamer is only used for MP4 (no WebM, OGG) |
13 - updated filelist |
55 - updated filelist |
14 - moved browser specific preferences to correct location |
56 - moved browser specific preferences to correct location |
15 |
57 |