|
1 ------------------------------------------------------------------- |
|
2 Fri Mar 8 08:36:26 UTC 2013 - wr@rosenauer.org |
|
3 |
|
4 - update to Firefox 17.0.4 (bnc#808243) |
|
5 * MFSA 2013-29/CVE-2013-0787 (bmo#848644) |
|
6 Use-after-free in HTML Editor |
|
7 |
|
8 ------------------------------------------------------------------- |
|
9 Sat Feb 16 17:16:35 UTC 2013 - wr@rosenauer.org |
|
10 |
|
11 - update to Firefox 17.0.3esr (bnc#804248) |
|
12 * MFSA 2013-21/CVE-2013-0783 |
|
13 Miscellaneous memory safety hazards |
|
14 * MFSA 2013-24/CVE-2013-0773 (bmo#809652) |
|
15 Web content bypass of COW and SOW security wrappers |
|
16 * MFSA 2013-25/CVE-2013-0774 (bmo#827193) |
|
17 Privacy leak in JavaScript Workers |
|
18 * MFSA 2013-26/CVE-2013-0775 (bmo#831095) |
|
19 Use-after-free in nsImageLoadingContent |
|
20 * MFSA 2013-27/CVE-2013-0776 (bmo#796475) |
|
21 Phishing on HTTPS connection through malicious proxy |
|
22 * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 |
|
23 Use-after-free, out of bounds read, and buffer overflow issues |
|
24 found using Address Sanitizer |
|
25 |
1 ------------------------------------------------------------------- |
26 ------------------------------------------------------------------- |
2 Sat Jan 5 14:42:07 UTC 2013 - wr@rosenauer.org |
27 Sat Jan 5 14:42:07 UTC 2013 - wr@rosenauer.org |
3 |
28 |
4 - update to Firefox 17.0.2esr (bnc#796895) |
29 - update to Firefox 17.0.2esr (bnc#796895) |
|
30 * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 |
|
31 Miscellaneous memory safety hazards |
|
32 * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 |
|
33 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 |
|
34 Use-after-free and buffer overflow issues found using Address Sanitizer |
|
35 * MFSA 2013-03/CVE-2013-0768 (bmo#815795) |
|
36 Buffer Overflow in Canvas |
|
37 * MFSA 2013-04/CVE-2012-0759 (bmo#802026) |
|
38 URL spoofing in addressbar during page loads |
|
39 * MFSA 2013-05/CVE-2013-0744 (bmo#814713) |
|
40 Use-after-free when displaying table with many columns and column groups |
|
41 * MFSA 2013-07/CVE-2013-0764 (bmo#804237) |
|
42 Crash due to handling of SSL on threads |
|
43 * MFSA 2013-08/CVE-2013-0745 (bmo#794158) |
|
44 AutoWrapperChanger fails to keep objects alive during garbage collection |
|
45 * MFSA 2013-09/CVE-2013-0746 (bmo#816842) |
|
46 Compartment mismatch with quickstubs returned values |
|
47 * MFSA 2013-10/CVE-2013-0747 (bmo#733305) |
|
48 Event manipulation in plugin handler to bypass same-origin policy |
|
49 * MFSA 2013-11/CVE-2013-0748 (bmo#806031) |
|
50 Address space layout leaked in XBL objects |
|
51 * MFSA 2013-12/CVE-2013-0750 (bmo#805121) |
|
52 Buffer overflow in Javascript string concatenation |
|
53 * MFSA 2013-13/CVE-2013-0752 (bmo#805024) |
|
54 Memory corruption in XBL with XML bindings containing SVG |
|
55 * MFSA 2013-14/CVE-2013-0757 (bmo#813901) |
|
56 Chrome Object Wrapper (COW) bypass through changing prototype |
|
57 * MFSA 2013-15/CVE-2013-0758 (bmo#813906) |
|
58 Privilege escalation through plugin objects |
|
59 * MFSA 2013-16/CVE-2013-0753 (bmo#814001) |
|
60 Use-after-free in serializeToStream |
|
61 * MFSA 2013-17/CVE-2013-0754 (bmo#814026) |
|
62 Use-after-free in ListenerManager |
|
63 * MFSA 2013-18/CVE-2013-0755 (bmo#814027) |
|
64 Use-after-free in Vibrate |
|
65 * MFSA 2013-19/CVE-2013-0756 (bmo#814029) |
|
66 Use-after-free in Javascript Proxy objects |
|
67 - requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743) |
5 |
68 |
6 ------------------------------------------------------------------- |
69 ------------------------------------------------------------------- |
7 Thu Nov 29 20:13:39 UTC 2012 - wr@rosenauer.org |
70 Thu Nov 29 20:13:39 UTC 2012 - wr@rosenauer.org |
8 |
71 |
9 - update to Firefox 17.0.1esr |
72 - update to Firefox 17.0.1esr |