Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/firefox-esr.changes
branchfirefox38
changeset 873 b8713c1e2156
parent 865 646495e9e721
child 874 255a6c12c85f
equal deleted inserted replaced
865:646495e9e721 873:b8713c1e2156 
       
     1 -------------------------------------------------------------------
 
       
     2 Fri Aug  7 09:24:56 UTC 2015 - wr@rosenauer.org
 
       
     3 
       
     4 - security update to Firefox 38.1.1 (bnc#940918)
 
       
     5   * MFSA 2015-78/CVE-2015-4495 (bmo#1179262, bmo#1178058)
 
       
     6     Same origin violation and local file stealing via PDF reader
 
       
     7 
     1 -------------------------------------------------------------------
 
     8 -------------------------------------------------------------------
 
     2 Sun Jun 28 07:11:18 UTC 2015 - wr@rosenauer.org
 
     9 Sun Jun 28 07:11:18 UTC 2015 - wr@rosenauer.org
 
     3 
    10 
     4 - renamed package to firefox-esr for ESR 38 cycle
 
    11 - renamed package to firefox-esr for ESR 38 cycle
 
     5 
    12 
     6 -------------------------------------------------------------------
 
    13 -------------------------------------------------------------------
 
     7 Sat Jun 27 21:19:48 UTC 2015 - wr@rosenauer.org
 
    14 Sat Jun 27 21:19:48 UTC 2015 - wr@rosenauer.org
 
     8 
    15 
     9 - update to Firefox 38.1.0 (bnc#935979)
 
    16 - update to Firefox 38.1.0 (bnc#935979)
 
       
    17   * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725
 
       
    18     Miscellaneous memory safety hazards
 
       
    19   * MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
 
       
    20     Local files or privileged URLs in pages can be opened into new tabs
 
       
    21   * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
 
       
    22     Type confusion in Indexed Database Manager
 
       
    23   * MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
 
       
    24     Out-of-bound read while computing an oscillator rendering range in Web Audio
 
       
    25   * MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
 
       
    26     Use-after-free in Content Policy due to microtask execution error
 
       
    27   * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
 
       
    28     ECDSA signature validation fails to handle some signatures correctly
 
       
    29     (this fix is shipped by NSS 3.19.1 externally)
 
       
    30   * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
 
       
    31     Use-after-free in workers while using XMLHttpRequest
 
       
    32   * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
 
       
    33     CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
 
       
    34     Vulnerabilities found through code inspection
 
       
    35   * MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
 
       
    36     Key pinning is ignored when overridable errors are encountered
 
       
    37   * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
 
       
    38     Privilege escalation in PDF.js
 
       
    39   * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
 
       
    40     NSS accepts export-length DHE keys with regular DHE cipher suites
 
       
    41     (this fix is shipped by NSS 3.19.1 externally)
 
       
    42   * MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
 
       
    43     NSS incorrectly permits skipping of ServerKeyExchange
 
       
    44     (this fix is shipped by NSS 3.19.1 externally)
 
    10 - requires NSS 3.19.2
 
    45 - requires NSS 3.19.2
 
    11 
    46 
    12 -------------------------------------------------------------------
 
    47 -------------------------------------------------------------------
 
    13 Thu Jun 18 10:30:18 UTC 2015 - schwab@suse.de
 
    48 Thu Jun 18 10:30:18 UTC 2015 - schwab@suse.de
 
    14 
    49
mozilla