1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Mon Jun 25 20:14:50 UTC 2012 - wr@rosenauer.org |
2 Thu Jul 19 18:25:48 UTC 2012 - wr@rosenauer.org |
3 |
3 |
4 - update to Aurora 15 (20120625) |
4 - update to 15.0b1 |
5 |
5 |
6 ------------------------------------------------------------------- |
6 ------------------------------------------------------------------- |
7 Fri Jun 15 12:40:23 UTC 2012 - wr@rosenauer.org |
7 Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org |
8 |
8 |
9 - update to 13.0.1 |
9 - update to 14.0.1 (bnc#771583) |
10 * bugfix release |
10 * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 |
|
11 Miscellaneous memory safety hazards |
|
12 * MFSA 2012-43/CVE-2012-1950 |
|
13 Incorrect URL displayed in addressbar through drag and drop |
|
14 * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952 |
|
15 Gecko memory corruption |
|
16 * MFSA 2012-45/CVE-2012-1955 (bmo#757376) |
|
17 Spoofing issue with location |
|
18 * MFSA 2012-46/CVE-2012-1966 (bmo#734076) |
|
19 XSS through data: URLs |
|
20 * MFSA 2012-47/CVE-2012-1957 (bmo#750096) |
|
21 Improper filtering of javascript in HTML feed-view |
|
22 * MFSA 2012-48/CVE-2012-1958 (bmo#750820) |
|
23 use-after-free in nsGlobalWindow::PageHidden |
|
24 * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) |
|
25 Same-compartment Security Wrappers can be bypassed |
|
26 * MFSA 2012-50/CVE-2012-1960 (bmo#761014) |
|
27 Out of bounds read in QCMS |
|
28 * MFSA 2012-51/CVE-2012-1961 (bmo#761655) |
|
29 X-Frame-Options header ignored when duplicated |
|
30 * MFSA 2012-52/CVE-2012-1962 (bmo#764296) |
|
31 JSDependentString::undepend string conversion results in memory |
|
32 corruption |
|
33 * MFSA 2012-53/CVE-2012-1963 (bmo#767778) |
|
34 Content Security Policy 1.0 implementation errors cause data |
|
35 leakage |
|
36 * MFSA 2012-55/CVE-2012-1965 (bmo#758990) |
|
37 feed: URLs with an innerURI inherit security context of page |
|
38 * MFSA 2012-56/CVE-2012-1967 (bmo#758344) |
|
39 Code execution through javascript: URLs |
|
40 - license change from tri license to MPL-2.0 |
|
41 - require NSS 3.13.5 |
|
42 - PPC fixes: |
|
43 * reenabled mozilla-yarr-pcre.patch to fix build for PPC |
|
44 * add patches for bmo#750620 and bmo#746112 |
|
45 * fix xpcshell segfault on ppc |
|
46 - build plugin-container on every arch |
11 |
47 |
12 ------------------------------------------------------------------- |
48 ------------------------------------------------------------------- |
13 Sat Jun 2 09:16:34 UTC 2012 - wr@rosenauer.org |
49 Sat Jun 2 09:16:34 UTC 2012 - wr@rosenauer.org |
14 |
50 |
15 - update to 13.0 (bnc#765204) |
51 - update to 13.0 (bnc#765204) |