|
1 ------------------------------------------------------------------- |
|
2 Wed Oct 15 08:05:33 UTC 2014 - wr@rosenauer.org |
|
3 |
|
4 - fix build for all ppc by not enabling elf-hack |
|
5 (bnc#901213) |
|
6 |
1 ------------------------------------------------------------------- |
7 ------------------------------------------------------------------- |
2 Sat Oct 11 08:48:24 UTC 2014 - wr@rosenauer.org |
8 Sat Oct 11 08:48:24 UTC 2014 - wr@rosenauer.org |
3 |
9 |
4 - update to Firefox 33.0 (bnc#) |
10 - update to Firefox 33.0 (bnc#900941) |
|
11 New features: |
|
12 * OpenH264 support (sandboxed) |
|
13 * Enhanced Tiles |
|
14 * Improved search experience through the location bar |
|
15 * Slimmer and faster JavaScript strings |
|
16 * New CSP (Content Security Policy) backend |
|
17 * Support for connecting to HTTP proxy over HTTPS |
|
18 * Improved reliability of the session restoration |
|
19 * Proprietary window.crypto properties/functions removed |
|
20 Security: |
|
21 * MFSA 2014-74/CVE-2014-1574/CVE-2014-1575 |
|
22 Miscellaneous memory safety hazards |
|
23 * MFSA 2014-75/CVE-2014-1576 (bmo#1041512) |
|
24 Buffer overflow during CSS manipulation |
|
25 * MFSA 2014-76/CVE-2014-1577 (bmo#1012609) |
|
26 Web Audio memory corruption issues with custom waveforms |
|
27 * MFSA 2014-77/CVE-2014-1578 (bmo#1063327) |
|
28 Out-of-bounds write with WebM video |
|
29 * MFSA 2014-78/CVE-2014-1580 (bmo#1063733) |
|
30 Further uninitialized memory use during GIF rendering |
|
31 * MFSA 2014-79/CVE-2014-1581 (bmo#1068218) |
|
32 Use-after-free interacting with text directionality |
|
33 * MFSA 2014-80/CVE-2014-1582/CVE-2014-1584 (bmo#1049095, bmo#1066190) |
|
34 Key pinning bypasses |
|
35 * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981) |
|
36 Inconsistent video sharing within iframe |
|
37 * MFSA 2014-82/CVE-2014-1583 (bmo#1015540) |
|
38 Accessing cross-origin objects via the Alarms API |
|
39 (only relevant for installed web apps) |
5 - requires NSPR 4.10.7 |
40 - requires NSPR 4.10.7 |
6 - requires NSS 3.17.1 |
41 - requires NSS 3.17.1 |
7 - removed obsolete patches: |
42 - removed obsolete patches: |
8 * mozilla-ppc.patch |
43 * mozilla-ppc.patch |
9 * mozilla-libproxy-compat.patch |
44 * mozilla-libproxy-compat.patch |