2 Sat Jul 13 20:53:28 UTC 2013 - wr@rosenauer.org

     2 Mon Sep 16 11:59:18 UTC 2013 - lnussel@suse.de

     3 

     3 

     4 - update to Firefox 24.0pre (20130713)

     4 - move greek to the translations-common package (bnc#840551)

     5 

     6 -------------------------------------------------------------------

     7 Sat Sep 14 14:39:58 UTC 2013 - wr@rosenauer.org

     8 

     9 - update to Firefox 24.0 (bnc#840485)

    10   * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719

    11     Miscellaneous memory safety hazards

    12   * MFSA 2013-77/CVE-2013-1720 (bmo#888820)

    13     Improper state in HTML5 Tree Builder with templates

    14   * MFSA 2013-78/CVE-2013-1721 (bmo#890277)

    15     Integer overflow in ANGLE library

    16   * MFSA 2013-79/CVE-2013-1722 (bmo#893308)

    17     Use-after-free in Animation Manager during stylesheet cloning

    18   * MFSA 2013-80/CVE-2013-1723 (bmo#891292)

    19     NativeKey continues handling key messages after widget is destroyed

    20   * MFSA 2013-81/CVE-2013-1724 (bmo#894137)

    21     Use-after-free with select element

    22   * MFSA 2013-82/CVE-2013-1725 (bmo#876762)

    23     Calling scope for new Javascript objects can lead to memory corruption

    24   * MFSA 2013-85/CVE-2013-1728 (bmo#883686)

    25     Uninitialized data in IonMonkey

    26   * MFSA 2013-88/CVE-2013-1730 (bmo#851353)

    27     Compartment mismatch re-attaching XBL-backed nodes

    28   * MFSA 2013-89/CVE-2013-1732 (bmo#883514)

    29     Buffer overflow with multi-column, lists, and floats

    30   * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)

    31     Memory corruption involving scrolling

    32   * MFSA 2013-91/CVE-2013-1737 (bmo#907727)

    33     User-defined properties on DOM proxies get the wrong "this" object

    34   * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)

    35     GC hazard with default compartments and frame chain restoration

    36 - enable gstreamer explicitely via pref (gecko.js)

    37 - require NSS 3.15.1

    38 

    39 -------------------------------------------------------------------

    40 Mon Aug 26 07:35:36 UTC 2013 - wr@rosenauer.org

    41 

    42 - update to Firefox 23.0.1

    43   * Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls

    44     (bmo#901527)

    45 

    46 -------------------------------------------------------------------

    47 Sun Aug  4 18:30:11 UTC 2013 - wr@rosenauer.org

    48 

    49 - update to Firefox 23.0 (bnc#833389)

    50   * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702

    51     Miscellaneous memory safety hazards

    52   * MFSA 2013-64/CVE-2013-1704 (bmo#883313)

    53     Use after free mutating DOM during SetBody

    54   * MFSA 2013-65/CVE-2013-1705 (bmo#882865)

    55     Buffer underflow when generating CRMF requests

    56   * MFSA 2013-67/CVE-2013-1708 (bmo#879924)

    57     Crash during WAV audio file decoding

    58   * MFSA 2013-68/CVE-2013-1709 (bmo#838253)

    59     Document URI misrepresentation and masquerading

    60   * MFSA 2013-69/CVE-2013-1710 (bmo#871368)

    61     CRMF requests allow for code execution and XSS attacks

    62   * MFSA 2013-70/CVE-2013-1711 (bmo#843829)

    63     Bypass of XrayWrappers using XBL Scopes

    64   * MFSA 2013-72/CVE-2013-1713 (bmo#887098)

    65     Wrong principal used for validating URI for some Javascript

    66     components

    67   * MFSA 2013-73/CVE-2013-1714 (bmo#879787)

    68     Same-origin bypass with web workers and XMLHttpRequest

    69   * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)

    70     Local Java applets may read contents of local file system