1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Sat Jul 13 20:53:28 UTC 2013 - wr@rosenauer.org |
2 Mon Sep 16 11:59:18 UTC 2013 - lnussel@suse.de |
3 |
3 |
4 - update to Firefox 24.0pre (20130713) |
4 - move greek to the translations-common package (bnc#840551) |
|
5 |
|
6 ------------------------------------------------------------------- |
|
7 Sat Sep 14 14:39:58 UTC 2013 - wr@rosenauer.org |
|
8 |
|
9 - update to Firefox 24.0 (bnc#840485) |
|
10 * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 |
|
11 Miscellaneous memory safety hazards |
|
12 * MFSA 2013-77/CVE-2013-1720 (bmo#888820) |
|
13 Improper state in HTML5 Tree Builder with templates |
|
14 * MFSA 2013-78/CVE-2013-1721 (bmo#890277) |
|
15 Integer overflow in ANGLE library |
|
16 * MFSA 2013-79/CVE-2013-1722 (bmo#893308) |
|
17 Use-after-free in Animation Manager during stylesheet cloning |
|
18 * MFSA 2013-80/CVE-2013-1723 (bmo#891292) |
|
19 NativeKey continues handling key messages after widget is destroyed |
|
20 * MFSA 2013-81/CVE-2013-1724 (bmo#894137) |
|
21 Use-after-free with select element |
|
22 * MFSA 2013-82/CVE-2013-1725 (bmo#876762) |
|
23 Calling scope for new Javascript objects can lead to memory corruption |
|
24 * MFSA 2013-85/CVE-2013-1728 (bmo#883686) |
|
25 Uninitialized data in IonMonkey |
|
26 * MFSA 2013-88/CVE-2013-1730 (bmo#851353) |
|
27 Compartment mismatch re-attaching XBL-backed nodes |
|
28 * MFSA 2013-89/CVE-2013-1732 (bmo#883514) |
|
29 Buffer overflow with multi-column, lists, and floats |
|
30 * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) |
|
31 Memory corruption involving scrolling |
|
32 * MFSA 2013-91/CVE-2013-1737 (bmo#907727) |
|
33 User-defined properties on DOM proxies get the wrong "this" object |
|
34 * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) |
|
35 GC hazard with default compartments and frame chain restoration |
|
36 - enable gstreamer explicitely via pref (gecko.js) |
|
37 - require NSS 3.15.1 |
|
38 |
|
39 ------------------------------------------------------------------- |
|
40 Mon Aug 26 07:35:36 UTC 2013 - wr@rosenauer.org |
|
41 |
|
42 - update to Firefox 23.0.1 |
|
43 * Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls |
|
44 (bmo#901527) |
|
45 |
|
46 ------------------------------------------------------------------- |
|
47 Sun Aug 4 18:30:11 UTC 2013 - wr@rosenauer.org |
|
48 |
|
49 - update to Firefox 23.0 (bnc#833389) |
|
50 * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 |
|
51 Miscellaneous memory safety hazards |
|
52 * MFSA 2013-64/CVE-2013-1704 (bmo#883313) |
|
53 Use after free mutating DOM during SetBody |
|
54 * MFSA 2013-65/CVE-2013-1705 (bmo#882865) |
|
55 Buffer underflow when generating CRMF requests |
|
56 * MFSA 2013-67/CVE-2013-1708 (bmo#879924) |
|
57 Crash during WAV audio file decoding |
|
58 * MFSA 2013-68/CVE-2013-1709 (bmo#838253) |
|
59 Document URI misrepresentation and masquerading |
|
60 * MFSA 2013-69/CVE-2013-1710 (bmo#871368) |
|
61 CRMF requests allow for code execution and XSS attacks |
|
62 * MFSA 2013-70/CVE-2013-1711 (bmo#843829) |
|
63 Bypass of XrayWrappers using XBL Scopes |
|
64 * MFSA 2013-72/CVE-2013-1713 (bmo#887098) |
|
65 Wrong principal used for validating URI for some Javascript |
|
66 components |
|
67 * MFSA 2013-73/CVE-2013-1714 (bmo#879787) |
|
68 Same-origin bypass with web workers and XMLHttpRequest |
|
69 * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) |
|
70 Local Java applets may read contents of local file system |
5 - requires NSPR 4.10 and NSS 3.15 |
71 - requires NSPR 4.10 and NSS 3.15 |
6 - enable gstreamer via pref |
|
7 |
72 |
8 ------------------------------------------------------------------- |
73 ------------------------------------------------------------------- |
9 Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com |
74 Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com |
10 |
75 |
11 - fix build on ARM (/-g/ matches /-grecord-switches/) |
76 - fix build on ARM (/-g/ matches /-grecord-switches/) |