1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Mon Jun 17 20:56:08 UTC 2013 - wr@rosenauer.org |
2 Sat Jul 13 20:53:28 UTC 2013 - wr@rosenauer.org |
3 |
3 |
4 - update to Firefox 23.0pre (20130616) |
4 - update to Firefox 24.0pre (20130713) |
5 - requires NSPR 4.10 and NSS 3.15 |
5 - requires NSPR 4.10 and NSS 3.15 |
6 |
6 - enable gstreamer via pref |
7 ------------------------------------------------------------------- |
7 |
8 Sun Jun 16 21:54:10 UTC 2013 - wr@rosenauer.org |
8 ------------------------------------------------------------------- |
9 |
9 Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com |
10 - update to Firefox 22.0b5 |
10 |
|
11 - fix build on ARM (/-g/ matches /-grecord-switches/) |
|
12 |
|
13 ------------------------------------------------------------------- |
|
14 Sat Jun 22 17:48:06 UTC 2013 - wr@rosenauer.org |
|
15 |
|
16 - update to Firefox 22.0 (bnc#825935) |
11 * removed obsolete patches |
17 * removed obsolete patches |
12 + mozilla-qcms-ppc.patch |
18 + mozilla-qcms-ppc.patch |
13 + mozilla-gstreamer-760140.patch |
19 + mozilla-gstreamer-760140.patch |
|
20 * GStreamer support does not build on 12.1 anymore (build only |
|
21 on 12.2 and later) |
|
22 * MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 |
|
23 Miscellaneous memory safety hazards |
|
24 * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 |
|
25 Memory corruption found using Address Sanitizer |
|
26 * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) |
|
27 Privileged content access and execution via XBL |
|
28 * MFSA 2013-52/CVE-2013-1688 (bmo#873966) |
|
29 Arbitrary code execution within Profiler |
|
30 * MFSA 2013-53/CVE-2013-1690 (bmo#857883) |
|
31 Execution of unmapped memory through onreadystatechange event |
|
32 * MFSA 2013-54/CVE-2013-1692 (bmo#866915) |
|
33 Data in the body of XHR HEAD requests leads to CSRF attacks |
|
34 * MFSA 2013-55/CVE-2013-1693 (bmo#711043) |
|
35 SVG filters can lead to information disclosure |
|
36 * MFSA 2013-56/CVE-2013-1694 (bmo#848535) |
|
37 PreserveWrapper has inconsistent behavior |
|
38 * MFSA 2013-57/CVE-2013-1695 (bmo#849791) |
|
39 Sandbox restrictions not applied to nested frame elements |
|
40 * MFSA 2013-58/CVE-2013-1696 (bmo#761667) |
|
41 X-Frame-Options ignored when using server push with multi-part |
|
42 responses |
|
43 * MFSA 2013-59/CVE-2013-1697 (bmo#858101) |
|
44 XrayWrappers can be bypassed to run user defined methods in a |
|
45 privileged context |
|
46 * MFSA 2013-60/CVE-2013-1698 (bmo#876044) |
|
47 getUserMedia permission dialog incorrectly displays location |
|
48 * MFSA 2013-61/CVE-2013-1699 (bmo#840882) |
|
49 Homograph domain spoofing in .com, .net and .name |
14 |
50 |
15 ------------------------------------------------------------------- |
51 ------------------------------------------------------------------- |
16 Tue Jun 11 21:06:58 UTC 2013 - dvaleev@suse.com |
52 Tue Jun 11 21:06:58 UTC 2013 - dvaleev@suse.com |
17 |
53 |
18 - Fix qcms altivec include (mozilla-qcms-ppc.patch) |
54 - Fix qcms altivec include (mozilla-qcms-ppc.patch) |