1 ------------------------------------------------------------------- |
|
2 Mon Aug 10 16:40:17 UTC 2015 - wr@rosenauer.org |
|
3 |
|
4 - update to xulrunner 38.2.0esr (bnc#940806) |
|
5 * MFSA 2015-79/CVE-2015-4473 |
|
6 Miscellaneous memory safety hazards |
|
7 * MFSA 2015-80/CVE-2015-4475 (bmo#1175396) |
|
8 Out-of-bounds read with malformed MP3 file |
|
9 * MFSA 2015-82/CVE-2015-4478 (bmo#1105914) |
|
10 Redefinition of non-configurable JavaScript object properties |
|
11 * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493 |
|
12 Overflow issues in libstagefright |
|
13 * MFSA 2015-84/CVE-2015-4481 (bmo1171518) |
|
14 Arbitrary file overwriting through Mozilla Maintenance Service |
|
15 with hard links (only affected Windows) |
|
16 * MFSA 2015-85/CVE-2015-4482 (bmo#1184500) |
|
17 Out-of-bounds write with Updater and malicious MAR file |
|
18 (does not affect openSUSE RPM packages which do not ship the |
|
19 updater) |
|
20 * MFSA 2015-87/CVE-2015-4484 (bmo#1171540) |
|
21 Crash when using shared memory in JavaScript |
|
22 * MFSA 2015-88/CVE-2015-4491 (bmo#1184009) |
|
23 Heap overflow in gdk-pixbuf when scaling bitmap images |
|
24 * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148) |
|
25 Buffer overflows on Libvpx when decoding WebM video |
|
26 * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489 |
|
27 Vulnerabilities found through code inspection |
|
28 * MFSA 2015-92/CVE-2015-4492 (bmo#1185820) |
|
29 Use-after-free in XMLHttpRequest with shared workers |
|
30 - rebased all patches |
|
31 - dropped obsolete patches: |
|
32 * mozilla-sle11.patch |
|
33 * mozilla-ppc.patch |
|
34 * mozilla-nullptr-gcc45.patch |
|
35 * mozilla-libproxy-compat.patch |
|
36 * mozilla-fix-compilation-gcc5-bmo-1021171.patch |
|
37 * mozilla-fix-compilation-gcc5-bmo-1153109.patch |
|
38 * mozilla-aarch64-bmo-810631.patch |
|
39 - added platform specific patches from Firefox package: |
|
40 * mozilla-skia-be-le.patch |
|
41 * mozilla-bmo1005535.patch |
|
42 * mozilla-add-glibcxx_use_cxx11_abi.patch |
|
43 * mozilla-arm64-libjpeg-turbo.patch |
|
44 * mozilla-shared-nss-db.patch |
|
45 |
|
46 ------------------------------------------------------------------- |
|
47 Sat Jun 27 15:26:00 UTC 2015 - wr@rosenauer.org |
|
48 |
|
49 - update to 31.8.0 (bnc#935979) |
|
50 * MFSA 2015-59/CVE-2015-2724 |
|
51 Miscellaneous memory safety hazards |
|
52 * MFSA 2015-61/CVE-2015-2728 (bmo#1142210) |
|
53 Type confusion in Indexed Database Manager |
|
54 * MFSA 2015-64/CVE-2015-2730 (bmo#1125025) |
|
55 ECDSA signature validation fails to handle some signatures correctly |
|
56 (this fix is shipped by NSS 3.19.1 externally) |
|
57 * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867) |
|
58 Use-after-free in workers while using XMLHttpRequest |
|
59 * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737 |
|
60 CVE-2015-2738/CVE-2015-2739/CVE-2015-2740 |
|
61 Vulnerabilities found through code inspection |
|
62 * MFSA 2015-69/CVE-2015-2743 (bmo#1163109) |
|
63 Privilege escalation in PDF.js |
|
64 * MFSA 2015-70/CVE-2015-4000 (bmo#1138554) |
|
65 NSS accepts export-length DHE keys with regular DHE cipher suites |
|
66 (this fix is shipped by NSS 3.19.1 externally) |
|
67 * MFSA 2015-71/CVE-2015-2721 (bmo#1086145) |
|
68 NSS incorrectly permits skipping of ServerKeyExchange |
|
69 (this fix is shipped by NSS 3.19.1 externally) |
|
70 - requires NSS 3.19.2 |
|
71 |
|
72 -------------------------------------------------------------------- |
|
73 Sun Jun 21 09:39:51 UTC 2015 - antoine.belvire@laposte.net |
|
74 |
|
75 - Fix compilation with GCC5 (bmo#1153109, bmo#1021171) |
|
76 * add mozilla-fix-compilation-gcc5-bmo-1153109.patch |
|
77 * add mozilla-fix-compilation-gcc5-bmo-1021171.patch |
|
78 |
|
79 ------------------------------------------------------------------- |
|
80 Wed May 6 07:49:53 UTC 2015 - wr@rosenauer.org |
|
81 |
|
82 - update to 31.7.0 (bnc#930622) |
|
83 * MFSA 2015-46/CVE-2015-2708 |
|
84 Miscellaneous memory safety hazards |
|
85 * MFSA 2015-47/VE-2015-0797 (bmo#1080995) |
|
86 Buffer overflow parsing H.264 video with Linux Gstreamer |
|
87 * MFSA 2015-48/CVE-2015-2710 (bmo#1149542) |
|
88 Buffer overflow with SVG content and CSS |
|
89 * MFSA 2015-51/CVE-2015-2713 (bmo#1153478) |
|
90 Use-after-free during text processing with vertical text enabled |
|
91 * MFSA 2015-54/CVE-2015-2716 (bmo#1140537) |
|
92 Buffer overflow when parsing compressed XML |
|
93 * MFSA 2015-57/CVE-2011-3079 (bmo#1087565) |
|
94 Privilege escalation through IPC channel messages |
|
95 - strip baselibs.conf to reflect the current set of packages |
|
96 |
|
97 ------------------------------------------------------------------- |
|
98 Mon Mar 30 07:56:19 UTC 2015 - wr@rosenauer.org |
|
99 |
|
100 - update to 31.6.0 (bnc#925368) |
|
101 * MFSA 2015-30/CVE-2015-0815 |
|
102 Miscellaneous memory safety hazards |
|
103 * MFSA 2015-31/CVE-2015-0813 (bmo#1106596)) |
|
104 Use-after-free when using the Fluendo MP3 GStreamer plugin |
|
105 * MFSA 2015-33/CVE-2015-0816 (bmo#1144991) |
|
106 resource:// documents can load privileged pages |
|
107 * MFSA-2015-37/CVE-2015-0807 (bmo#1111834) |
|
108 CORS requests should not follow 30x redirections after preflight |
|
109 * MFSA-2015-40/CVE-2015-0801 (bmo#1146339) |
|
110 Same-origin bypass through anchor navigation |
|
111 |
|
112 ------------------------------------------------------------------- |
|
113 Thu Feb 19 22:56:55 UTC 2015 - wr@rosenauer.org |
|
114 |
|
115 - update to 31.5.0 (bnc#917597) |
|
116 * MFSA 2015-11/CVE-2015-0836 |
|
117 Miscellaneous memory safety hazards |
|
118 * MFSA 2015-12/CVE-2015-0833 (bmo#945192) |
|
119 Invoking Mozilla updater will load locally stored DLL files |
|
120 (Windows only) |
|
121 * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) |
|
122 Use-after-free in IndexedDB |
|
123 * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) |
|
124 Out-of-bounds read and write while rendering SVG content |
|
125 * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) |
|
126 Reading of local files through manipulation of form autocomplete |
|
127 |
|
128 ------------------------------------------------------------------- |
|
129 Sat Jan 10 17:33:51 UTC 2015 - wr@rosenauer.org |
|
130 |
|
131 - update to 31.4.0 (bnc#910669) |
|
132 * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 |
|
133 Miscellaneous memory safety hazards |
|
134 * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) |
|
135 sendBeacon requests lack an Origin header |
|
136 * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) |
|
137 Cookie injection through Proxy Authenticate responses |
|
138 * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) |
|
139 Read-after-free in WebRTC |
|
140 |
|
141 ------------------------------------------------------------------- |
|
142 Wed Dec 31 16:01:40 UTC 2014 - dimstar@opensuse.org |
|
143 |
|
144 - Do not require mozilla-js-32bit from xulrunner-32bit: since we |
|
145 have shared_js currently set to 0, mozilla-js(-32bit) is not |
|
146 being built. |
|
147 |
|
148 ------------------------------------------------------------------- |
|
149 Sun Nov 30 12:15:59 UTC 2014 - wr@rosenauer.org |
|
150 |
|
151 - update to 31.3.0 (bnc#908009) |
|
152 * MFSA 2014-83/CVE-2014-1587 |
|
153 Miscellaneous memory safety hazards |
|
154 * MFSA 2014-85/CVE-2014-1590 (bmo#1087633) |
|
155 XMLHttpRequest crashes with some input streams |
|
156 * MFSA 2014-87/CVE-2014-1592 (bmo#1088635) |
|
157 Use-after-free during HTML5 parsing |
|
158 * MFSA 2014-88/CVE-2014-1593 (bmo#1085175) |
|
159 Buffer overflow while parsing media content |
|
160 * MFSA 2014-89/CVE-2014-1594 (bmo#1074280) |
|
161 Bad casting from the BasicThebesLayer to BasicContainerLayer |
|
162 - readded mozilla-pkgconfig.patch |
|
163 |
|
164 ------------------------------------------------------------------- |
|
165 Thu Nov 13 08:37:50 UTC 2014 - guillaume@opensuse.org |
|
166 |
|
167 - Fix %arm build (fix CFLAGS) |
|
168 - Disable elf-hack for aarch64 |
|
169 |
|
170 ------------------------------------------------------------------- |
|
171 Sat Nov 1 13:08:20 UTC 2014 - wr@rosenauer.org |
|
172 |
|
173 - update to 31.2.0 |
|
174 - synchronize patchset with firefox-esr |
|
175 - removed add-plugins.sh in favor of using a pref to use myspell |
|
176 |
|
177 ------------------------------------------------------------------- |
|
178 Wed Sep 18 14:39:34 UTC 2013 - wr@rosenauer.org |
|
179 |
|
180 - update to 24.0 (bnc#840485) |
|
181 * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 |
|
182 Miscellaneous memory safety hazards |
|
183 * MFSA 2013-77/CVE-2013-1720 (bmo#888820) |
|
184 Improper state in HTML5 Tree Builder with templates |
|
185 * MFSA 2013-78/CVE-2013-1721 (bmo#890277) |
|
186 Integer overflow in ANGLE library |
|
187 * MFSA 2013-79/CVE-2013-1722 (bmo#893308) |
|
188 Use-after-free in Animation Manager during stylesheet cloning |
|
189 * MFSA 2013-80/CVE-2013-1723 (bmo#891292) |
|
190 NativeKey continues handling key messages after widget is destroyed |
|
191 * MFSA 2013-81/CVE-2013-1724 (bmo#894137) |
|
192 Use-after-free with select element |
|
193 * MFSA 2013-82/CVE-2013-1725 (bmo#876762) |
|
194 Calling scope for new Javascript objects can lead to memory corruption |
|
195 * MFSA 2013-85/CVE-2013-1728 (bmo#883686) |
|
196 Uninitialized data in IonMonkey |
|
197 * MFSA 2013-88/CVE-2013-1730 (bmo#851353) |
|
198 Compartment mismatch re-attaching XBL-backed nodes |
|
199 * MFSA 2013-89/CVE-2013-1732 (bmo#883514) |
|
200 Buffer overflow with multi-column, lists, and floats |
|
201 * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) |
|
202 Memory corruption involving scrolling |
|
203 * MFSA 2013-91/CVE-2013-1737 (bmo#907727) |
|
204 User-defined properties on DOM proxies get the wrong "this" object |
|
205 * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) |
|
206 GC hazard with default compartments and frame chain restoration |
|
207 - require NSPR 4.10 and NSS 3.15.1 |
|
208 |
|
209 ------------------------------------------------------------------- |
|
210 Fri Aug 2 10:56:43 UTC 2013 - wr@rosenauer.org |
|
211 |
|
212 - update to 17.0.8esr (bnc#833389) |
|
213 * MFSA 2013-63/CVE-2013-1701 |
|
214 Miscellaneous memory safety hazards |
|
215 * MFSA 2013-68/CVE-2013-1709 (bmo#838253) |
|
216 Document URI misrepresentation and masquerading |
|
217 * MFSA 2013-69/CVE-2013-1710 (bmo#871368) |
|
218 CRMF requests allow for code execution and XSS attacks |
|
219 * MFSA 2013-72/CVE-2013-1713 (bmo#887098) |
|
220 Wrong principal used for validating URI for some Javascript |
|
221 components |
|
222 * MFSA 2013-73/CVE-2013-1714 (bmo#879787) |
|
223 Same-origin bypass with web workers and XMLHttpRequest |
|
224 * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) |
|
225 Local Java applets may read contents of local file system |
|
226 |
|
227 ------------------------------------------------------------------- |
|
228 Mon Jun 24 15:26:27 UTC 2013 - wr@rosenauer.org |
|
229 |
|
230 - update to 17.0.7esr (bnc#825935) |
|
231 * MFSA 2013-49/CVE-2013-1682 |
|
232 Miscellaneous memory safety hazards |
|
233 * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 |
|
234 Memory corruption found using Address Sanitizer |
|
235 * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) |
|
236 Privileged content access and execution via XBL |
|
237 * MFSA 2013-53/CVE-2013-1690 (bmo#857883) |
|
238 Execution of unmapped memory through onreadystatechange event |
|
239 * MFSA 2013-54/CVE-2013-1692 (bmo#866915) |
|
240 Data in the body of XHR HEAD requests leads to CSRF attacks |
|
241 * MFSA 2013-55/CVE-2013-1693 (bmo#711043) |
|
242 SVG filters can lead to information disclosure |
|
243 * MFSA 2013-56/CVE-2013-1694 (bmo#848535) |
|
244 PreserveWrapper has inconsistent behavior |
|
245 * MFSA 2013-59/CVE-2013-1697 (bmo#858101) |
|
246 XrayWrappers can be bypassed to run user defined methods in a |
|
247 privileged context |
|
248 |
|
249 ------------------------------------------------------------------- |
|
250 Tue Jun 4 16:24:51 UTC 2013 - dvaleev@suse.com |
|
251 |
|
252 - Fix build on powerpc (ppc-xpcshell.patch) |
|
253 |
|
254 ------------------------------------------------------------------- |
|
255 Fri May 10 17:27:23 UTC 2013 - wr@rosenauer.org |
|
256 |
|
257 - update to 17.0.6esr (bnc#819204) |
|
258 * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 |
|
259 Miscellaneous memory safety hazards |
|
260 * MFSA 2013-42/CVE-2013-1670 (bmo#853709) |
|
261 Privileged access for content level constructor |
|
262 * MFSA 2013-46/CVE-2013-1674 (bmo#860971) |
|
263 Use-after-free with video and onresize event |
|
264 * MFSA 2013-47/CVE-2013-1675 (bmo#866825) |
|
265 Uninitialized functions in DOMSVGZoomEvent |
|
266 * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ |
|
267 CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 |
|
268 Memory corruption found using Address Sanitizer |
|
269 |
|
270 ------------------------------------------------------------------- |
|
271 Fri Mar 29 16:27:59 UTC 2013 - wr@rosenauer.org |
|
272 |
|
273 - update to 17.0.5esr (bnc#813026) |
|
274 * requires NSPR 4.9.5 and NSS 3.14.3 |
|
275 * MFSA 2013-30/CVE-2013-0788 |
|
276 Miscellaneous memory safety hazards |
|
277 * MFSA 2013-31/CVE-2013-0800 (bmo#825721) |
|
278 Out-of-bounds write in Cairo library |
|
279 * MFSA 2013-35/CVE-2013-0796 (bmo#827106) |
|
280 WebGL crash with Mesa graphics driver on Linux |
|
281 * MFSA 2013-36/CVE-2013-0795 (bmo#825697) |
|
282 Bypass of SOW protections allows cloning of protected nodes |
|
283 * MFSA 2013-37/CVE-2013-0794 (bmo#626775) |
|
284 Bypass of tab-modal dialog origin disclosure |
|
285 * MFSA 2013-38/CVE-2013-0793 (bmo#803870) |
|
286 Cross-site scripting (XSS) using timed history navigations |
|
287 |
|
288 ------------------------------------------------------------------- |
|
289 Fri Mar 8 09:00:09 UTC 2013 - wr@rosenauer.org |
|
290 |
|
291 - update to 17.0.4esr (bnc#808243) |
|
292 * MFSA 2013-29/CVE-2013-0787 (bmo#848644) |
|
293 Use-after-free in HTML Editor |
|
294 |
|
295 ------------------------------------------------------------------- |
|
296 Sat Feb 16 17:38:21 UTC 2013 - wr@rosenauer.org |
|
297 |
|
298 - update to 17.0.3esr (bnc#804248) |
|
299 * MFSA 2013-21/CVE-2013-0783 |
|
300 Miscellaneous memory safety hazards |
|
301 * MFSA 2013-24/CVE-2013-0773 (bmo#809652) |
|
302 Web content bypass of COW and SOW security wrappers |
|
303 * MFSA 2013-25/CVE-2013-0774 (bmo#827193) |
|
304 Privacy leak in JavaScript Workers |
|
305 * MFSA 2013-26/CVE-2013-0775 (bmo#831095) |
|
306 Use-after-free in nsImageLoadingContent |
|
307 * MFSA 2013-27/CVE-2013-0776 (bmo#796475) |
|
308 Phishing on HTTPS connection through malicious proxy |
|
309 * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782 |
|
310 Use-after-free, out of bounds read, and buffer overflow issues |
|
311 found using Address Sanitizer |
|
312 |
|
313 ------------------------------------------------------------------- |
|
314 Sat Jan 5 14:46:06 UTC 2013 - wr@rosenauer.org |
|
315 |
|
316 - update to 17.0.2esr (bnc#796895) |
|
317 * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 |
|
318 Miscellaneous memory safety hazards |
|
319 * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 |
|
320 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 |
|
321 Use-after-free and buffer overflow issues found using Address Sanitizer |
|
322 * MFSA 2013-03/CVE-2013-0768 (bmo#815795) |
|
323 Buffer Overflow in Canvas |
|
324 * MFSA 2013-04/CVE-2012-0759 (bmo#802026) |
|
325 URL spoofing in addressbar during page loads |
|
326 * MFSA 2013-05/CVE-2013-0744 (bmo#814713) |
|
327 Use-after-free when displaying table with many columns and column groups |
|
328 * MFSA 2013-07/CVE-2013-0764 (bmo#804237) |
|
329 Crash due to handling of SSL on threads |
|
330 * MFSA 2013-08/CVE-2013-0745 (bmo#794158) |
|
331 AutoWrapperChanger fails to keep objects alive during garbage collection |
|
332 * MFSA 2013-09/CVE-2013-0746 (bmo#816842) |
|
333 Compartment mismatch with quickstubs returned values |
|
334 * MFSA 2013-10/CVE-2013-0747 (bmo#733305) |
|
335 Event manipulation in plugin handler to bypass same-origin policy |
|
336 * MFSA 2013-11/CVE-2013-0748 (bmo#806031) |
|
337 Address space layout leaked in XBL objects |
|
338 * MFSA 2013-12/CVE-2013-0750 (bmo#805121) |
|
339 Buffer overflow in Javascript string concatenation |
|
340 * MFSA 2013-13/CVE-2013-0752 (bmo#805024) |
|
341 Memory corruption in XBL with XML bindings containing SVG |
|
342 * MFSA 2013-14/CVE-2013-0757 (bmo#813901) |
|
343 Chrome Object Wrapper (COW) bypass through changing prototype |
|
344 * MFSA 2013-15/CVE-2013-0758 (bmo#813906) |
|
345 Privilege escalation through plugin objects |
|
346 * MFSA 2013-16/CVE-2013-0753 (bmo#814001) |
|
347 Use-after-free in serializeToStream |
|
348 * MFSA 2013-17/CVE-2013-0754 (bmo#814026) |
|
349 Use-after-free in ListenerManager |
|
350 * MFSA 2013-18/CVE-2013-0755 (bmo#814027) |
|
351 Use-after-free in Vibrate |
|
352 * MFSA 2013-19/CVE-2013-0756 (bmo#814029) |
|
353 Use-after-free in Javascript Proxy objects |
|
354 - requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743) |
|
355 - build on SLE11 |
|
356 * mozilla-gcc43-enums.patch |
|
357 * mozilla-gcc43-template_hacks.patch |
|
358 * mozilla-gcc43-templates_instantiation.patch |
|
359 |
|
360 ------------------------------------------------------------------- |
|
361 Thu Nov 29 20:04:34 UTC 2012 - wr@rosenauer.org |
|
362 |
|
363 - update to 17.0.1 |
|
364 * regression/compatibility fixes |
|
365 |
|
366 ------------------------------------------------------------------- |
|
367 Tue Nov 20 20:15:23 UTC 2012 - wr@rosenauer.org |
|
368 |
|
369 - update to 17.0 (bnc#790140) |
|
370 * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 |
|
371 Miscellaneous memory safety hazards |
|
372 * MFSA 2012-92/CVE-2012-4202 (bmo#758200) |
|
373 Buffer overflow while rendering GIF images |
|
374 * MFSA 2012-93/CVE-2012-4201 (bmo#747607) |
|
375 evalInSanbox location context incorrectly applied |
|
376 * MFSA 2012-94/CVE-2012-5836 (bmo#792857) |
|
377 Crash when combining SVG text on path with CSS |
|
378 * MFSA 2012-95/CVE-2012-4203 (bmo#765628) |
|
379 Javascript: URLs run in privileged context on New Tab page |
|
380 * MFSA 2012-96/CVE-2012-4204 (bmo#778603) |
|
381 Memory corruption in str_unescape |
|
382 * MFSA 2012-97/CVE-2012-4205 (bmo#779821) |
|
383 XMLHttpRequest inherits incorrect principal within sandbox |
|
384 * MFSA 2012-99/CVE-2012-4208 (bmo#798264) |
|
385 XrayWrappers exposes chrome-only properties when not in chrome |
|
386 compartment |
|
387 * MFSA 2012-100/CVE-2012-5841 (bmo#805807) |
|
388 Improper security filtering for cross-origin wrappers |
|
389 * MFSA 2012-101/CVE-2012-4207 (bmo#801681) |
|
390 Improper character decoding in HZ-GB-2312 charset |
|
391 * MFSA 2012-102/CVE-2012-5837 (bmo#800363) |
|
392 Script entered into Developer Toolbar runs with chrome privileges |
|
393 * MFSA 2012-103/CVE-2012-4209 (bmo#792405) |
|
394 Frames can shadow top.location |
|
395 * MFSA 2012-104/CVE-2012-4210 (bmo#796866) |
|
396 CSS and HTML injection through Style Inspector |
|
397 * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ |
|
398 CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ |
|
399 CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 |
|
400 Use-after-free and buffer overflow issues found using Address |
|
401 Sanitizer |
|
402 * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 |
|
403 Use-after-free, buffer overflow, and memory corruption issues |
|
404 found using Address Sanitizer |
|
405 - rebased patches |
|
406 - disabled WebRTC since build is broken (bmo#776877) |
|
407 |
|
408 ------------------------------------------------------------------- |
|
409 Wed Oct 24 08:28:49 UTC 2012 - wr@rosenauer.org |
|
410 |
|
411 - update to 16.0.2 (bnc#786522) |
|
412 * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196 |
|
413 (bmo#800666, bmo#793121, bmo#802557) |
|
414 Fixes for Location object issues |
|
415 |
|
416 ------------------------------------------------------------------- |
|
417 Thu Oct 11 01:50:19 UTC 2012 - wr@rosenauer.org |
|
418 |
|
419 - update to 16.0.1 (bnc#783533) |
|
420 * MFSA 2012-88/CVE-2012-4191 (bmo#798045) |
|
421 Miscellaneous memory safety hazards |
|
422 * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) |
|
423 defaultValue security checks not applied |
|
424 |
|
425 ------------------------------------------------------------------- |
|
426 Sun Oct 7 21:41:01 UTC 2012 - wr@rosenauer.org |
|
427 |
|
428 - update to 16.0 (bnc#783533) |
|
429 * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 |
|
430 Miscellaneous memory safety hazards |
|
431 * MFSA 2012-75/CVE-2012-3984 (bmo#575294) |
|
432 select element persistance allows for attacks |
|
433 * MFSA 2012-76/CVE-2012-3985 (bmo#655649) |
|
434 Continued access to initial origin after setting document.domain |
|
435 * MFSA 2012-77/CVE-2012-3986 (bmo#775868) |
|
436 Some DOMWindowUtils methods bypass security checks |
|
437 * MFSA 2012-79/CVE-2012-3988 (bmo#725770) |
|
438 DOS and crash with full screen and history navigation |
|
439 * MFSA 2012-80/CVE-2012-3989 (bmo#783867) |
|
440 Crash with invalid cast when using instanceof operator |
|
441 * MFSA 2012-81/CVE-2012-3991 (bmo#783260) |
|
442 GetProperty function can bypass security checks |
|
443 * MFSA 2012-82/CVE-2012-3994 (bmo#765527) |
|
444 top object and location property accessible by plugins |
|
445 * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) |
|
446 Chrome Object Wrapper (COW) does not disallow acces to privileged |
|
447 functions or properties |
|
448 * MFSA 2012-84/CVE-2012-3992 (bmo#775009) |
|
449 Spoofing and script injection through location.hash |
|
450 * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ |
|
451 CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 |
|
452 Use-after-free, buffer overflow, and out of bounds read issues |
|
453 found using Address Sanitizer |
|
454 * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ |
|
455 CVE-2012-4188 |
|
456 Heap memory corruption issues found using Address Sanitizer |
|
457 * MFSA 2012-87/CVE-2012-3990 (bmo#787704) |
|
458 Use-after-free in the IME State Manager |
|
459 - requires NSPR 4.9.2 |
|
460 - removed upstreamed mozilla-crashreporter-restart-args.patch |
|
461 - updated translations-other with new languages |
|
462 |
|
463 ------------------------------------------------------------------- |
|
464 Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org |
|
465 |
|
466 - update to 15.0 (bnc#777588) |
|
467 * MFSA 2012-57/CVE-2012-1970 |
|
468 Miscellaneous memory safety hazards |
|
469 * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 |
|
470 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 |
|
471 CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 |
|
472 Use-after-free issues found using Address Sanitizer |
|
473 * MFSA 2012-59/CVE-2012-1956 (bmo#756719) |
|
474 Location object can be shadowed using Object.defineProperty |
|
475 * MFSA 2012-60/CVE-2012-3965 (bmo#769108) |
|
476 Escalation of privilege through about:newtab |
|
477 * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) |
|
478 Memory corruption with bitmap format images with negative height |
|
479 * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 |
|
480 WebGL use-after-free and memory corruption |
|
481 * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 |
|
482 SVG buffer overflow and use-after-free issues |
|
483 * MFSA 2012-64/CVE-2012-3971 |
|
484 Graphite 2 memory corruption |
|
485 * MFSA 2012-65/CVE-2012-3972 (bmo#746855) |
|
486 Out-of-bounds read in format-number in XSLT |
|
487 * MFSA 2012-66/CVE-2012-3973 (bmo#757128) |
|
488 HTTPMonitor extension allows for remote debugging without explicit |
|
489 activation |
|
490 * MFSA 2012-68/CVE-2012-3975 (bmo#770684) |
|
491 DOMParser loads linked resources in extensions when parsing |
|
492 text/html |
|
493 * MFSA 2012-69/CVE-2012-3976 (bmo#768568) |
|
494 Incorrect site SSL certificate data display |
|
495 * MFSA 2012-70/CVE-2012-3978 (bmo#770429) |
|
496 Location object security checks bypassed by chrome code |
|
497 * MFSA 2012-72/CVE-2012-3980 (bmo#771859) |
|
498 Web console eval capable of executing chrome-privileged code |
|
499 - fix HTML5 video crash with GStreamer enabled (bmo#761030) |
|
500 - fixed filelist |
|
501 |
|
502 ------------------------------------------------------------------- |
|
503 Fri Aug 17 13:09:49 UTC 2012 - dmueller@suse.com |
|
504 |
|
505 - fix build on ARM: |
|
506 * disable crashreporter, it does not build |
|
507 * reduce debuginfo during built to avoid running out of memory |
|
508 |
|
509 ------------------------------------------------------------------- |
|
510 Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org |
|
511 |
|
512 - update to 14.0.1 (bnc#771583) |
|
513 * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 |
|
514 Miscellaneous memory safety hazards |
|
515 * MFSA 2012-43/CVE-2012-1950 |
|
516 Incorrect URL displayed in addressbar through drag and drop |
|
517 * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952 |
|
518 Gecko memory corruption |
|
519 * MFSA 2012-45/CVE-2012-1955 (bmo#757376) |
|
520 Spoofing issue with location |
|
521 * MFSA 2012-46/CVE-2012-1966 (bmo#734076) |
|
522 XSS through data: URLs |
|
523 * MFSA 2012-47/CVE-2012-1957 (bmo#750096) |
|
524 Improper filtering of javascript in HTML feed-view |
|
525 * MFSA 2012-48/CVE-2012-1958 (bmo#750820) |
|
526 use-after-free in nsGlobalWindow::PageHidden |
|
527 * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) |
|
528 Same-compartment Security Wrappers can be bypassed |
|
529 * MFSA 2012-50/CVE-2012-1960 (bmo#761014) |
|
530 Out of bounds read in QCMS |
|
531 * MFSA 2012-51/CVE-2012-1961 (bmo#761655) |
|
532 X-Frame-Options header ignored when duplicated |
|
533 * MFSA 2012-52/CVE-2012-1962 (bmo#764296) |
|
534 JSDependentString::undepend string conversion results in memory |
|
535 corruption |
|
536 * MFSA 2012-53/CVE-2012-1963 (bmo#767778) |
|
537 Content Security Policy 1.0 implementation errors cause data |
|
538 leakage |
|
539 * MFSA 2012-55/CVE-2012-1965 (bmo#758990) |
|
540 feed: URLs with an innerURI inherit security context of page |
|
541 * MFSA 2012-56/CVE-2012-1967 (bmo#758344) |
|
542 Code execution through javascript: URLs |
|
543 - license change from tri license to MPL-2.0 |
|
544 - require NSS 3.13.5 |
|
545 - PPC fixes: |
|
546 * reenabled mozilla-yarr-pcre.patch to fix build for PPC |
|
547 * add patches for bmo#750620 and bmo#746112 |
|
548 * fix xpcshell segfault on ppc |
|
549 - build plugin-container on every arch |
|
550 |
|
551 ------------------------------------------------------------------- |
|
552 Fri Jun 15 12:40:23 UTC 2012 - wr@rosenauer.org |
|
553 |
|
554 - update to 13.0.1 |
|
555 * bugfix release |
|
556 |
|
557 ------------------------------------------------------------------- |
|
558 Sat Jun 2 09:16:34 UTC 2012 - wr@rosenauer.org |
|
559 |
|
560 - update to 13.0 (bnc#765204) |
|
561 * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 |
|
562 Miscellaneous memory safety hazards |
|
563 * MFSA 2012-36/CVE-2012-1944 (bmo#751422) |
|
564 Content Security Policy inline-script bypass |
|
565 * MFSA 2012-37/CVE-2012-1945 (bmo#670514) |
|
566 Information disclosure though Windows file shares and shortcut |
|
567 files |
|
568 * MFSA 2012-38/CVE-2012-1946 (bmo#750109) |
|
569 Use-after-free while replacing/inserting a node in a document |
|
570 * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 |
|
571 Buffer overflow and use-after-free issues found using Address |
|
572 Sanitizer |
|
573 - require NSS 3.13.4 |
|
574 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) |
|
575 - reenabled crashreporter for Factory/12.2 |
|
576 (fixed in mozilla-gcc47.patch) |
|
577 |
|
578 ------------------------------------------------------------------- |
|
579 Sat Apr 21 10:03:42 UTC 2012 - wr@rosenauer.org |
|
580 |
|
581 - update to 12.0 (bnc#758408) |
|
582 * rebased patches |
|
583 * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 |
|
584 Miscellaneous memory safety hazards |
|
585 * MFSA 2012-22/CVE-2012-0469 (bmo#738985) |
|
586 use-after-free in IDBKeyRange |
|
587 * MFSA 2012-23/CVE-2012-0470 (bmo#734288) |
|
588 Invalid frees causes heap corruption in gfxImageSurface |
|
589 * MFSA 2012-24/CVE-2012-0471 (bmo#715319) |
|
590 Potential XSS via multibyte content processing errors |
|
591 * MFSA 2012-25/CVE-2012-0472 (bmo#744480) |
|
592 Potential memory corruption during font rendering using cairo-dwrite |
|
593 * MFSA 2012-26/CVE-2012-0473 (bmo#743475) |
|
594 WebGL.drawElements may read illegal video memory due to |
|
595 FindMaxUshortElement error |
|
596 * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) |
|
597 Page load short-circuit can lead to XSS |
|
598 * MFSA 2012-28/CVE-2012-0475 (bmo#694576) |
|
599 Ambiguous IPv6 in Origin headers may bypass webserver access |
|
600 restrictions |
|
601 * MFSA 2012-29/CVE-2012-0477 (bmo#718573) |
|
602 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues |
|
603 * MFSA 2012-30/CVE-2012-0478 (bmo#727547) |
|
604 Crash with WebGL content using textImage2D |
|
605 * MFSA 2012-31/CVE-2011-3062 (bmo#739925) |
|
606 Off-by-one error in OpenType Sanitizer |
|
607 * MFSA 2012-32/CVE-2011-1187 (bmo#624621) |
|
608 HTTP Redirections and remote content can be read by javascript errors |
|
609 * MFSA 2012-33/CVE-2012-0479 (bmo#714631) |
|
610 Potential site identity spoofing when loading RSS and Atom feeds |
|
611 - added mozilla-libnotify.patch to allow fallback from libnotify |
|
612 to xul based events if no notification-daemon is running |
|
613 - gcc 4.7 fixes |
|
614 * mozilla-gcc47.patch |
|
615 * disabled crashreporter temporarily for Factory |
|
616 |
|
617 ------------------------------------------------------------------- |
|
618 Fri Mar 9 21:49:05 UTC 2012 - wr@rosenauer.org |
|
619 |
|
620 - update to version 11.0 (bnc#750044) |
|
621 * MFSA 2012-13/CVE-2012-0455 (bmo#704354) |
|
622 XSS with Drag and Drop and Javascript: URL |
|
623 * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) |
|
624 SVG issues found with Address Sanitizer |
|
625 * MFSA 2012-15/CVE-2012-0451 (bmo#717511) |
|
626 XSS with multiple Content Security Policy headers |
|
627 * MFSA 2012-16/CVE-2012-0458 |
|
628 Escalation of privilege with Javascript: URL as home page |
|
629 * MFSA 2012-17/CVE-2012-0459 (bmo#723446) |
|
630 Crash when accessing keyframe cssText after dynamic modification |
|
631 * MFSA 2012-18/CVE-2012-0460 (bmo#727303) |
|
632 window.fullScreen writeable by untrusted content |
|
633 * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ |
|
634 CVE-2012-0463 |
|
635 Miscellaneous memory safety hazards |
|
636 - fix build on ARM |
|
637 - disable jemalloc on s390(x) |
|
638 |
|
639 ------------------------------------------------------------------- |
|
640 Thu Feb 16 08:51:42 UTC 2012 - wr@rosenauer.org |
|
641 |
|
642 - update to version 10.0.2 (bnc#747328) |
|
643 * CVE-2011-3026 (bmo#727401) |
|
644 libpng: integer overflow leading to heap-buffer overflow |
|
645 |
|
646 ------------------------------------------------------------------- |
|
647 Thu Feb 9 10:20:49 UTC 2012 - wr@rosenauer.org |
|
648 |
|
649 - update to version 10.0.1 (bnc#746616) |
|
650 * MFSA 2012-10/CVE-2012-0452 (bmo#724284) |
|
651 use after free in nsXBLDocumentInfo::ReadPrototypeBindings |
|
652 |
|
653 ------------------------------------------------------------------- |
|
654 Tue Feb 7 10:40:58 UTC 2012 - dvaleev@suse.com |
|
655 |
|
656 - Use YARR interpreter instead of PCRE on platforms where YARR JIT |
|
657 is not supported, since PCRE doesnt build (bmo#691898) |
|
658 - fix ppc64 build (bmo#703534) |
|
659 |
|
660 ------------------------------------------------------------------- |
|
661 Mon Jan 30 09:43:21 UTC 2012 - wr@rosenauer.org |
|
662 |
|
663 - update to version 10.0 (bnc#744275) |
|
664 * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443 |
|
665 Miscellaneous memory safety hazards |
|
666 * MFSA 2012-03/CVE-2012-0445 (bmo#701071) |
|
667 <iframe> element exposed across domains via name attribute |
|
668 * MFSA 2012-04/CVE-2011-3659 (bmo#708198) |
|
669 Child nodes from nsDOMAttribute still accessible after removal |
|
670 of nodes |
|
671 * MFSA 2012-05/CVE-2012-0446 (bmo#705651) |
|
672 Frame scripts calling into untrusted objects bypass security |
|
673 checks |
|
674 * MFSA 2012-06/CVE-2012-0447 (bmo#710079) |
|
675 Uninitialized memory appended when encoding icon images may |
|
676 cause information disclosure |
|
677 * MFSA 2012-07/CVE-2012-0444 (bmo#719612) |
|
678 Potential Memory Corruption When Decoding Ogg Vorbis files |
|
679 * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466) |
|
680 Crash with malformed embedded XSLT stylesheets |
|
681 - removed obsolete ppc64 patch |
|
682 - disable neon for ARM as it doesn't build correctly |
|
683 |
|
684 ------------------------------------------------------------------- |
|
685 Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org |
|
686 |
|
687 - update to Firefox 9.0.1 |
|
688 * (strongparent) parentNode of element gets lost (bmo#335998) |
|
689 |
|
690 ------------------------------------------------------------------- |
|
691 Sun Dec 18 09:28:02 UTC 2011 - wr@rosenauer.org |
|
692 |
|
693 - update to release 9.0 (bnc#737533) |
|
694 * MFSA 2011-53/CVE-2011-3660 |
|
695 Miscellaneous memory safety hazards (rv:9.0) |
|
696 * MFSA 2011-54/CVE-2011-3661 (bmo#691299) |
|
697 Potentially exploitable crash in the YARR regular expression |
|
698 library |
|
699 * MFSA 2011-55/CVE-2011-3658 (bmo#708186) |
|
700 nsSVGValue out-of-bounds access |
|
701 * MFSA 2011-56/CVE-2011-3663 (bmo#704482) |
|
702 Key detection without JavaScript via SVG animation |
|
703 * MFSA 2011-58/VE-2011-3665 (bmo#701259) |
|
704 Crash scaling <video> to extreme sizes |
|
705 |
|
706 ------------------------------------------------------------------- |
|
707 Sat Nov 12 15:20:49 UTC 2011 - wr@rosenauer.org |
|
708 |
|
709 - fix ppc64 build |
|
710 |
|
711 ------------------------------------------------------------------- |
|
712 Sun Nov 6 08:23:04 UTC 2011 - wr@rosenauer.org |
|
713 |
|
714 - update to release 8.0 (bnc#728520) |
|
715 * MFSA 2011-47/CVE-2011-3648 (bmo#690225) |
|
716 Potential XSS against sites using Shift-JIS |
|
717 * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 |
|
718 Miscellaneous memory safety hazards |
|
719 * MFSA 2011-49/CVE-2011-3650 (bmo#674776) |
|
720 Memory corruption while profiling using Firebug |
|
721 * MFSA 2011-52/CVE-2011-3655 (bmo#672182) |
|
722 Code execution via NoWaiverWrapper |
|
723 - rebased patches |
|
724 |
|
725 ------------------------------------------------------------------- |
|
726 Fri Sep 30 10:59:54 UTC 2011 - wr@rosenauer.org |
|
727 |
|
728 - update to minor release 7.0.1 |
|
729 * fixed staged addon updates |
|
730 |
|
731 ------------------------------------------------------------------- |
|
732 Fri Sep 23 11:36:04 UTC 2011 - wr@rosenauer.org |
|
733 |
|
734 - update to version 7.0 (bnc#720264) |
|
735 * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997 |
|
736 Miscellaneous memory safety hazards |
|
737 * MFSA 2011-39/CVE-2011-3000 (bmo#655389) |
|
738 Defense against multiple Location headers due to CRLF Injection |
|
739 * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001 |
|
740 Code installation through holding down Enter |
|
741 * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335) |
|
742 Potentially exploitable WebGL crashes |
|
743 * MFSA 2011-42/CVE-2011-3232 (bmo#653672) |
|
744 Potentially exploitable crash in the YARR regular expression |
|
745 library |
|
746 * MFSA 2011-43/CVE-2011-3004 (bmo#653926) |
|
747 loadSubScript unwraps XPCNativeWrapper scope parameter |
|
748 * MFSA 2011-44/CVE-2011-3005 (bmo#675747) |
|
749 Use after free reading OGG headers |
|
750 * MFSA 2011-45 |
|
751 Inferring keystrokes from motion data |
|
752 - removed obsolete mozilla-cairo-lcd.patch |
|
753 - rebased patches |
|
754 |
|
755 ------------------------------------------------------------------- |
|
756 Tue Sep 20 11:54:28 UTC 2011 - wr@rosenauer.org |
|
757 |
|
758 - install xpt.py into SDK (mozilla-639554.patch) (bnc#639554) |
|
759 |
|
760 ------------------------------------------------------------------- |
|
761 Wed Sep 14 13:07:39 UTC 2011 - wr@rosenauer.org |
|
762 |
|
763 - initial xulrunner package |
|
764 |
|