--- a/MozillaFirefox/firefox-esr.changes Thu Oct 24 18:41:12 2013 +0200
+++ b/MozillaFirefox/firefox-esr.changes Sun Nov 03 18:38:16 2013 +0100
@@ -1,8 +1,22 @@
-------------------------------------------------------------------
Thu Oct 24 09:46:52 UTC 2013 - wr@rosenauer.org
-- update to Firefox 17.0.10esr (bnc#)
+- update to Firefox 17.0.10esr (bnc#847708)
* requires NSS 3.14.4 or above
+ * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
+ Miscellaneous memory safety hazards
+ * MFSA 2013-95/CVE-2013-5604 (bmo#914017)
+ Access violation with XSLT and uninitialized data
+ * MFSA 2013-96/CVE-2013-5595 (bmo#916580)
+ Improperly initialized memory and overflows in some JavaScript
+ functions
+ * MFSA 2013-98/CVE-2013-5597 (bmo#918864)
+ Use-after-free when updating offline cache
+ * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
+ (bmo#915210, bmo#915576, bmo#916685)
+ Miscellaneous use-after-free issues found through ASAN fuzzing
+ * MFSA 2013-101/CVE-2013-5602 (bmo#897678)
+ Memory corruption in workers
-------------------------------------------------------------------
Wed Sep 11 18:43:15 UTC 2013 - wr@rosenauer.org