Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
xulrunner/xulrunner.changes
branchfirefox38
changeset 876 e893bdc9bf06
parent 670 0b1f7ee785d3
child 877 946a110f020d 
--- a/xulrunner/xulrunner.changes	Mon Aug 10 18:41:30 2015 +0200
+++ b/xulrunner/xulrunner.changes	Mon Aug 10 18:47:18 2015 +0200
@@ -1,3 +1,107 @@
+-------------------------------------------------------------------
+Sat Jun 27 15:26:00 UTC 2015 - wr@rosenauer.org
+
+- update to 31.8.0 (bnc#935979)
+- requires NSS 3.19.2
+
+-------------------------------------------------------------------
+Wed May  6 07:49:53 UTC 2015 - wr@rosenauer.org
+
+- update to 31.7.0 (bnc#930622)
+  * MFSA 2015-46/CVE-2015-2708
+    Miscellaneous memory safety hazards
+  * MFSA 2015-47/VE-2015-0797 (bmo#1080995)
+    Buffer overflow parsing H.264 video with Linux Gstreamer
+  * MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
+    Buffer overflow with SVG content and CSS
+  * MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
+    Use-after-free during text processing with vertical text enabled
+  * MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
+    Buffer overflow when parsing compressed XML
+  * MFSA 2015-57/CVE-2011-3079 (bmo#1087565)
+    Privilege escalation through IPC channel messages
+- strip baselibs.conf to reflect the current set of packages
+
+-------------------------------------------------------------------
+Mon Mar 30 07:56:19 UTC 2015 - wr@rosenauer.org
+
+- update to 31.6.0 (bnc#925368)
+  * MFSA 2015-30/CVE-2015-0815
+    Miscellaneous memory safety hazards
+  * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
+    Use-after-free when using the Fluendo MP3 GStreamer plugin
+  * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
+    resource:// documents can load privileged pages
+  * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
+    CORS requests should not follow 30x redirections after preflight
+  * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
+    Same-origin bypass through anchor navigation
+
+-------------------------------------------------------------------
+Thu Feb 19 22:56:55 UTC 2015 - wr@rosenauer.org
+
+- update to 31.5.0 (bnc#917597)
+  * MFSA 2015-11/CVE-2015-0836
+    Miscellaneous memory safety hazards
+  * MFSA 2015-12/CVE-2015-0833 (bmo#945192)
+    Invoking Mozilla updater will load locally stored DLL files
+    (Windows only)
+  * MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
+    Use-after-free in IndexedDB
+  * MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
+    Out-of-bounds read and write while rendering SVG content
+  * MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
+    Reading of local files through manipulation of form autocomplete
+
+-------------------------------------------------------------------
+Sat Jan 10 17:33:51 UTC 2015 - wr@rosenauer.org
+
+- update to 31.4.0 (bnc#910669)
+  * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635
+    Miscellaneous memory safety hazards
+  * MFSA 2015-03/CVE-2014-8638 (bmo#1080987)
+    sendBeacon requests lack an Origin header
+  * MFSA 2015-04/CVE-2014-8639 (bmo#1095859)
+    Cookie injection through Proxy Authenticate responses
+  * MFSA 2015-06/CVE-2014-8641 (bmo#1108455)
+    Read-after-free in WebRTC
+
+-------------------------------------------------------------------
+Wed Dec 31 16:01:40 UTC 2014 - dimstar@opensuse.org
+
+- Do not require mozilla-js-32bit from xulrunner-32bit: since we
+  have shared_js currently set to 0, mozilla-js(-32bit) is not
+  being built.
+
+-------------------------------------------------------------------
+Sun Nov 30 12:15:59 UTC 2014 - wr@rosenauer.org
+
+- update to 31.3.0 (bnc#908009)
+  * MFSA 2014-83/CVE-2014-1587
+    Miscellaneous memory safety hazards
+  * MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
+    XMLHttpRequest crashes with some input streams
+  * MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
+    Use-after-free during HTML5 parsing
+  * MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
+    Buffer overflow while parsing media content
+  * MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
+    Bad casting from the BasicThebesLayer to BasicContainerLayer
+- readded mozilla-pkgconfig.patch
+
+-------------------------------------------------------------------
+Thu Nov 13 08:37:50 UTC 2014 - guillaume@opensuse.org
+
+- Fix %arm build (fix CFLAGS)
+- Disable elf-hack for aarch64
+
+-------------------------------------------------------------------
+Sat Nov  1 13:08:20 UTC 2014 - wr@rosenauer.org
+
+- update to 31.2.0
+- synchronize patchset with firefox-esr
+- removed add-plugins.sh in favor of using a pref to use myspell
+
 -------------------------------------------------------------------
 Wed Sep 18 14:39:34 UTC 2013 - wr@rosenauer.org
mozilla