diff -r ab25aac2aa83 -r 18c2dc922e51 MozillaFirefox/MozillaFirefox.changes
--- a/MozillaFirefox/MozillaFirefox.changes	Tue Nov 19 18:46:37 2013 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes	Sun Dec 29 22:45:13 2013 +0100
@@ -1,9 +1,49 @@
 -------------------------------------------------------------------
-Mon Nov 18 13:50:16 UTC 2013 - wr@rosenauer.org
-
-- update to Firefox 26.0b5
+Sat Dec 28 20:10:57 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 27.0b2
+- requires NSS 3.15.4 or higher
+- rebased/reworked patches
+- added mozilla-system-nspr.patch to allow system NSPR builds
+  (bmo#953130)
+
+-------------------------------------------------------------------
+Sun Dec  8 20:26:23 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 26.0 (bnc#854367, bnc#854370)
   * rebased patches
-  * requires NSPR 4.10.2 and NSS 3.15.3
+  * requires NSPR 4.10.2 and NSS 3.15.3.1
+  * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610
+    Miscellaneous memory safety hazards
+  * MFSA 2013-105/CVE-2013-5611 (bmo#771294)
+    Application Installation doorhanger persists on navigation
+  * MFSA 2013-106/CVE-2013-5612 (bmo#871161)
+    Character encoding cross-origin XSS attack
+  * MFSA 2013-107/CVE-2013-5614 (bmo#886262)
+    Sandbox restrictions not applied to nested object elements
+  * MFSA 2013-108/CVE-2013-5616 (bmo#938341)
+    Use-after-free in event listeners
+  * MFSA 2013-109/CVE-2013-5618 (bmo#926361)
+    Use-after-free during Table Editing
+  * MFSA 2013-110/CVE-2013-5619 (bmo#917841)
+    Potential overflow in JavaScript binary search algorithms
+  * MFSA 2013-111/CVE-2013-6671 (bmo#930281)
+    Segmentation violation when replacing ordered list elements
+  * MFSA 2013-112/CVE-2013-6672 (bmo#894736)
+    Linux clipboard information disclosure though selection paste
+  * MFSA 2013-113/CVE-2013-6673 (bmo#970380)
+    Trust settings for built-in roots ignored during EV certificate
+    validation
+  * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449)
+    Use-after-free in synthetic mouse movement
+  * MFSA 2013-115/CVE-2013-5615 (bmo#929261)
+    GetElementIC typed array stubs can be generated outside observed
+    typesets
+  * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693)
+    JPEG information leak
+  * MFSA 2013-117 (bmo#946351)
+    Mis-issued ANSSI/DCSSI certificate
+    (fixed via NSS 3.15.3.1)
 - removed gecko.js preference file as GStreamer is enabled by
   default now