# HG changeset patch # User Wolfgang Rosenauer # Date 1335354590 -7200 # Node ID 0d065e02538453a8007f2a9728df7e44f75666bd # Parent c50d6cb495a0ec7452649a493033d7fff2f6f3bd xulrunner version information for beta 13 cycle diff -r c50d6cb495a0 -r 0d065e025384 xulrunner/xulrunner.changes --- a/xulrunner/xulrunner.changes Wed Apr 25 09:22:47 2012 +0200 +++ b/xulrunner/xulrunner.changes Wed Apr 25 13:49:50 2012 +0200 @@ -1,3 +1,42 @@ +------------------------------------------------------------------- +Sat Apr 21 10:03:42 UTC 2012 - wr@rosenauer.org + +- update to 12.0 (bnc#758408) + * rebased patches + * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 + Miscellaneous memory safety hazards + * MFSA 2012-22/CVE-2012-0469 (bmo#738985) + use-after-free in IDBKeyRange + * MFSA 2012-23/CVE-2012-0470 (bmo#734288) + Invalid frees causes heap corruption in gfxImageSurface + * MFSA 2012-24/CVE-2012-0471 (bmo#715319) + Potential XSS via multibyte content processing errors + * MFSA 2012-25/CVE-2012-0472 (bmo#744480) + Potential memory corruption during font rendering using cairo-dwrite + * MFSA 2012-26/CVE-2012-0473 (bmo#743475) + WebGL.drawElements may read illegal video memory due to + FindMaxUshortElement error + * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) + Page load short-circuit can lead to XSS + * MFSA 2012-28/CVE-2012-0475 (bmo#694576) + Ambiguous IPv6 in Origin headers may bypass webserver access + restrictions + * MFSA 2012-29/CVE-2012-0477 (bmo#718573) + Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues + * MFSA 2012-30/CVE-2012-0478 (bmo#727547) + Crash with WebGL content using textImage2D + * MFSA 2012-31/CVE-2011-3062 (bmo#739925) + Off-by-one error in OpenType Sanitizer + * MFSA 2012-32/CVE-2011-1187 (bmo#624621) + HTTP Redirections and remote content can be read by javascript errors + * MFSA 2012-33/CVE-2012-0479 (bmo#714631) + Potential site identity spoofing when loading RSS and Atom feeds +- added mozilla-libnotify.patch to allow fallback from libnotify + to xul based events if no notification-daemon is running +- gcc 4.7 fixes + * mozilla-gcc47.patch + * disabled crashreporter temporarily for Factory + ------------------------------------------------------------------- Fri Mar 9 21:49:05 UTC 2012 - wr@rosenauer.org diff -r c50d6cb495a0 -r 0d065e025384 xulrunner/xulrunner.spec --- a/xulrunner/xulrunner.spec Wed Apr 25 09:22:47 2012 +0200 +++ b/xulrunner/xulrunner.spec Wed Apr 25 13:49:50 2012 +0200 @@ -43,10 +43,10 @@ BuildRequires: wireless-tools %endif BuildRequires: mozilla-nspr-devel >= 4.9.0 -BuildRequires: mozilla-nss-devel >= 3.13.3 +BuildRequires: mozilla-nss-devel >= 3.13.4 Version: 12.99 Release: 0 -%define releasedate 2012032100 +%define releasedate 2012042500 %define version_internal 13.0 %define apiversion 13 %define uaweight 1300000