# HG changeset patch # User Wolfgang Rosenauer # Date 1353452607 -3600 # Node ID 16718027c329afd64d78b724e6569c4666660746 # Parent bcc669f726e51d21f6d630548ceed544535fd9a8 10.0.11esr release diff -r bcc669f726e5 -r 16718027c329 MozillaFirefox/create-tar.sh --- a/MozillaFirefox/create-tar.sh Fri Oct 26 23:25:51 2012 +0200 +++ b/MozillaFirefox/create-tar.sh Wed Nov 21 00:03:27 2012 +0100 @@ -2,8 +2,8 @@ CHANNEL="esr10" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_10_0_10esr_RELEASE" -VERSION="10.0.10" +RELEASE_TAG="FIREFOX_10_0_11esr_RELEASE" +VERSION="10.0.11" # mozilla hg clone -r $RELEASE_TAG http://hg.mozilla.org/$BRANCH mozilla diff -r bcc669f726e5 -r 16718027c329 MozillaFirefox/firefox-esr.changes --- a/MozillaFirefox/firefox-esr.changes Fri Oct 26 23:25:51 2012 +0200 +++ b/MozillaFirefox/firefox-esr.changes Wed Nov 21 00:03:27 2012 +0100 @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Tue Nov 20 20:46:00 UTC 2012 - wr@rosenauer.org + +- update to Firefox 10.0.11esr (bnc#790140) + * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 + Miscellaneous memory safety hazards + * MFSA 2012-92/CVE-2012-4202 (bmo#758200) + Buffer overflow while rendering GIF images + * MFSA 2012-93/CVE-2012-4201 (bmo#747607) + evalInSanbox location context incorrectly applied + * MFSA 2012-100/CVE-2012-5841 (bmo#805807) + Improper security filtering for cross-origin wrappers + * MFSA 2012-101/CVE-2012-4207 (bmo#801681) + Improper character decoding in HZ-GB-2312 charset + * MFSA 2012-103/CVE-2012-4209 (bmo#792405) + Frames can shadow top.location + * MFSA 2012-104/CVE-2012-4210 (bmo#796866) + CSS and HTML injection through Style Inspector + * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ + CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ + CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 + Use-after-free and buffer overflow issues found using Address + Sanitizer + * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 + Use-after-free, buffer overflow, and memory corruption issues + found using Address Sanitizer + ------------------------------------------------------------------- Thu Oct 25 05:46:38 UTC 2012 - wr@rosenauer.org diff -r bcc669f726e5 -r 16718027c329 MozillaFirefox/firefox-esr.spec --- a/MozillaFirefox/firefox-esr.spec Fri Oct 26 23:25:51 2012 +0200 +++ b/MozillaFirefox/firefox-esr.spec Wed Nov 21 00:03:27 2012 +0100 @@ -18,7 +18,7 @@ %define major 10 -%define mainver %major.0.10 +%define mainver %major.0.11 Name: firefox-esr BuildRequires: Mesa-devel @@ -48,7 +48,7 @@ BuildRequires: nss-shared-helper-devel Version: %{mainver} Release: 0 -%define releasedate 2012102400 +%define releasedate 2012111500 Provides: web_browser Provides: firefox-esr = %{mainver} # this is needed to match this package with the kde4 helper package without the main package diff -r bcc669f726e5 -r 16718027c329 xulrunner/create-tar.sh --- a/xulrunner/create-tar.sh Fri Oct 26 23:25:51 2012 +0200 +++ b/xulrunner/create-tar.sh Wed Nov 21 00:03:27 2012 +0100 @@ -2,8 +2,8 @@ CHANNEL="esr10" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_10_0_10esr_RELEASE" -VERSION="10.0.10" +RELEASE_TAG="FIREFOX_10_0_11esr_RELEASE" +VERSION="10.0.11" # mozilla hg clone -r $RELEASE_TAG http://hg.mozilla.org/$BRANCH mozilla diff -r bcc669f726e5 -r 16718027c329 xulrunner/xulrunner-esr.changes --- a/xulrunner/xulrunner-esr.changes Fri Oct 26 23:25:51 2012 +0200 +++ b/xulrunner/xulrunner-esr.changes Wed Nov 21 00:03:27 2012 +0100 @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Tue Nov 20 20:48:04 UTC 2012 - wr@rosenauer.org + +- update to 10.0.11esr (bnc#790140) + * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 + Miscellaneous memory safety hazards + * MFSA 2012-92/CVE-2012-4202 (bmo#758200) + Buffer overflow while rendering GIF images + * MFSA 2012-93/CVE-2012-4201 (bmo#747607) + evalInSanbox location context incorrectly applied + * MFSA 2012-100/CVE-2012-5841 (bmo#805807) + Improper security filtering for cross-origin wrappers + * MFSA 2012-101/CVE-2012-4207 (bmo#801681) + Improper character decoding in HZ-GB-2312 charset + * MFSA 2012-103/CVE-2012-4209 (bmo#792405) + Frames can shadow top.location + * MFSA 2012-104/CVE-2012-4210 (bmo#796866) + CSS and HTML injection through Style Inspector + * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ + CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ + CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 + Use-after-free and buffer overflow issues found using Address + Sanitizer + * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 + Use-after-free, buffer overflow, and memory corruption issues + found using Address Sanitizer + ------------------------------------------------------------------- Thu Oct 25 08:03:09 UTC 2012 - wr@rosenauer.org diff -r bcc669f726e5 -r 16718027c329 xulrunner/xulrunner-esr.spec --- a/xulrunner/xulrunner-esr.spec Fri Oct 26 23:25:51 2012 +0200 +++ b/xulrunner/xulrunner-esr.spec Wed Nov 21 00:03:27 2012 +0100 @@ -44,12 +44,12 @@ %endif BuildRequires: mozilla-nspr-devel >= 4.9.0 BuildRequires: mozilla-nss-devel >= 3.13.5 -Version: 10.0.10 +Version: 10.0.11 Release: 0 -%define releasedate 2012102400 -%define version_internal 10.0.10 +%define releasedate 2012111500 +%define version_internal 10.0.11 %define apiversion 10 -%define uaweight 1000010 +%define uaweight 1000011 Summary: Mozilla Runtime Environment ESR License: MPL-1.1 or GPL-2.0+ or LGPL-2.1+ Group: Productivity/Other