# HG changeset patch
# User Wolfgang Rosenauer <wr@rosenauer.org>
# Date 1391580807 -3600
# Node ID 52284fd63667f15c6c0650e243195f2fc7f3d884
# Parent  f810fbe5fecedfb13f125362f4f8fe6870973545
changelog

diff -r f810fbe5fece -r 52284fd63667 MozillaFirefox/MozillaFirefox.changes
--- a/MozillaFirefox/MozillaFirefox.changes	Thu Jan 30 22:15:43 2014 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes	Wed Feb 05 07:13:27 2014 +0100
@@ -1,7 +1,34 @@
 -------------------------------------------------------------------
 Tue Jan 28 15:45:41 UTC 2014 - wr@rosenauer.org
 
-- update to Firefox 27.0 (bnc#)
+- update to Firefox 27.0 (bnc#861847)
+  * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478
+    Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
+  * MFSA 2014-02/CVE-2014-1479 (bmo#911864)
+    Clone protected content with XBL scopes
+  * MFSA 2014-03/CVE-2014-1480 (bmo#916726)
+    UI selection timeout missing on download prompts
+  * MFSA 2014-04/CVE-2014-1482 (bmo#943803)
+    Incorrect use of discarded images by RasterImage
+  * MFSA 2014-05/CVE-2014-1483 (bmo#950427)
+    Information disclosure with *FromPoint on iframes
+  * MFSA 2014-06/CVE-2014-1484 (bmo#953993)
+    Profile path leaks to Android system log
+  * MFSA 2014-07/CVE-2014-1485 (bmo#910139)
+    XSLT stylesheets treated as styles in Content Security Policy
+  * MFSA 2014-08/CVE-2014-1486 (bmo#942164)
+    Use-after-free with imgRequestProxy and image proccessing
+  * MFSA 2014-09/CVE-2014-1487 (bmo#947592)
+    Cross-origin information leak through web workers
+  * MFSA 2014-10/CVE-2014-1489 (bmo#959531)
+    Firefox default start page UI content invokable by script
+  * MFSA 2014-11/CVE-2014-1488 (bmo#950604)
+    Crash when using web workers with asm.js
+  * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491
+    (bmo#934545, bmo#930874, bmo#930857)
+    NSS ticket handling issues
+  * MFSA 2014-13/CVE-2014-1481(bmo#936056)
+    Inconsistent JavaScript handling of access to Window objects
 - requires NSS 3.15.4 or higher
 - rebased/reworked patches
 - removed obsolete mozilla-bug929439.patch