--- a/MozillaFirefox/create-tar.sh	Fri Oct 26 23:25:51 2012 +0200
+++ b/MozillaFirefox/create-tar.sh	Wed Nov 21 00:03:27 2012 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="esr10"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_10_0_10esr_RELEASE"
-VERSION="10.0.10"
+RELEASE_TAG="FIREFOX_10_0_11esr_RELEASE"
+VERSION="10.0.11"
 
 # mozilla
 hg clone -r $RELEASE_TAG http://hg.mozilla.org/$BRANCH mozilla

--- a/MozillaFirefox/firefox-esr.changes	Fri Oct 26 23:25:51 2012 +0200
+++ b/MozillaFirefox/firefox-esr.changes	Wed Nov 21 00:03:27 2012 +0100
@@ -1,3 +1,30 @@
+-------------------------------------------------------------------
+Tue Nov 20 20:46:00 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 10.0.11esr (bnc#790140)
+  * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
+    Miscellaneous memory safety hazards
+  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
+    Buffer overflow while rendering GIF images
+  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
+    evalInSanbox location context incorrectly applied
+  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
+    Improper security filtering for cross-origin wrappers
+  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
+    Improper character decoding in HZ-GB-2312 charset
+  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
+    Frames can shadow top.location
+  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
+    CSS and HTML injection through Style Inspector
+  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
+    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
+    CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
+    Use-after-free and buffer overflow issues found using Address
+    Sanitizer
+  * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
+    Use-after-free, buffer overflow, and memory corruption issues
+    found using Address Sanitizer
+
 -------------------------------------------------------------------
 Thu Oct 25 05:46:38 UTC 2012 - wr@rosenauer.org
 

--- a/MozillaFirefox/firefox-esr.spec	Fri Oct 26 23:25:51 2012 +0200
+++ b/MozillaFirefox/firefox-esr.spec	Wed Nov 21 00:03:27 2012 +0100
@@ -18,7 +18,7 @@
 
 
 %define major 10
-%define mainver %major.0.10
+%define mainver %major.0.11
 
 Name:           firefox-esr
 BuildRequires:  Mesa-devel
@@ -48,7 +48,7 @@
 BuildRequires:  nss-shared-helper-devel
 Version:        %{mainver}
 Release:        0
-%define         releasedate 2012102400
+%define         releasedate 2012111500
 Provides:       web_browser
 Provides:       firefox-esr = %{mainver}
 # this is needed to match this package with the kde4 helper package without the main package

--- a/xulrunner/create-tar.sh	Fri Oct 26 23:25:51 2012 +0200
+++ b/xulrunner/create-tar.sh	Wed Nov 21 00:03:27 2012 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="esr10"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_10_0_10esr_RELEASE"
-VERSION="10.0.10"
+RELEASE_TAG="FIREFOX_10_0_11esr_RELEASE"
+VERSION="10.0.11"
 
 # mozilla
 hg clone -r $RELEASE_TAG http://hg.mozilla.org/$BRANCH mozilla

--- a/xulrunner/xulrunner-esr.changes	Fri Oct 26 23:25:51 2012 +0200
+++ b/xulrunner/xulrunner-esr.changes	Wed Nov 21 00:03:27 2012 +0100
@@ -1,3 +1,30 @@
+-------------------------------------------------------------------
+Tue Nov 20 20:48:04 UTC 2012 - wr@rosenauer.org
+
+- update to 10.0.11esr (bnc#790140)
+  * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
+    Miscellaneous memory safety hazards
+  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
+    Buffer overflow while rendering GIF images
+  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
+    evalInSanbox location context incorrectly applied
+  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
+    Improper security filtering for cross-origin wrappers
+  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
+    Improper character decoding in HZ-GB-2312 charset
+  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
+    Frames can shadow top.location
+  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
+    CSS and HTML injection through Style Inspector
+  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
+    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
+    CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
+    Use-after-free and buffer overflow issues found using Address
+    Sanitizer
+  * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
+    Use-after-free, buffer overflow, and memory corruption issues
+    found using Address Sanitizer
+
 -------------------------------------------------------------------
 Thu Oct 25 08:03:09 UTC 2012 - wr@rosenauer.org
 

--- a/xulrunner/xulrunner-esr.spec	Fri Oct 26 23:25:51 2012 +0200
+++ b/xulrunner/xulrunner-esr.spec	Wed Nov 21 00:03:27 2012 +0100
@@ -44,12 +44,12 @@
 %endif
 BuildRequires:  mozilla-nspr-devel >= 4.9.0
 BuildRequires:  mozilla-nss-devel >= 3.13.5
-Version:        10.0.10
+Version:        10.0.11
 Release:        0
-%define         releasedate 2012102400
-%define         version_internal 10.0.10
+%define         releasedate 2012111500
+%define         version_internal 10.0.11
 %define         apiversion 10
-%define         uaweight 1000010
+%define         uaweight 1000011
 Summary:        Mozilla Runtime Environment ESR
 License:        MPL-1.1 or GPL-2.0+ or LGPL-2.1+
 Group:          Productivity/Other