--- a/MozillaFirefox/MozillaFirefox.changes Sat Dec 12 10:06:11 2015 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Sat Dec 19 17:36:33 2015 +0100
@@ -1,4 +1,25 @@
-------------------------------------------------------------------
+Sat Dec 12 09:09:25 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 38.5.0 (bnc#959277)
+ * MFSA 2015-134/CVE-2015-7201
+ Miscellaneous memory safety hazards
+ * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
+ Use-after-free in WebRTC when datachannel is used after being
+ destroyed
+ * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
+ Integer overflow allocating extremely large textures
+ * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
+ Underflow through code inspection
+ * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
+ Integer overflow in MP4 playback in 64-bit versions
+ * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
+ Integer underflow and buffer overflow processing MP4 metadata in
+ libstagefright
+ * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
+ Cross-site reading attack through data and view-source URIs
+
+-------------------------------------------------------------------
Fri Oct 30 21:31:52 UTC 2015 - wr@rosenauer.org
- update to Firefox 38.4.0 (bnc#952810)
--- a/MozillaFirefox/MozillaFirefox.spec Sat Dec 12 10:06:11 2015 +0100
+++ b/MozillaFirefox/MozillaFirefox.spec Sat Dec 19 17:36:33 2015 +0100
@@ -19,9 +19,9 @@
# changed with every update
%define major 38
-%define mainver %major.4.0
+%define mainver %major.5.0
%define update_channel esr38
-%define releasedate 2015102700
+%define releasedate 2015121000
# general build definitions
%if "%{update_channel}" != "aurora"
--- a/MozillaFirefox/create-tar.sh Sat Dec 12 10:06:11 2015 +0100
+++ b/MozillaFirefox/create-tar.sh Sat Dec 19 17:36:33 2015 +0100
@@ -2,8 +2,8 @@
CHANNEL="esr38"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_38_4_0esr_RELEASE"
-VERSION="38.4.0"
+RELEASE_TAG="FIREFOX_38_5_0esr_RELEASE"
+VERSION="38.5.0"
# mozilla
if [ -d mozilla ]; then
--- a/MozillaFirefox/firefox-esr.changes Sat Dec 12 10:06:11 2015 +0100
+++ b/MozillaFirefox/firefox-esr.changes Sat Dec 19 17:36:33 2015 +0100
@@ -1,4 +1,9 @@
-------------------------------------------------------------------
+Sat Dec 12 09:09:25 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 38.5.0 (bnc#)
+
+-------------------------------------------------------------------
Fri Oct 30 21:31:52 UTC 2015 - wr@rosenauer.org
- update to Firefox 38.4.0 (bnc#952810)
--- a/MozillaFirefox/firefox-esr.spec Sat Dec 12 10:06:11 2015 +0100
+++ b/MozillaFirefox/firefox-esr.spec Sat Dec 19 17:36:33 2015 +0100
@@ -19,9 +19,9 @@
# changed with every update
%define major 38
-%define mainver %major.4.0
+%define mainver %major.5.0
%define update_channel esr38
-%define releasedate 2015102700
+%define releasedate 2015121000
# general build definitions
%if "%{update_channel}" != "aurora"
--- a/xulrunner/create-tar.sh Sat Dec 12 10:06:11 2015 +0100
+++ b/xulrunner/create-tar.sh Sat Dec 19 17:36:33 2015 +0100
@@ -2,8 +2,8 @@
CHANNEL="esr38"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_38_4_0esr_RELEASE"
-VERSION="38.4.0"
+RELEASE_TAG="FIREFOX_38_5_0esr_RELEASE"
+VERSION="38.5.0"
# mozilla
if [ -d mozilla ]; then
--- a/xulrunner/xulrunner.changes Sat Dec 12 10:06:11 2015 +0100
+++ b/xulrunner/xulrunner.changes Sat Dec 19 17:36:33 2015 +0100
@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Sat Dec 12 12:51:46 UTC 2015 - wr@rosenauer.org
+
+- update to xulrunner 38.5.0 (bnc#959277)
+ * MFSA 2015-134/CVE-2015-7201
+ Miscellaneous memory safety hazards
+ * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
+ Use-after-free in WebRTC when datachannel is used after being
+ destroyed
+ * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
+ Integer overflow allocating extremely large textures
+ * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
+ Underflow through code inspection
+ * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
+ Integer overflow in MP4 playback in 64-bit versions
+ * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
+ Integer underflow and buffer overflow processing MP4 metadata in
+ libstagefright
+ * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
+ Cross-site reading attack through data and view-source URIs
+
-------------------------------------------------------------------
Sat Oct 31 09:32:17 UTC 2015 - wr@rosenauer.org
--- a/xulrunner/xulrunner.spec Sat Dec 12 10:06:11 2015 +0100
+++ b/xulrunner/xulrunner.spec Sat Dec 19 17:36:33 2015 +0100
@@ -17,10 +17,10 @@
#
-%define version_internal 38.4.0
+%define version_internal 38.5.0
%define apiversion 38
-%define uaweight 3840000
-%define releasedate 2015102700
+%define uaweight 3850000
+%define releasedate 2015121000
%define shared_js 0
%define has_system_nspr 1
%define has_system_nss 1