Mercurial Mercurial > hg > mozilla / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
changelog update with security information mozilla-1.9.2
authorWolfgang Rosenauer <wr@rosenauer.org>
Wed, 17 Aug 2011 23:17:42 +0200
branchmozilla-1.9.2
changeset 303 59ef72e1c40e
parent 300 dff60ff6dfce
child 304 162e98678b05
changelog update with security information
mozilla-xulrunner192/mozilla-xulrunner192.changes file | annotate | diff | comparison | revisions 
--- a/mozilla-xulrunner192/mozilla-xulrunner192.changes	Fri Aug 12 12:07:31 2011 +0200
+++ b/mozilla-xulrunner192/mozilla-xulrunner192.changes	Wed Aug 17 23:17:42 2011 +0200
@@ -1,9 +1,20 @@
 -------------------------------------------------------------------
 Fri Aug  5 09:35:34 UTC 2011 - wr@rosenauer.org
 
-- security update to 1.9.2.20 (bnc#711954)
-  * fixed issues
-    https://www.mozilla.org/security/known-vulnerabilities/firefox36.html
+- security update to 1.9.2.20 (bnc#712224)
+  fixed security issues MFSA 2011-30
+  * CVE-2011-2982
+    Miscellaneous memory safety hazards
+  * CVE-2011-0084 (bmo#648094)
+    Crash in SVGTextElement.getCharNumAtPosition()
+  * CVE-2011-2981
+    Privilege escalation using event handlers
+  * CVE-2011-2378 (bmo#572129)
+    Privilege escalation dropping a tab element in content area
+  * CVE-2011-2980 (bmo#642469)
+    Binary planting vulnerability in ThinkPadSensor::Startup
+  * CVE-2011-2983 (bmo#626297)
+    Private data leakage using RegExp.input
 - added mozilla-implicit-declarations.patch to fix rpmlint/gcc
   checks
 - added mozilla-curl.patch to remove obsolete header dependency
mozilla