Mercurial Mercurial > hg > mozilla / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
changelog update with security information firefox6
authorWolfgang Rosenauer <wr@rosenauer.org>
Wed, 17 Aug 2011 23:13:12 +0200
branchfirefox6
changeset 302 c58dd3428f47
parent 301 9672e7276009
child 305 b7a8ba6b1043
changelog update with security information
MozillaFirefox/MozillaFirefox.changes file | annotate | diff | comparison | revisions 
--- a/MozillaFirefox/MozillaFirefox.changes	Fri Aug 12 23:56:40 2011 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Wed Aug 17 23:13:12 2011 +0200
@@ -1,8 +1,21 @@
 -------------------------------------------------------------------
 Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org
 
-- update to 6.0 (bnc#711954)
-  * included security fixes
+- update to 6.0 (bnc#712224)
+  included security fixes MFSA 2011-29
+  * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
+    Miscellaneous memory safety hazards
+  * CVE-2011-2993 (bmo#657267)
+    Unsigned scripts can call script inside signed JAR
+  * CVE-2011-2988 (bmo#665934)
+    Heap overflow in ANGLE library
+  * CVE-2011-0084 (bmo#648094)
+    Crash in SVGTextElement.getCharNumAtPosition()
+  * CVE-2011-2990
+    Credential leakage using Content Security Policy reports
+  * CVE-2011-2986 (bmo#655836)
+    Cross-origin data theft using canvas and Windows D2D
+- removed obsolete curl header dependency (mozilla-curl.patch)
 
 -------------------------------------------------------------------
 Fri Jul 22 13:34:12 UTC 2011 - wr@rosenauer.org
mozilla