--- a/MozillaFirefox/create-tar.sh	Sat Sep 14 21:02:47 2013 +0200
+++ b/MozillaFirefox/create-tar.sh	Thu Oct 24 18:41:12 2013 +0200
@@ -2,8 +2,8 @@
 
 CHANNEL="esr17"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_17_0_9esr_RELEASE"
-VERSION="17.0.9"
+RELEASE_TAG="FIREFOX_17_0_10esr_RELEASE"
+VERSION="17.0.10"
 
 # mozilla
 echo "cloning $BRANCH..."

--- a/MozillaFirefox/firefox-esr.changes	Sat Sep 14 21:02:47 2013 +0200
+++ b/MozillaFirefox/firefox-esr.changes	Thu Oct 24 18:41:12 2013 +0200
@@ -1,7 +1,29 @@
 -------------------------------------------------------------------
+Thu Oct 24 09:46:52 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 17.0.10esr (bnc#)
+  * requires NSS 3.14.4 or above
+
+-------------------------------------------------------------------
 Wed Sep 11 18:43:15 UTC 2013 - wr@rosenauer.org
 
-- update to Firefox 17.0.9esr (bnc#)
+- update to Firefox 17.0.9esr (bnc#840485)
+  * MFSA 2013-65/CVE-2013-1705 (bmo#882865)
+    Buffer underflow when generating CRMF requests
+  * MFSA 2013-76/CVE-2013-1718
+    Miscellaneous memory safety hazards
+  * MFSA 2013-79/CVE-2013-1722 (bmo#893308)
+    Use-after-free in Animation Manager during stylesheet cloning
+  * MFSA 2013-82/CVE-2013-1725 (bmo#876762)
+    Calling scope for new Javascript objects can lead to memory corruption
+  * MFSA 2013-88/CVE-2013-1730 (bmo#851353)
+    Compartment mismatch re-attaching XBL-backed nodes
+  * MFSA 2013-89/CVE-2013-1732 (bmo#883514)
+    Buffer overflow with multi-column, lists, and floats
+  * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
+    Memory corruption involving scrolling
+  * MFSA 2013-91/CVE-2013-1737 (bmo#907727)
+    User-defined properties on DOM proxies get the wrong "this" object
 
 -------------------------------------------------------------------
 Fri Aug  2 09:58:06 UTC 2013 - wr@rosenauer.org

--- a/MozillaFirefox/firefox-esr.spec	Sat Sep 14 21:02:47 2013 +0200
+++ b/MozillaFirefox/firefox-esr.spec	Thu Oct 24 18:41:12 2013 +0200
@@ -18,7 +18,7 @@
 
 
 %define major 17
-%define mainver %major.0.9
+%define mainver %major.0.10
 %define update_channel release
 
 Name:           firefox-esr
@@ -45,7 +45,7 @@
 BuildRequires:  wireless-tools
 %endif
 BuildRequires:  mozilla-nspr-devel >= 4.9.5
-BuildRequires:  mozilla-nss-devel >= 3.14.3
+BuildRequires:  mozilla-nss-devel >= 3.14.4
 BuildRequires:  nss-shared-helper-devel
 %if %suse_version > 1140
 BuildRequires:  pkgconfig(gstreamer-0.10)
@@ -54,7 +54,7 @@
 %endif
 Version:        %{mainver}
 Release:        0
-%define         releasedate 2013091000
+%define         releasedate 2013102400
 Provides:       firefox-esr = %{mainver}
 Provides:       web_browser
 Provides:       browser(npapi)

--- a/xulrunner/create-tar.sh	Sat Sep 14 21:02:47 2013 +0200
+++ b/xulrunner/create-tar.sh	Thu Oct 24 18:41:12 2013 +0200
@@ -2,8 +2,8 @@
 
 CHANNEL="esr17"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_17_0_9esr_RELEASE"
-VERSION="17.0.9"
+RELEASE_TAG="FIREFOX_17_0_10esr_RELEASE"
+VERSION="17.0.10"
 
 # mozilla
 echo "cloning $BRANCH..."

--- a/xulrunner/xulrunner-esr.changes	Sat Sep 14 21:02:47 2013 +0200
+++ b/xulrunner/xulrunner-esr.changes	Thu Oct 24 18:41:12 2013 +0200
@@ -1,7 +1,29 @@
 -------------------------------------------------------------------
-Thu Sep 12 10:07:45 UTC 2013 - wr@rosenauer.org
+Thu Oct 24 16:32:23 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.10esr (bnc#)
+  * require NSS 3.14.4 or above
+
+-------------------------------------------------------------------
+Thu Sep 12 10:06:08 UTC 2013 - wr@rosenauer.org
 
-- update to 17.0.9esr (bnc#)
+- update to 17.0.9esr (bnc#840485)
+  * MFSA 2013-65/CVE-2013-1705 (bmo#882865)
+    Buffer underflow when generating CRMF requests
+  * MFSA 2013-76/CVE-2013-1718
+    Miscellaneous memory safety hazards
+  * MFSA 2013-79/CVE-2013-1722 (bmo#893308)
+    Use-after-free in Animation Manager during stylesheet cloning
+  * MFSA 2013-82/CVE-2013-1725 (bmo#876762)
+    Calling scope for new Javascript objects can lead to memory corruption
+  * MFSA 2013-88/CVE-2013-1730 (bmo#851353)
+    Compartment mismatch re-attaching XBL-backed nodes
+  * MFSA 2013-89/CVE-2013-1732 (bmo#883514)
+    Buffer overflow with multi-column, lists, and floats
+  * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
+    Memory corruption involving scrolling
+  * MFSA 2013-91/CVE-2013-1737 (bmo#907727)
+    User-defined properties on DOM proxies get the wrong "this" object
 
 -------------------------------------------------------------------
 Fri Aug  2 11:51:23 UTC 2013 - wr@rosenauer.org

--- a/xulrunner/xulrunner-esr.spec	Sat Sep 14 21:02:47 2013 +0200
+++ b/xulrunner/xulrunner-esr.spec	Thu Oct 24 18:41:12 2013 +0200
@@ -43,13 +43,13 @@
 BuildRequires:  wireless-tools
 %endif
 BuildRequires:  mozilla-nspr-devel >= 4.9.5
-BuildRequires:  mozilla-nss-devel >= 3.14.3
-Version:        17.0.9
+BuildRequires:  mozilla-nss-devel >= 3.14.4
+Version:        17.0.10
 Release:        0
-%define         releasedate 2013091000
-%define         version_internal 17.0.9
+%define         releasedate 2013102400
+%define         version_internal 17.0.10
 %define         apiversion 17
-%define         uaweight 1700009
+%define         uaweight 1700010
 Summary:        Mozilla Runtime Environment
 License:        MPL-2.0
 Group:          Productivity/Other

--- a/xulrunner/xulrunner.changes	Sat Sep 14 21:02:47 2013 +0200
+++ b/xulrunner/xulrunner.changes	Thu Oct 24 18:41:12 2013 +0200
@@ -1,7 +1,29 @@
+-------------------------------------------------------------------
+Thu Oct 24 16:40:37 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.10esr (bnc#)
+  * require NSS 3.14.4 or above
+
 -------------------------------------------------------------------
 Thu Sep 12 10:06:08 UTC 2013 - wr@rosenauer.org
 
-- update to 17.0.9esr (bnc#)
+- update to 17.0.9esr (bnc#840485)
+  * MFSA 2013-65/CVE-2013-1705 (bmo#882865)
+    Buffer underflow when generating CRMF requests
+  * MFSA 2013-76/CVE-2013-1718
+    Miscellaneous memory safety hazards
+  * MFSA 2013-79/CVE-2013-1722 (bmo#893308)
+    Use-after-free in Animation Manager during stylesheet cloning
+  * MFSA 2013-82/CVE-2013-1725 (bmo#876762)
+    Calling scope for new Javascript objects can lead to memory corruption
+  * MFSA 2013-88/CVE-2013-1730 (bmo#851353)
+    Compartment mismatch re-attaching XBL-backed nodes
+  * MFSA 2013-89/CVE-2013-1732 (bmo#883514)
+    Buffer overflow with multi-column, lists, and floats
+  * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
+    Memory corruption involving scrolling
+  * MFSA 2013-91/CVE-2013-1737 (bmo#907727)
+    User-defined properties on DOM proxies get the wrong "this" object
 
 -------------------------------------------------------------------
 Fri Aug  2 10:56:43 UTC 2013 - wr@rosenauer.org

--- a/xulrunner/xulrunner.spec	Sat Sep 14 21:02:47 2013 +0200
+++ b/xulrunner/xulrunner.spec	Thu Oct 24 18:41:12 2013 +0200
@@ -43,13 +43,13 @@
 BuildRequires:  wireless-tools
 %endif
 BuildRequires:  mozilla-nspr-devel >= 4.9.5
-BuildRequires:  mozilla-nss-devel >= 3.14.3
-Version:        17.0.9
+BuildRequires:  mozilla-nss-devel >= 3.14.4
+Version:        17.0.10
 Release:        0
-%define         releasedate 2013091000
-%define         version_internal 17.0.9
+%define         releasedate 2013102400
+%define         version_internal 17.0.10
 %define         apiversion 17
-%define         uaweight 1700009
+%define         uaweight 1700010
 Summary:        Mozilla Runtime Environment
 License:        MPL-2.0
 Group:          Productivity/Other