mozilla: MozillaFirefox/MozillaFirefox.changes@6a889427cd4f (annotated)

893 86f72f1e98a4 prepare Gtk3 based builds on a feature branch Wolfgang Rosenauer <wr@rosenauer.org> parents: 892 diff changeset	1	-------------------------------------------------------------------
904 6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	2	Sun Mar 6 19:52:13 UTC 2016 - wr@rosenauer.org
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	3
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	4	- update to Firefox 45.0
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	5	* requires NSPR 4.12 / NSS 3.21.1
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	6	* Instant browser tab sharing through Hello
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	7	* Synced Tabs button in button bar
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	8	* Tabs synced via Firefox Accounts from other devices are now shown
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	9	in dropdown area of Awesome Bar when searching
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	10	* Introduce a new preference (network.dns.blockDotOnion) to allow
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	11	blocking .onion at the DNS level
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	12	* Tab Groups (Panorama) feature removed
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	13
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	14	-------------------------------------------------------------------
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	15	Sat Mar 5 15:27:00 UTC 2016 - olaf@aepfle.de
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	16
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	17	- Remove B_CNT from symbols.zip filename to reduce build-compare noise
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	18
6a889427cd4f 45.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 903 diff changeset	19	-------------------------------------------------------------------
903 83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	20	Fri Feb 26 16:22:52 UTC 2016 - astieger@suse.com
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	21
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	22	- fix build problems on i586, caused by too large unified compile
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	23	units - adding mozilla-reduce-files-per-UnifiedBindings.patch
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	24
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	25	-------------------------------------------------------------------
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	26	Thu Feb 11 07:51:34 UTC 2016 - wr@rosenauer.org
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	27
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	28	- update to Firefox 44.0.2
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	29	* MFSA 2016-13/CVE-2016-1949 (bmo#1245724, boo#966438)
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	30	Same-origin-policy violation using Service Workers with plugins
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	31	* Fix issue which could lead to the removal of stored passwords
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	32	under certain circumstances (bmo#1242176)
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	33	* Allows spaces in cookie names (bmo#1244505)
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	34	* Disable opus/vorbis audio with H.264 (bmo#1245696)
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	35	* Fix for graphics startup crash (GNU/Linux) (bmo#1222171)
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	36	* Fix a crash in cache networking (bmo#1244076)
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	37	* Fix using WebSockets in service worker controlled pages (bmo#1243942)
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	38
83801946c93f 44.0.2 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 902 diff changeset	39	-------------------------------------------------------------------
900 91466ca5c8d9 latest merge from firefox43 Wolfgang Rosenauer <wr@rosenauer.org> parents: 899 897 diff changeset	40	Sun Jan 24 09:33:15 UTC 2016 - wr@rosenauer.org
91466ca5c8d9 latest merge from firefox43 Wolfgang Rosenauer <wr@rosenauer.org> parents: 899 897 diff changeset	41
902 11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	42	- update to Firefox 44.0
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	43	* MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 boo#963633
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	44	Miscellaneous memory safety hazards
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	45	* MFSA 2016-02/CVE-2016-1933 (bmo#1231761) boo#963634
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	46	Out of Memory crash when parsing GIF format images
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	47	* MFSA 2016-03/CVE-2016-1935 (bmo#1220450) boo#963635
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	48	Buffer overflow in WebGL after out of memory allocation
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	49	* MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784) boo#963637
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	50	Firefox allows for control characters to be set in cookie names
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	51	* MFSA 2016-06/CVE-2016-1937 (bmo#724353) boo#963641
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	52	Missing delay following user click events in protocol handler dialog
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	53	* MFSA 2016-07/CVE-2016-1938 (bmo#1190248) boo#963731
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	54	Errors in mp_div and mp_exptmod cryptographic functions in NSS
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	55	(fixed by requiring NSS 3.21)
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	56	* MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590)
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	57	Addressbar spoofing attacks boo#963643
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	58	* MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	59	(bmo#1186621, bmo#1214782, bmo#1232096) boo#963644
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	60	Unsafe memory manipulation found through code inspection
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	61	* MFSA 2016-11/CVE-2016-1947 (bmo#1237103) boo#963645
11475705ab0f 44.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 900 diff changeset	62	Application Reputation service disabled in Firefox 43
899 44a28160de40 prepare 44.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	63	* requires NSPR 4.11
44a28160de40 prepare 44.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	64	* requires NSS 3.21
896 2b664b26b6b2 change was after submission Wolfgang Rosenauer <wr@rosenauer.org> parents: 895 diff changeset	65	- prepare mozilla-kde.patch for Gtk3 builds
899 44a28160de40 prepare 44.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	66	- rebased patches
896 2b664b26b6b2 change was after submission Wolfgang Rosenauer <wr@rosenauer.org> parents: 895 diff changeset	67
2b664b26b6b2 change was after submission Wolfgang Rosenauer <wr@rosenauer.org> parents: 895 diff changeset	68	-------------------------------------------------------------------
897 4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	69	Mon Jan 11 08:04:24 UTC 2016 - astieger@suse.com
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	70
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	71	- Mozilla Firefox 43.0.4:
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	72	* Re-enable SHA-1 certificates to prevent outdated
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	73	man-in-the-middle security devices from interfering with
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	74	properly secured SSL/TLS connections (bmo#1236975)
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	75	* Fix for startup crash for users of a third party antivirus tool
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	76	(bmo#1235537)
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	77	- The following change was previously in the package as a patch:
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	78	* Multi-user GNU/Linux download folders can be created
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	79	(bmo#1233434), removed mozilla-bmo1233434.patch
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	80
4d8912c4a729 43.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 896 diff changeset	81	-------------------------------------------------------------------
895 b0e57b478b1b merge change from mozilla:Factory (libXcomposite-devel requirement) Wolfgang Rosenauer <wr@rosenauer.org> parents: 894 diff changeset	82	Tue Dec 29 20:29:35 UTC 2015 - wr@rosenauer.org
892 571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	83
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	84	- update to Firefox 43.0.3
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	85	* requires NSS 3.20.2 to fix
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	86	MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	87	MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	88	server signature
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	89	* various changes to support Windows update (SHA-1 vs. SHA-2)
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	90	* workaround Youtube user agent detection issue (bmo#1233970)
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	91	- fix file download regression for multi user systems
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	92	(bmo#1233434) (mozilla-bmo1233434.patch)
895 b0e57b478b1b merge change from mozilla:Factory (libXcomposite-devel requirement) Wolfgang Rosenauer <wr@rosenauer.org> parents: 894 diff changeset	93	- explicitely requires libXcomposite-devel
892 571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	94
571212dc4d05 43.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 890 diff changeset	95	-------------------------------------------------------------------
890 4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	96	Sun Dec 13 23:07:56 UTC 2015 - wr@rosenauer.org
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	97
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	98	- update to Firefox 43.0 (bnc#959277)
889 de3a92aed259 43.0b9 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 886 diff changeset	99	* Improved API support for m4v video playback
de3a92aed259 43.0b9 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 886 diff changeset	100	* Users can opt-in to receive search suggestions from the Awesome Bar
de3a92aed259 43.0b9 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 886 diff changeset	101	* WebRTC streaming on multiple monitors
de3a92aed259 43.0b9 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 886 diff changeset	102	* User selectable second block list for Private Browsing's Tracking
de3a92aed259 43.0b9 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 886 diff changeset	103	Protection
890 4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	104	security fixes:
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	105	* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	106	Miscellaneous memory safety hazards
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	107	* MFSA 2015-135/CVE-2015-7204 (bmo#1216130)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	108	Crash with JavaScript variable assignment with unboxed objects
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	109	* MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	110	Same-origin policy violation using perfomance.getEntries and
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	111	history navigation
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	112	* MFSA 2015-137/CVE-2015-7208 (bmo#1191423)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	113	Firefox allows for control characters to be set in cookies
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	114	* MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	115	Use-after-free in WebRTC when datachannel is used after being
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	116	destroyed
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	117	* MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	118	Integer overflow allocating extremely large textures
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	119	* MFSA 2015-140/CVE-2015-7215 (bmo#1160890)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	120	Cross-origin information leak through web workers error events
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	121	* MFSA 2015-141/CVE-2015-7211 (bmo#1221444)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	122	Hash in data URI is incorrectly parsed
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	123	* MFSA 2015-142/CVE-2015-7218/CVE-2015-7219 (bmo#1194818, bmo#1194820)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	124	DOS due to malformed frames in HTTP/2
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	125	* MFSA 2015-143/CVE-2015-7216/CVE-2015-7217 (bmo#1197059, bmo#1203078)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	126	Linux file chooser crashes on malformed images due to flaws in
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	127	Jasper library
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	128	* MFSA 2015-144/CVE-2015-7203/CVE-2015-7220/CVE-2015-7221
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	129	(bmo#1201183, bmo#1178033, bmo#1199400)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	130	Buffer overflows found through code inspection
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	131	* MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	132	Underflow through code inspection
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	133	* MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	134	Integer overflow in MP4 playback in 64-bit versions
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	135	* MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	136	Integer underflow and buffer overflow processing MP4 metadata in
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	137	libstagefright
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	138	* MFSA 2015-148/CVE-2015-7223 (bmo#1226423)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	139	Privilege escalation vulnerabilities in WebExtension APIs
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	140	* MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
4ba0eb6a14ca 43.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 889 diff changeset	141	Cross-site reading attack through data and view-source URIs
889 de3a92aed259 43.0b9 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 886 diff changeset	142	- rebased patches
de3a92aed259 43.0b9 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 886 diff changeset	143
de3a92aed259 43.0b9 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 886 diff changeset	144	-------------------------------------------------------------------
886 2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	145	Sun Nov 15 19:52:20 UTC 2015 - wr@rosenauer.org
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	146
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	147	- Add desktop menu action for private browsing window to desktop
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	148	file (boo#954747)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	149	- remove obsolete patch mozilla-bmo1005535.patch completely from
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	150	source package to avoid automatic check failures
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	151
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	152	-------------------------------------------------------------------
885 ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	153	Sat Oct 31 19:50:03 UTC 2015 - wr@rosenauer.org
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	154
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	155	- update to Firefox 42.0 (bnc#952810)
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	156	* Private Browsing with Tracking Protection blocks certain Web
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	157	elements that could be used to record your behavior across sites
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	158	* Control Center that contains site security and privacy controls
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	159	* Login Manager improvements
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	160	* WebRTC improvements
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	161	* Indicator added to tabs that play audio with one-click muting
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	162	* Media Source Extension for HTML5 video available for all sites
886 2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	163	security fixes:
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	164	* MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	165	Miscellaneous memory safety hazards
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	166	* MFSA 2015-117/CVE-2015-4515 (bmo#1046421)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	167	Information disclosure through NTLM authentication
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	168	* MFSA 2015-118/CVE-2015-4518 (bmo#1182778, bmo#1136692)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	169	CSP bypass due to permissive Reader mode whitelist
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	170	* MFSA 2015-119/CVE-2015-7185 (bmo#1149000) (Android only)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	171	Firefox for Android addressbar can be removed after fullscreen mode
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	172	* MFSA 2015-120/CVE-2015-7186 (bmo#1193027) (Android only)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	173	Reading sensitive profile files through local HTML file on Android
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	174	* MFSA 2015-121/CVE-2015-7187 (bmo#1195735)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	175	disabling scripts in Add-on SDK panels has no effect
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	176	* MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	177	Trailing whitespace in IP address hostnames can bypass same-origin policy
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	178	* MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	179	Buffer overflow during image interactions in canvas
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	180	* MFSA 2015-124/CVE-2015-7190 (bmo#1208520) (Android only)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	181	Android intents can be used on Firefox for Android to open privileged files
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	182	* MFSA 2015-125/CVE-2015-7191 (bmo#1208956) (Android only)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	183	XSS attack through intents on Firefox for Android
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	184	* MFSA 2015-126/CVE-2015-7192 (bmo#1210023) (OS X only)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	185	Crash when accessing HTML tables with accessibility tools on OS X
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	186	* MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	187	CORS preflight is bypassed when non-standard Content-Type headers
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	188	are received
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	189	* MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	190	Memory corruption in libjar through zip files
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	191	* MFSA 2015-129/CVE-2015-7195 (bmo#1211871)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	192	Certain escaped characters in host of Location-header are being
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	193	treated as non-escaped
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	194	* MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	195	JavaScript garbage collection crash with Java applet
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	196	* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	197	(bmo#1188010, bmo#1204061, bmo#1204155)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	198	Vulnerabilities found through code inspection
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	199	* MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	200	Mixed content WebSocket policy bypass through workers
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	201	* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	202	(bmo#1202868, bmo#1205157)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	203	NSS and NSPR memory corruption issues
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	204	(fixed in mozilla-nspr and mozilla-nss packages)
2e9f984bca7f changelogs and desktop file changes Wolfgang Rosenauer <wr@rosenauer.org> parents: 885 diff changeset	205	- requires NSPR >= 4.10.10 and NSS >= 3.19.4
885 ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	206	- removed obsolete patches
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	207	* mozilla-arm-disable-edsp.patch
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	208	* mozilla-icu-strncat.patch
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	209	* mozilla-skia-be-le.patch
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	210	* toolkit-download-folder.patch
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	211	- fixed build with enable-libproxy (bmo#1220399)
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	212	* mozilla-libproxy.patch
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	213
ee3c462047d5 42 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 884 diff changeset	214	-------------------------------------------------------------------
884 d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	215	Thu Oct 15 08:25:54 UTC 2015 - wr@rosenauer.org
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	216
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	217	- update to Firefox 41.0.2 (bnc#950686)
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	218	* MFSA 2015-115/CVE-2015-7184 (bmo#1208339, bmo#1212669)
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	219	Cross-origin restriction bypass using Fetch
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	220	- added explicit appdata provides (bnc#949983)
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	221
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	222	-------------------------------------------------------------------
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	223	Sun Oct 4 09:20:56 UTC 2015 - wr@rosenauer.org
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	224
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	225	- do not build with --enable-stdcxx-compat
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	226	(this starts to fail build on various toolchain combinations
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	227	and is not required for openSUSE builds in general
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	228
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	229	-------------------------------------------------------------------
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	230	Thu Oct 1 09:49:57 UTC 2015 - wr@rosenauer.org
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	231
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	232	- update to Firefox 41.0.1
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	233	* Fix a startup crash related to Yandex toolbar and Adblock Plus
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	234	(bmo#1209124)
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	235	* Fix potential hangs with Flash plugins (bmo#1185639)
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	236	* Fix a regression in the bookmark creation (bmo#1206376)
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	237	* Fix a startup crash with some Intel Media Accelerator 3150
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	238	graphic cards (bmo#1207665)
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	239	* Fix a graphic crash, occurring occasionally on Facebook (bmo#1178601)
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	240
d9d863421693 42.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 883 diff changeset	241	-------------------------------------------------------------------
883 7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	242	Sat Sep 19 20:23:29 UTC 2015 - wr@rosenauer.org
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	243
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	244	- update to Firefox 41.0 (bnc#947003)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	245	* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	246	Miscellaneous memory safety hazards
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	247	* MFSA 2015-97/CVE-2015-4503 (bmo#994337)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	248	Memory leak in mozTCPSocket to servers
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	249	* MFSA 2015-98/CVE-2015-4504 (bmo#1132467)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	250	Out of bounds read in QCMS library with ICC V4 profile attributes
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	251	* MFSA 2015-99/CVE-2015-4476 (bmo#1162372) (Android only)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	252	Site attribute spoofing on Android by pasting URL with unknown scheme
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	253	* MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	254	Arbitrary file manipulation by local user through Mozilla updater
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	255	* MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	256	Buffer overflow in libvpx while parsing vp9 format video
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	257	* MFSA 2015-102/CVE-2015-4507 (bmo#1192401)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	258	Crash when using debugger with SavedStacks in JavaScript
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	259	* MFSA 2015-103/CVE-2015-4508 (bmo#1195976)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	260	URL spoofing in reader mode
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	261	* MFSA 2015-104/CVE-2015-4510 (bmo#1200004)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	262	Use-after-free with shared workers and IndexedDB
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	263	* MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	264	Buffer overflow while decoding WebM video
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	265	* MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	266	Use-after-free while manipulating HTML media content
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	267	* MFSA 2015-107/CVE-2015-4512 (bmo#1170390)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	268	Out-of-bounds read during 2D canvas display on Linux 16-bit
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	269	color depth systems
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	270	* MFSA 2015-108/CVE-2015-4502 (bmo#1105045)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	271	Scripted proxies can access inner window
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	272	* MFSA 2015-109/CVE-2015-4516 (bmo#904886)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	273	JavaScript immutable property enforcement can be bypassed
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	274	* MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	275	Dragging and dropping images exposes final URL after redirects
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	276	* MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	277	Errors in the handling of CORS preflight request headers
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	278	* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	279	CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	280	CVE-2015-7180
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	281	Vulnerabilities found through code inspection
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	282	* MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	283	bmo#1190526) (Windows only)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	284	Memory safety errors in libGLES in the ANGLE graphics library
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	285	* MFSA 2015-114 (bmo#1167498, bmo#1153672) (Windows only)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	286	Information disclosure via the High Resolution Time API
882 82af81b0a6c7 beta9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 875 diff changeset	287	- rebased patches
82af81b0a6c7 beta9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 875 diff changeset	288	- removed obsolete patches
82af81b0a6c7 beta9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 875 diff changeset	289	* mozilla-arm64-libjpeg-turbo.patch
82af81b0a6c7 beta9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 875 diff changeset	290
883 7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	291	------------------------------------------------------------------
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	292	Thu Aug 27 06:03:51 UTC 2015 - wr@rosenauer.org
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	293
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	294	- update to Firefox 40.0.3 (bnc#943550)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	295	* Disable the asynchronous plugin initialization (bmo#1198590)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	296	* Fix a segmentation fault in the GStreamer support (bmo#1145230)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	297	* Fix a regression with some Japanese fonts used in the <input>
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	298	field (bmo#1194055)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	299	* On some sites, the selection in a select combox box using the
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	300	mouse could be broken (bmo#1194733)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	301	security fixes
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	302	* MFSA 2015-94/CVE-2015-4497 (bmo#1164766, bmo#1175278)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	303	Use-after-free when resizing canvas element during restyling
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	304	* MFSA 2015-95/CVE-2015-4498 (bmo#1042699)
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	305	Add-on notification bypass through data URLs
7aa7715fdc8f 41.0 release and changelogs Wolfgang Rosenauer <wr@rosenauer.org> parents: 882 diff changeset	306
882 82af81b0a6c7 beta9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 875 diff changeset	307	-------------------------------------------------------------------
875 2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	308	Fri Aug 7 07:49:49 UTC 2015 - wr@rosenauer.org
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	309
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	310	- update to Firefox 40.0 (bnc#940806)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	311	* Added protection against unwanted software downloads
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	312	* Suggested Tiles show sites of interest, based on categories
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	313	from your recent browsing history
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	314	* Hello allows adding a link to conversations to provide context
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	315	on what the conversation will be about
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	316	* New style for add-on manager based on the in-content
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	317	preferences style
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	318	* Improved scrolling, graphics, and video playback performance
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	319	with off main thread compositing (GNU/Linux only)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	320	* Graphic blocklist mechanism improved: Firefox version ranges
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	321	can be specified, limiting the number of devices blocked
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	322	security fixes:
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	323	* MFSA 2015-79/CVE-2015-4473/CVE-2015-4474
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	324	Miscellaneous memory safety hazards
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	325	* MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	326	Out-of-bounds read with malformed MP3 file
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	327	* MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	328	Use-after-free in MediaStream playback
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	329	* MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	330	Redefinition of non-configurable JavaScript object properties
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	331	* MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	332	Overflow issues in libstagefright
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	333	* MFSA 2015-84/CVE-2015-4481 (bmo1171518)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	334	Arbitrary file overwriting through Mozilla Maintenance Service
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	335	with hard links (only affected Windows)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	336	* MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	337	Out-of-bounds write with Updater and malicious MAR file
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	338	(does not affect openSUSE RPM packages which do not ship the
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	339	updater)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	340	* MFSA 2015-86/CVE-2015-4483 (bmo#1148732)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	341	Feed protocol with POST bypasses mixed content protections
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	342	* MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	343	Crash when using shared memory in JavaScript
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	344	* MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	345	Heap overflow in gdk-pixbuf when scaling bitmap images
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	346	* MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	347	Buffer overflows on Libvpx when decoding WebM video
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	348	* MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	349	Vulnerabilities found through code inspection
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	350	* MFSA 2015-91/CVE-2015-4490 (bmo#1086999)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	351	Mozilla Content Security Policy allows for asterisk wildcards
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	352	in violation of CSP specification
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	353	* MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
2d6ccc01ea9e 40.0 final Wolfgang Rosenauer <wr@rosenauer.org> parents: 872 diff changeset	354	Use-after-free in XMLHttpRequest with shared workers
869 0dd25a92df97 working FF 40 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 868 diff changeset	355	- added mozilla-no-stdcxx-check.patch
0dd25a92df97 working FF 40 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 868 diff changeset	356	- removed obsolete patches
868 284da266ec46 40beta rebase Wolfgang Rosenauer <wr@rosenauer.org> parents: 867 diff changeset	357	* mozilla-add-glibcxx_use_cxx11_abi.patch
869 0dd25a92df97 working FF 40 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 868 diff changeset	358	* firefox-multilocale-chrome.patch
868 284da266ec46 40beta rebase Wolfgang Rosenauer <wr@rosenauer.org> parents: 867 diff changeset	359	- rebased patches
869 0dd25a92df97 working FF 40 build Wolfgang Rosenauer <wr@rosenauer.org> parents: 868 diff changeset	360	- requires version 40 of the branding package
871 4c6e8495720b beta update Wolfgang Rosenauer <wr@rosenauer.org> parents: 869 diff changeset	361	- removed browser/searchplugins/ location as it's not valid anymore
867 3af93b7e5e3d merge from firefox39 and switch to 40beta branch Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	362
3af93b7e5e3d merge from firefox39 and switch to 40beta branch Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	363	-------------------------------------------------------------------
870 09ffe9247f8a FF 39.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	364	Fri Aug 7 07:09:39 UTC 2015 - wr@rosenauer.org
09ffe9247f8a FF 39.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	365
09ffe9247f8a FF 39.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	366	- security update to Firefox 39.0.3 (bnc#940918)
09ffe9247f8a FF 39.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	367	* MFSA 2015-78/CVE-2015-4495 (bmo#1179262, bmo#1178058)
09ffe9247f8a FF 39.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	368	Same origin violation and local file stealing via PDF reader
09ffe9247f8a FF 39.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	369
09ffe9247f8a FF 39.0.3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 866 diff changeset	370	-------------------------------------------------------------------
866 28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	371	Wed Jul 1 06:43:02 UTC 2015 - wr@rosenauer.org
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	372
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	373	- update to Firefox 39.0 (bnc#935979)
863 d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	374	* Share Hello URLs with social networks
d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	375	* Support for 'switch' role in ARIA 1.1 (web accessibility)
d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	376	* SafeBrowsing malware detection lookups enabled for downloads
d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	377	(Mac OS X and Linux)
d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	378	* Support for new Unicode 8.0 skin tone emoji
d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	379	* Removed support for insecure SSLv3 for network communications
d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	380	* Disable use of RC4 except for temporarily whitelisted hosts
d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	381	* NPAPI Plug-in performance improved via asynchronous initialization
866 28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	382	security fixes:
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	383	* MFSA 2015-59/CVE-2015-2724/CVE-2015-2725/CVE-2015-2726
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	384	Miscellaneous memory safety hazards
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	385	* MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	386	Local files or privileged URLs in pages can be opened into new tabs
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	387	* MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	388	Type confusion in Indexed Database Manager
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	389	* MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	390	Out-of-bound read while computing an oscillator rendering range in Web Audio
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	391	* MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	392	Use-after-free in Content Policy due to microtask execution error
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	393	* MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	394	ECDSA signature validation fails to handle some signatures correctly
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	395	(this fix is shipped by NSS 3.19.1 externally)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	396	* MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	397	Use-after-free in workers while using XMLHttpRequest
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	398	* MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	399	CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	400	Vulnerabilities found through code inspection
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	401	* MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	402	Key pinning is ignored when overridable errors are encountered
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	403	* MFSA 2015-68/CVE-2015-2742 (bmo#1138669)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	404	OS X crash reports may contain entered key press information
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	405	(not relevant under Linux)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	406	* MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	407	Privilege escalation in PDF.js
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	408	* MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	409	NSS accepts export-length DHE keys with regular DHE cipher suites
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	410	(this fix is shipped by NSS 3.19.1 externally)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	411	* MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	412	NSS incorrectly permits skipping of ServerKeyExchange
28eb9d3ab7e8 39.0 final with changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 863 diff changeset	413	(this fix is shipped by NSS 3.19.1 externally)
857 ab297940ae8a rebased to 39.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 855 diff changeset	414	- dropped mozilla-prefer_plugin_pref.patch as this feature is
ab297940ae8a rebased to 39.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 855 diff changeset	415	likely not worth maintaining further
ab297940ae8a rebased to 39.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 855 diff changeset	416	- rebased patches
863 d5a1c8dec7ed Firefox 39.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 862 diff changeset	417	- require NSS 3.19.2
857 ab297940ae8a rebased to 39.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 855 diff changeset	418
ab297940ae8a rebased to 39.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 855 diff changeset	419	-------------------------------------------------------------------
862 390088186660 mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration Andreas Schwab <schwab@suse.de> parents: 861 diff changeset	420	Thu Jun 18 10:30:18 UTC 2015 - schwab@suse.de
390088186660 mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration Andreas Schwab <schwab@suse.de> parents: 861 diff changeset	421
390088186660 mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration Andreas Schwab <schwab@suse.de> parents: 861 diff changeset	422	- mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration
390088186660 mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration Andreas Schwab <schwab@suse.de> parents: 861 diff changeset	423
390088186660 mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration Andreas Schwab <schwab@suse.de> parents: 861 diff changeset	424	-------------------------------------------------------------------
854 74b775d6b911 38.0.6 Wolfgang Rosenauer <wr@rosenauer.org> parents: 853 diff changeset	425	Sun Jun 7 07:09:12 UTC 2015 - wr@rosenauer.org
74b775d6b911 38.0.6 Wolfgang Rosenauer <wr@rosenauer.org> parents: 853 diff changeset	426
74b775d6b911 38.0.6 Wolfgang Rosenauer <wr@rosenauer.org> parents: 853 diff changeset	427	- update to Firefox 38.0.6
855 1f860c829900 correct changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 854 diff changeset	428	* fixes bmo#1171730 which is not really relevant to oS builds
1f860c829900 correct changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 854 diff changeset	429	- fix KDE regression from 38.0.5 builds (bsc#933439)
854 74b775d6b911 38.0.6 Wolfgang Rosenauer <wr@rosenauer.org> parents: 853 diff changeset	430
74b775d6b911 38.0.6 Wolfgang Rosenauer <wr@rosenauer.org> parents: 853 diff changeset	431	-------------------------------------------------------------------
853 cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	432	Sat May 23 21:13:49 UTC 2015 - wr@rosenauer.org
cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	433
cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	434	- update to Firefox 38.0.5
cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	435	* Keep track of articles and videos with Pocket
cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	436	* Clean formatting for articles and blog posts with Reader View
cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	437	* Share the active tab or window in a Hello conversation
cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	438	- add changes file as source for SRPM (bsc#932142)
cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	439
cf7e96afbe3a Firefox 38.0.5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 852 diff changeset	440	-------------------------------------------------------------------
852 e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	441	Fri May 15 10:40:19 UTC 2015 - normand@linux.vnet.ibm.com
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	442
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	443	- add mozilla-add-glibcxx_use_cxx11_abi.patch grabbed from
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	444	https://bugzilla.mozilla.org/show_bug.cgi?id=1153109
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	445
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	446	-------------------------------------------------------------------
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	447	Fri May 15 07:37:46 UTC 2015 - wr@rosenauer.org
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	448
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	449	- update to Firefox 38.0.1
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	450	stability and regression fixes
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	451	* Systems with first generation NVidia Optimus graphics cards
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	452	may crash on start-up
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	453	* Users who import cookies from Google Chrome can end up with
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	454	broken websites
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	455	* Large animated images may fail to play and may stop other
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	456	images from loading
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	457
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	458	-------------------------------------------------------------------
851 0855c4ac4793 Firefox 38.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 850 diff changeset	459	Sun May 10 07:07:49 UTC 2015 - wr@rosenauer.org
0855c4ac4793 Firefox 38.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 850 diff changeset	460
852 e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	461	- update to Firefox 38.0 (bnc#930622)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	462	* New tab-based preferences
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	463	* Ruby annotation support
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	464	* more info: https://www.mozilla.org/en-US/firefox/38.0/releasenotes/
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	465	security fixes:
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	466	* MFSA 2015-46/CVE-2015-2708/CVE-2015-2709
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	467	Miscellaneous memory safety hazards
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	468	* MFSA 2015-47/VE-2015-0797 (bmo#1080995)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	469	Buffer overflow parsing H.264 video with Linux Gstreamer
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	470	* MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	471	Buffer overflow with SVG content and CSS
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	472	* MFSA 2015-49/CVE-2015-2711 (bmo#1113431)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	473	Referrer policy ignored when links opened by middle-click and
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	474	context menu
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	475	* MFSA 2015-50/CVE-2015-2712 (bmo#1152280)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	476	Out-of-bounds read and write in asm.js validation
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	477	* MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	478	Use-after-free during text processing with vertical text enabled
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	479	* MFSA 2015-53/CVE-2015-2715 (bmo#988698)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	480	Use-after-free due to Media Decoder Thread creation during shutdown
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	481	* MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	482	Buffer overflow when parsing compressed XML
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	483	* MFSA 2015-55/CVE-2015-2717 (bmo#1154683)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	484	Buffer overflow and out-of-bounds read while parsing MP4 video
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	485	metadata
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	486	* MFSA 2015-56/CVE-2015-2718 (bmo#1146724)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	487	Untrusted site hosting trusted page can intercept webchannel
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	488	responses
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	489	* MFSA 2015-57/CVE-2011-3079 (bmo#1087565)
e11af0d6cb48 38.0.1 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 851 diff changeset	490	Privilege escalation through IPC channel messages
850 a2bdff616a0e prepare 38beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 845 diff changeset	491	- requires NSS 3.18.1
851 0855c4ac4793 Firefox 38.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 850 diff changeset	492	- removed obsolete patches:
0855c4ac4793 Firefox 38.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 850 diff changeset	493	* mozilla-skia-bmo1136958.patch
0855c4ac4793 Firefox 38.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 850 diff changeset	494	- remove gnomevfs build options as it is removed from sources
0855c4ac4793 Firefox 38.0 Wolfgang Rosenauer <wr@rosenauer.org> parents: 850 diff changeset	495	- rebased patches
850 a2bdff616a0e prepare 38beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 845 diff changeset	496
a2bdff616a0e prepare 38beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 845 diff changeset	497	-------------------------------------------------------------------
a2bdff616a0e prepare 38beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 845 diff changeset	498	Fri Apr 17 16:39:20 UTC 2015 - wr@rosenauer.org
a2bdff616a0e prepare 38beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 845 diff changeset	499
a2bdff616a0e prepare 38beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 845 diff changeset	500	- update to Firefox 37.0.2 (bnc#928116)
a2bdff616a0e prepare 38beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 845 diff changeset	501	* MFSA 2015-45/CVE-2015-2706 (bmo#1141081)
a2bdff616a0e prepare 38beta Wolfgang Rosenauer <wr@rosenauer.org> parents: 845 diff changeset	502	Memory corruption during failed plugin initialization
845 a704b2a17e39 38.0 beta series Wolfgang Rosenauer <wr@rosenauer.org> parents: 844 diff changeset	503
a704b2a17e39 38.0 beta series Wolfgang Rosenauer <wr@rosenauer.org> parents: 844 diff changeset	504	-------------------------------------------------------------------
844 86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	505	Fri Apr 3 08:27:24 UTC 2015 - wr@rosenauer.org
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	506
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	507	- update to Firefox 37.0.1 (bnc#926166)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	508	* MFSA 2015-43/CVE-2015-0798 (bmo#1147597) (Android only)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	509	Loading privileged content through Reader mode
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	510	* MFSA 2015-44/CVE-2015-0799 (bmo#1148328)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	511	Certificate verification bypass through the HTTP/2 Alt-Svc header
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	512
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	513	-------------------------------------------------------------------
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	514	Sat Mar 28 09:46:48 UTC 2015 - wr@rosenauer.org
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	515
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	516	- update to Firefox 37.0 (bnc#925368)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	517	* Heartbeat user rating system
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	518	* Yandex set as default search provider for the Turkish locale
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	519	* Bing search now uses HTTPS for secure searching
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	520	* Improved protection against site impersonation via OneCRL
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	521	centralized certificate revocation
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	522	* Opportunistically encrypt HTTP traffic where the server supports
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	523	HTTP/2 AltSvc
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	524	* some more behaviour changes for TLS
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	525	security fixes:
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	526	* MFSA 2015-30/CVE-2015-0814/CVE-2015-0815
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	527	Miscellaneous memory safety hazards
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	528	* MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	529	Use-after-free when using the Fluendo MP3 GStreamer plugin
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	530	* MFSA 2015-32/CVE-2015-0812 (bmo#1128126)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	531	Add-on lightweight theme installation approval bypassed through
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	532	MITM attack
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	533	* MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	534	resource:// documents can load privileged pages
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	535	* MFSA-2015-34/CVE-2015-0811 (bmo#1132468)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	536	Out of bounds read in QCMS library
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	537	* MFSA-2015-35/CVE-2015-0810 (bmo#1125013)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	538	Cursor clickjacking with flash and images (OS X only)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	539	* MFSA-2015-36/CVE-2015-0808 (bmo#1109552)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	540	Incorrect memory management for simple-type arrays in WebRTC
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	541	* MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	542	CORS requests should not follow 30x redirections after preflight
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	543	* MFSA-2015-38/CVE-2015-0805/CVE-2015-0806 (bmo#1135511, bmo#1099437)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	544	Memory corruption crashes in Off Main Thread Compositing
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	545	* MFSA-2015-39/CVE-2015-0803/CVE-2015-0804 (bmo#1134560)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	546	Use-after-free due to type confusion flaws
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	547	* MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	548	Same-origin bypass through anchor navigation
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	549	* MFSA-2015-41/CVE-2015-0800/CVE-2012-2808
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	550	PRNG weakness allows for DNS poisoning on Android (only)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	551	* MFSA-2015-42/CVE-2015-0802 (bmo#1124898)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	552	Windows can retain access to privileged content on navigation
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	553	to unprivileged pages
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	554	- removed obsolete patches
837 a1f740acf68e 37.0b1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 836 diff changeset	555	* mozilla-bmo1088588.patch
844 86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	556	* mozilla-bmo1108834.patch
836 12530a091878 prepare 37 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	557	- requires NSPR 4.10.8
12530a091878 prepare 37 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	558
12530a091878 prepare 37 beta cycle Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	559	-------------------------------------------------------------------
844 86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	560	Tue Mar 24 15:35:24 UTC 2015 - dvaleev@suse.com
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	561
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	562	- Fix builds with skia on Power
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	563	mozilla-skia-be-le.patch (patch from #bmo1136958)
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	564	mozilla-bmo1108834.patch
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	565	mozilla-bmo1005535.patch
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	566
86fa73db98e5 Firefox 37.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 843 diff changeset	567	-------------------------------------------------------------------
839 6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	568	Sat Mar 21 09:03:12 UTC 2015 - wr@rosenauer.org
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	569
840 e160750ffe91 new bug id Wolfgang Rosenauer <wr@rosenauer.org> parents: 839 diff changeset	570	- update to Firefox 36.0.4 (bnc#923534)
839 6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	571	* MFSA 2015-28/CVE-2015-0818 (bmo#1144988)
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	572	Privilege escalation through SVG navigation
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	573	* MFSA 2015-29/CVE-2015-0817 (bmo#1145255)
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	574	Code execution through incorrect JavaScript bounds checking
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	575	elimination
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	576
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	577	-------------------------------------------------------------------
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	578	Fri Mar 20 15:02:33 UTC 2015 - dimstar@opensuse.org
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	579
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	580	- Copy the icons to /usr/share/icons instead of symlinking them:
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	581	in preparation for containerized apps (e.g. xdg-app) as well as
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	582	AppStream metadata extraction, there are a couple locations that
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	583	need to be real files for system integration (.desktop files,
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	584	icons, mime-type info).
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	585
6fabac5939cb 36.0.4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 838 diff changeset	586	-------------------------------------------------------------------
838 d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	587	Sat Mar 7 07:40:56 UTC 2015 - wr@rosenauer.org
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	588
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	589	- update to Firefox 36.0.1
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	590	Bugfixes:
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	591	* Disable the usage of the ANY DNS query type (bmo#1093983)
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	592	* Hello may become inactive until restart (bmo#1137469)
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	593	* Print preferences may not be preserved (bmo#1136855)
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	594	* Hello contact tabs may not be visible (bmo#1137141)
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	595	* Accept hostnames that include an underscore character ("_")
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	596	(bmo#1136616)
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	597	* WebGL may use significant memory with Canvas2d (bmo#1137251)
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	598	* Option -remote has been restored (bmo#1080319)
840 e160750ffe91 new bug id Wolfgang Rosenauer <wr@rosenauer.org> parents: 839 diff changeset	599	- added mozilla-skia-bmo1136958.patch to fix build issues for
e160750ffe91 new bug id Wolfgang Rosenauer <wr@rosenauer.org> parents: 839 diff changeset	600	ARM and PPC
838 d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	601
d560fce2b8a3 36.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 835 diff changeset	602	-------------------------------------------------------------------
832 4d52d2b45cf0 prepare 36.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	603	Fri Feb 20 22:53:39 UTC 2015 - wr@rosenauer.org
4d52d2b45cf0 prepare 36.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	604
4d52d2b45cf0 prepare 36.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	605	- update to Firefox 36.0 (bnc#917597)
828 59013b3a51f5 update to 36.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 827 diff changeset	606	* mozilla-xremote-client was removed
59013b3a51f5 update to 36.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 827 diff changeset	607	* added libclearkey.so media plugin
832 4d52d2b45cf0 prepare 36.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	608	* Pinned tiles on the new tab page can be synced
4d52d2b45cf0 prepare 36.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	609	* Support for the full HTTP/2 protocol. HTTP/2 enables a faster,
4d52d2b45cf0 prepare 36.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	610	more scalable, and more responsive web.
4d52d2b45cf0 prepare 36.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	611	* Locale added: Uzbek (uz)
835 e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	612	security fixes:
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	613	* MFSA 2015-11/CVE-2015-0835/CVE-2015-0836
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	614	Miscellaneous memory safety hazards
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	615	* MFSA 2015-12/CVE-2015-0833 (bmo#945192)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	616	Invoking Mozilla updater will load locally stored DLL files
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	617	(Windows only)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	618	* MFSA 2015-13/CVE-2015-0832 (bmo#1065909)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	619	Appended period to hostnames can bypass HPKP and HSTS protections
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	620	* MFSA 2015-14/CVE-2015-0830 (bmo#1110488)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	621	Malicious WebGL content crash when writing strings
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	622	* MFSA 2015-15/CVE-2015-0834 (bmo#1098314)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	623	TLS TURN and STUN connections silently fail to simple TCP connections
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	624	* MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	625	Use-after-free in IndexedDB
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	626	* MFSA 2015-17/CVE-2015-0829 (bmo#1128939)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	627	Buffer overflow in libstagefright during MP4 video playback
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	628	* MFSA 2015-18/CVE-2015-0828 (bmo#1030667, bmo#988675)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	629	Double-free when using non-default memory allocators with a
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	630	zero-length XHR
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	631	* MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	632	Out-of-bounds read and write while rendering SVG content
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	633	* MFSA 2015-20/CVE-2015-0826 (bmo#1092363)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	634	Buffer overflow during CSS restyling
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	635	* MFSA 2015-21/CVE-2015-0825 (bmo#1092370)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	636	Buffer underflow during MP3 playback
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	637	* MFSA 2015-22/CVE-2015-0824 (bmo#1095925)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	638	Crash using DrawTarget in Cairo graphics library
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	639	* MFSA 2015-23/CVE-2015-0823 (bmo#1098497)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	640	Use-after-free in Developer Console date with OpenType Sanitiser
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	641	* MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	642	Reading of local files through manipulation of form autocomplete
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	643	* MFSA 2015-25/CVE-2015-0821 (bmo#1111960)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	644	Local files or privileged URLs in pages can be opened into new tabs
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	645	* MFSA 2015-26/CVE-2015-0819 (bmo#1079554)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	646	UI Tour whitelisted sites in background tab can spoof foreground
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	647	tabs
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	648	* MFSA 2015-27CVE-2015-0820 (bmo#1125398)
e7e5b3d0f1b3 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 832 diff changeset	649	Caja Compiler JavaScript sandbox bypass
832 4d52d2b45cf0 prepare 36.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 831 diff changeset	650	- rebased patches
830 97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	651	- requires NSS 3.17.4
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	652
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	653	-------------------------------------------------------------------
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	654	Sat Jan 31 18:37:38 UTC 2015 - wr@rosenauer.org
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	655
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	656	- update to Firefox 35.0.1
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	657	* With the Enhanced Steam extension, Firefox could crash (bmo#1123732)
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	658	* Kerberos authentication did not work with alias (bmo#1108971)
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	659	* SVG / CSS animation had a regression causing rendering issues on
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	660	websites like openstreemap.org (bmo#1083079)
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	661	* On Godaddy webmail, Firefox could crash (bmo#1113121)
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	662	* document.baseURI did not get updated to document.location after
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	663	base tag was removed from DOM for site with a CSP (bmo#1121857)
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	664	* With a Right-to-left (RTL) version of Firefox, the text selection
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	665	could be broken (bmo#1104036)
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	666	* CSP had a change in behavior with regard to case sensitivity
97a3e2246f0f 36.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 828 diff changeset	667	resources loading (bmo#1122445)
828 59013b3a51f5 update to 36.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 827 diff changeset	668
59013b3a51f5 update to 36.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 827 diff changeset	669	-------------------------------------------------------------------
826 677ef48cf29b Firefox 35.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 824 diff changeset	670	Sat Jan 10 18:36:37 UTC 2015 - wr@rosenauer.org
677ef48cf29b Firefox 35.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 824 diff changeset	671
677ef48cf29b Firefox 35.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 824 diff changeset	672	- update to Firefox 35.0 (bnc#910669)
827 3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	673	notable features:
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	674	* Firefox Hello with new rooms-based conversations model
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	675	* Implemented HTTP Public Key Pinning Extension (for enhanced
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	676	authentication of encrypted connections)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	677	security fixes:
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	678	* MFSA 2015-01/CVE-2014-8634/CVE-2014-8635
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	679	Miscellaneous memory safety hazards
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	680	* MFSA 2015-02/CVE-2014-8637 (bmo#1094536)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	681	Uninitialized memory use during bitmap rendering
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	682	* MFSA 2015-03/CVE-2014-8638 (bmo#1080987)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	683	sendBeacon requests lack an Origin header
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	684	* MFSA 2015-04/CVE-2014-8639 (bmo#1095859)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	685	Cookie injection through Proxy Authenticate responses
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	686	* MFSA 2015-05/CVE-2014-8640 (bmo#1100409)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	687	Read of uninitialized memory in Web Audio
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	688	* MFSA 2015-06/CVE-2014-8641 (bmo#1108455)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	689	Read-after-free in WebRTC
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	690	* MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	691	Gecko Media Plugin sandbox escape
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	692	* MFSA 2015-08/CVE-2014-8642 (bmo#1079658)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	693	Delegated OCSP responder certificates failure with
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	694	id-pkix-ocsp-nocheck extension
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	695	* MFSA 2015-09/CVE-2014-8636 (bmo#987794)
3caf8b25f146 merge from ff35 Wolfgang Rosenauer <wr@rosenauer.org> parents: 826 diff changeset	696	XrayWrapper bypass through DOM objects
807 f54c68340963 Aurora 35.0 (20141115) uplift Wolfgang Rosenauer <wr@rosenauer.org> parents: 806 diff changeset	697	- rebased patches
809 af47260a332c morphed Aurora packaging into Firefox Developer Edition Wolfgang Rosenauer <wr@rosenauer.org> parents: 807 diff changeset	698	- dropped explicit support for everything older than 12.3
af47260a332c morphed Aurora packaging into Firefox Developer Edition Wolfgang Rosenauer <wr@rosenauer.org> parents: 807 diff changeset	699	(including SLES11)
af47260a332c morphed Aurora packaging into Firefox Developer Edition Wolfgang Rosenauer <wr@rosenauer.org> parents: 807 diff changeset	700	* merge firefox-kde.patch and firefox-kde-114.patch
af47260a332c morphed Aurora packaging into Firefox Developer Edition Wolfgang Rosenauer <wr@rosenauer.org> parents: 807 diff changeset	701	* dropped mozilla-sle11.patch
af47260a332c morphed Aurora packaging into Firefox Developer Edition Wolfgang Rosenauer <wr@rosenauer.org> parents: 807 diff changeset	702	- reworked specfile to build conditionally based on release channel
af47260a332c morphed Aurora packaging into Firefox Developer Edition Wolfgang Rosenauer <wr@rosenauer.org> parents: 807 diff changeset	703	either Firefox or Firefox Developer Edition
af47260a332c morphed Aurora packaging into Firefox Developer Edition Wolfgang Rosenauer <wr@rosenauer.org> parents: 807 diff changeset	704	- added mozilla-openaes-decl.patch to fix implicit declarations
819 5a18bd66e46c [Bug 908892] Updated Firefox (33.0-1.90.1 -> 34.0.5-1.94.3) crashes in tracker-miner-firefox Wolfgang Rosenauer <wr@rosenauer.org> parents: 818 diff changeset	705	- obsolete tracker-miner-firefox < 0.15 because it leads to startup
5a18bd66e46c [Bug 908892] Updated Firefox (33.0-1.90.1 -> 34.0.5-1.94.3) crashes in tracker-miner-firefox Wolfgang Rosenauer <wr@rosenauer.org> parents: 818 diff changeset	706	crashes (bnc#908892)
807 f54c68340963 Aurora 35.0 (20141115) uplift Wolfgang Rosenauer <wr@rosenauer.org> parents: 806 diff changeset	707
f54c68340963 Aurora 35.0 (20141115) uplift Wolfgang Rosenauer <wr@rosenauer.org> parents: 806 diff changeset	708	-------------------------------------------------------------------
820 419e95018725 fix bashism in mozilla.sh script Led <ledest@gmail.com> parents: 813 diff changeset	709	Sat Dec 13 22:13:00 UTC 2014 - Led <ledest@gmail.com>
419e95018725 fix bashism in mozilla.sh script Led <ledest@gmail.com> parents: 813 diff changeset	710
419e95018725 fix bashism in mozilla.sh script Led <ledest@gmail.com> parents: 813 diff changeset	711	- fix bashism in mozilla.sh script
419e95018725 fix bashism in mozilla.sh script Led <ledest@gmail.com> parents: 813 diff changeset	712
419e95018725 fix bashism in mozilla.sh script Led <ledest@gmail.com> parents: 813 diff changeset	713	-------------------------------------------------------------------
813 9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	714	Sat Nov 29 21:23:03 UTC 2014 - wr@rosenauer.org
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	715
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	716	- update to Firefox 34.0.5 (bnc#908009)
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	717	* Default search engine changed to Yahoo! for North America
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	718	* Default search engine changed to Yandex for Belarusian, Kazakh,
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	719	and Russian locales
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	720	* Improved search bar (en-US only)
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	721	* Firefox Hello real-time communication client
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	722	* Easily switch themes/personas directly in the Customizing mode
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	723	* Implementation of HTTP/2 (draft14) and ALPN
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	724	* Disabled SSLv3
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	725	* MFSA 2014-83/CVE-2014-1587/CVE-2014-1588
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	726	Miscellaneous memory safety hazards
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	727	* MFSA 2014-84/CVE-2014-1589 (bmo#1043787)
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	728	XBL bindings accessible via improper CSS declarations
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	729	* MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	730	XMLHttpRequest crashes with some input streams
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	731	* MFSA 2014-86/CVE-2014-1591 (bmo#1069762)
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	732	CSP leaks redirect data via violation reports
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	733	* MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	734	Use-after-free during HTML5 parsing
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	735	* MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	736	Buffer overflow while parsing media content
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	737	* MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	738	Bad casting from the BasicThebesLayer to BasicContainerLayer
9e3063dcc69e Firefox 34.0.5 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 811 diff changeset	739	- rebased patches
806 c08299311cbc 34.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 805 diff changeset	740	- limit linker memory usage for %ix86
807 f54c68340963 Aurora 35.0 (20141115) uplift Wolfgang Rosenauer <wr@rosenauer.org> parents: 806 diff changeset	741	- rebased patches
805 e14da82b1332 34.0b8 Wolfgang Rosenauer <wr@rosenauer.org> parents: 802 diff changeset	742
e14da82b1332 34.0b8 Wolfgang Rosenauer <wr@rosenauer.org> parents: 802 diff changeset	743	-------------------------------------------------------------------
801 f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	744	Fri Nov 7 20:14:32 UTC 2014 - wr@rosenauer.org
787 f4578fb6fcc3 33.1 preparation Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	745
f4578fb6fcc3 33.1 preparation Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	746	- update to Firefox 33.1
802 6c8dd9468bcc 33.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 801 diff changeset	747	* Adding DuckDuckGo as a search option (upstream)
6c8dd9468bcc 33.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 801 diff changeset	748	* Forget Button added
6c8dd9468bcc 33.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 801 diff changeset	749	* Enhanced Tiles
6c8dd9468bcc 33.1 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 801 diff changeset	750	* Privacy tour introduced
797 3b2d52457c91 fix typo on Recommends Wolfgang Rosenauer <wr@rosenauer.org> parents: 789 diff changeset	751	- fix typo in GStreamer Recommends
787 f4578fb6fcc3 33.1 preparation Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	752
f4578fb6fcc3 33.1 preparation Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	753	-------------------------------------------------------------------
801 f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	754	Tue Nov 4 18:00:35 UTC 2014 - guillaume@opensuse.org
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	755
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	756	- Disable elf-hack for aarch64
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	757	- Enable EGL for aarch64
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	758	- Limit RAM usage during link for %arm
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	759	- Fix _constraints for ARM
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	760
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	761	-------------------------------------------------------------------
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	762	Mon Nov 3 11:36:04 UTC 2014 - dmueller@suse.com
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	763
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	764	- use proper macros for ARM
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	765
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	766	-------------------------------------------------------------------
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	767	Mon Nov 3 11:26:23 UTC 2014 - josua.mayer97@gmail.com
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	768
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	769	- use '--disable-optimize' not only on 32-bit x86, but on 32-bit arm too
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	770	to fix compiling.
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	771	- pass '-Wl,--no-keep-memory' to linker to reduce required memory during
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	772	linking on arm.
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	773
f5f6f5547c2b merge changes from OBS Factory submissions Wolfgang Rosenauer <wr@rosenauer.org> parents: 797 diff changeset	774	-------------------------------------------------------------------
788 af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	775	Thu Oct 30 11:31:05 UTC 2014 - wr@rosenauer.org
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	776
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	777	- update to Firefox 33.0.2
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	778	* Fix a startup crash with some combination of hardware and drivers
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	779	33.0.1
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	780	* Firefox displays a black screen at start-up with certain
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	781	graphics drivers
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	782	- adjusted _constraints for ARM
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	783
af4f96c38fd9 33.0.2 Wolfgang Rosenauer <wr@rosenauer.org> parents: 786 diff changeset	784	-------------------------------------------------------------------
786 f721a3dea219 added fix for bmo1088588 <josua.mayer97@gmail.com> parents: 785 diff changeset	785	Tue Oct 28 15:23:09 UTC 2014 - josua.mayer97@gmail.com
f721a3dea219 added fix for bmo1088588 <josua.mayer97@gmail.com> parents: 785 diff changeset	786
f721a3dea219 added fix for bmo1088588 <josua.mayer97@gmail.com> parents: 785 diff changeset	787	- added mozilla-bmo1088588.patch to fix build with EGL (bmo#1088588)
785 56f82b5e7ce7 33.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 781 diff changeset	788
56f82b5e7ce7 33.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 781 diff changeset	789	-------------------------------------------------------------------
781 4ee017942f28 use /usr/share/myspell directly and remove add-plugins.sh Wolfgang Rosenauer <wr@rosenauer.org> parents: 780 diff changeset	790	Sat Oct 25 08:45:43 UTC 2014 - wr@rosenauer.org
4ee017942f28 use /usr/share/myspell directly and remove add-plugins.sh Wolfgang Rosenauer <wr@rosenauer.org> parents: 780 diff changeset	791
4ee017942f28 use /usr/share/myspell directly and remove add-plugins.sh Wolfgang Rosenauer <wr@rosenauer.org> parents: 780 diff changeset	792	- define /usr/share/myspell as additional dictionary location
4ee017942f28 use /usr/share/myspell directly and remove add-plugins.sh Wolfgang Rosenauer <wr@rosenauer.org> parents: 780 diff changeset	793	and remove add-plugins.sh finally (bnc#900639)
4ee017942f28 use /usr/share/myspell directly and remove add-plugins.sh Wolfgang Rosenauer <wr@rosenauer.org> parents: 780 diff changeset	794
4ee017942f28 use /usr/share/myspell directly and remove add-plugins.sh Wolfgang Rosenauer <wr@rosenauer.org> parents: 780 diff changeset	795	-------------------------------------------------------------------
780 c20a07035a80 use Firefox default optimization flags instead of -Os Wolfgang Rosenauer <wr@rosenauer.org> parents: 777 diff changeset	796	Sun Oct 19 12:59:28 UTC 2014 - vindex17@outlook.it
c20a07035a80 use Firefox default optimization flags instead of -Os Wolfgang Rosenauer <wr@rosenauer.org> parents: 777 diff changeset	797
c20a07035a80 use Firefox default optimization flags instead of -Os Wolfgang Rosenauer <wr@rosenauer.org> parents: 777 diff changeset	798	- use Firefox default optimization flags instead of -Os
c20a07035a80 use Firefox default optimization flags instead of -Os Wolfgang Rosenauer <wr@rosenauer.org> parents: 777 diff changeset	799	- specfile cleanup
c20a07035a80 use Firefox default optimization flags instead of -Os Wolfgang Rosenauer <wr@rosenauer.org> parents: 777 diff changeset	800
c20a07035a80 use Firefox default optimization flags instead of -Os Wolfgang Rosenauer <wr@rosenauer.org> parents: 777 diff changeset	801	-------------------------------------------------------------------
777 f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	802	Wed Oct 15 08:05:33 UTC 2014 - wr@rosenauer.org
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	803
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	804	- fix build for all ppc by not enabling elf-hack
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	805	(bnc#901213)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	806
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	807	-------------------------------------------------------------------
776 fd46c2b70724 prepare 33.0 final release Wolfgang Rosenauer <wr@rosenauer.org> parents: 774 diff changeset	808	Sat Oct 11 08:48:24 UTC 2014 - wr@rosenauer.org
fd46c2b70724 prepare 33.0 final release Wolfgang Rosenauer <wr@rosenauer.org> parents: 774 diff changeset	809
777 f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	810	- update to Firefox 33.0 (bnc#900941)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	811	New features:
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	812	* OpenH264 support (sandboxed)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	813	* Enhanced Tiles
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	814	* Improved search experience through the location bar
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	815	* Slimmer and faster JavaScript strings
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	816	* New CSP (Content Security Policy) backend
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	817	* Support for connecting to HTTP proxy over HTTPS
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	818	* Improved reliability of the session restoration
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	819	* Proprietary window.crypto properties/functions removed
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	820	Security:
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	821	* MFSA 2014-74/CVE-2014-1574/CVE-2014-1575
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	822	Miscellaneous memory safety hazards
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	823	* MFSA 2014-75/CVE-2014-1576 (bmo#1041512)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	824	Buffer overflow during CSS manipulation
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	825	* MFSA 2014-76/CVE-2014-1577 (bmo#1012609)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	826	Web Audio memory corruption issues with custom waveforms
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	827	* MFSA 2014-77/CVE-2014-1578 (bmo#1063327)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	828	Out-of-bounds write with WebM video
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	829	* MFSA 2014-78/CVE-2014-1580 (bmo#1063733)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	830	Further uninitialized memory use during GIF rendering
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	831	* MFSA 2014-79/CVE-2014-1581 (bmo#1068218)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	832	Use-after-free interacting with text directionality
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	833	* MFSA 2014-80/CVE-2014-1582/CVE-2014-1584 (bmo#1049095, bmo#1066190)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	834	Key pinning bypasses
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	835	* MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	836	Inconsistent video sharing within iframe
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	837	* MFSA 2014-82/CVE-2014-1583 (bmo#1015540)
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	838	Accessing cross-origin objects via the Alarms API
f1c5ccf4d1a7 changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 776 diff changeset	839	(only relevant for installed web apps)
765 0955f22b3f4f changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 761 diff changeset	840	- requires NSPR 4.10.7
773 22545f50497c update to 33.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 769 diff changeset	841	- requires NSS 3.17.1
776 fd46c2b70724 prepare 33.0 final release Wolfgang Rosenauer <wr@rosenauer.org> parents: 774 diff changeset	842	- removed obsolete patches:
773 22545f50497c update to 33.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 769 diff changeset	843	* mozilla-ppc.patch
776 fd46c2b70724 prepare 33.0 final release Wolfgang Rosenauer <wr@rosenauer.org> parents: 774 diff changeset	844	* mozilla-libproxy-compat.patch
774 f61bd1cd52c2 added basic appstream appdata information Wolfgang Rosenauer <wr@rosenauer.org> parents: 773 diff changeset	845	- added basic appdata information
769 c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	846
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	847	-------------------------------------------------------------------
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	848	Sat Sep 20 13:33:51 UTC 2014 - wr@rosenauer.org
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	849
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	850	- update to Firefox 32.0.2
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	851	* just a version bump for our builds
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	852	* fixed the in application update process for certain environments
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	853	(in application update is not enabled in openSUSE and Linux
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	854	is unaffected in any case)
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	855	- build with --disable-optimize for 13.1 and above for i586 to
c9242a00cc3d 33.0b5 Wolfgang Rosenauer <wr@rosenauer.org> parents: 767 diff changeset	856	workaround miscompilations (bnc#896624)
767 416800f5b222 33.0b4 Wolfgang Rosenauer <wr@rosenauer.org> parents: 765 diff changeset	857	- use some more build flags to align with upstream
765 0955f22b3f4f changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 761 diff changeset	858
0955f22b3f4f changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 761 diff changeset	859	-------------------------------------------------------------------
761 c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	860	Sat Sep 13 16:58:16 UTC 2014 - wr@rosenauer.org
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	861
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	862	- update to Firefox 32.0.1
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	863	* fixed stability issues for computers with multiple graphics cards
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	864	* mixed content icon may be incorrectly displayed instead of lock
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	865	icon for SSL sites in 32.0 (
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	866	* WebRTC: setRemoteDescription() silently fails if no success
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	867	callback is specified (bmo#1063971)
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	868
c748af0c7534 update to 32.0.1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 759 diff changeset	869	-------------------------------------------------------------------
759 b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	870	Sun Aug 31 07:44:54 UTC 2014 - wr@rosenauer.org
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	871
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	872	- update to Firefox 32.0 (bnc#894370)
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	873	* MFSA 2014-67/CVE-2014-1553/CVE-2014-1554/CVE-2014-1562
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	874	Miscellaneous memory safety hazards
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	875	* MFSA 2014-68/CVE-2014-1563 (bmo#1018524)
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	876	Use-after-free during DOM interactions with SVG
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	877	* MFSA 2014-69/CVE-2014-1564 (bmo#1045977)
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	878	Uninitialized memory use during GIF rendering
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	879	* MFSA 2014-70/CVE-2014-1565 (bmo#1047831)
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	880	Out-of-bounds read in Web Audio audio timeline
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	881	* MFSA 2014-72/CVE-2014-1567 (bmo#1037641)
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	882	Use-after-free setting text directionality
748 72ba5129e5fd full rebase to Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 746 diff changeset	883	- rebased patches
756 e4fa9844604e update to beta8 Wolfgang Rosenauer <wr@rosenauer.org> parents: 753 diff changeset	884	- requires NSS 3.16.4
748 72ba5129e5fd full rebase to Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 746 diff changeset	885	- removed upstreamed patch
72ba5129e5fd full rebase to Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 746 diff changeset	886	* mozilla-aarch64-bmo-810631.patch
72ba5129e5fd full rebase to Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 746 diff changeset	887
72ba5129e5fd full rebase to Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 746 diff changeset	888	-------------------------------------------------------------------
759 b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	889	Wed Aug 20 13:50:58 CEST 2014 - behlert@suse.de
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	890
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	891	- adapted _constraints, used more than 3900MB on s390x during
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	892	last build
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	893
b2ae89c6dea9 Firefox 32.0 goes production Wolfgang Rosenauer <wr@rosenauer.org> parents: 756 diff changeset	894	-------------------------------------------------------------------
753 f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	895	Sun Jul 20 18:11:44 UTC 2014 - wr@rosenauer.org
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	896
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	897	- update to Firefox 31.0 (bnc#887746)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	898	* MFSA 2014-56/CVE-2014-1547/CVE-2014-1548
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	899	Miscellaneous memory safety hazards
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	900	* MFSA 2014-57/CVE-2014-1549 (bmo#1020205)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	901	Buffer overflow during Web Audio buffering for playback
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	902	* MFSA 2014-58/CVE-2014-1550 (bmo#1020411)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	903	Use-after-free in Web Audio due to incorrect control message ordering
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	904	* MFSA 2014-60/CVE-2014-1561 (bmo#1000514, bmo#910375)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	905	Toolbar dialog customization event spoofing
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	906	* MFSA 2014-61/CVE-2014-1555 (bmo#1023121)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	907	Use-after-free with FireOnStateChange event
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	908	* MFSA 2014-62/CVE-2014-1556 (bmo#1028891)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	909	Exploitable WebGL crash with Cesium JavaScript library
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	910	* MFSA 2014-63/CVE-2014-1544 (bmo#963150)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	911	Use-after-free while when manipulating certificates in the trusted cache
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	912	(solved with NSS 3.16.2 requirement)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	913	* MFSA 2014-64/CVE-2014-1557 (bmo#913805)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	914	Crash in Skia library when scaling high quality images
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	915	* MFSA 2014-65/CVE-2014-1558/CVE-2014-1559/CVE-2014-1560
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	916	(bmo#1015973, bmo#1026022, bmo#997795)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	917	Certificate parsing broken by non-standard character encoding
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	918	* MFSA 2014-66/CVE-2014-1552 (bmo#985135)
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	919	IFRAME sandbox same-origin access through redirect
f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	920	- use EGL on ARM
746 b441942b2a3f update meta data for Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 744 diff changeset	921	- rebased patches
b441942b2a3f update meta data for Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 744 diff changeset	922	- requires NSS 3.16.2
753 f3bf114c6639 Firefox 32.0b3 Wolfgang Rosenauer <wr@rosenauer.org> parents: 748 diff changeset	923	- requires python-devel (not only python)
746 b441942b2a3f update meta data for Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 744 diff changeset	924
b441942b2a3f update meta data for Aurora 32 Wolfgang Rosenauer <wr@rosenauer.org> parents: 744 diff changeset	925	-------------------------------------------------------------------
744 e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	926	Mon Jun 9 08:28:17 UTC 2014 - wr@rosenauer.org
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	927
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	928	- update to Firefox 30.0 (bnc#881874)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	929	* MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	930	(bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	931	bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	932	bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	933	bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	934	bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	935	bmo#1009952, bmo#1011007)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	936	Miscellaneous memory safety hazards (rv:30.0)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	937	* MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	938	(bmo#989994, bmo#999274, bmo#1005584)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	939	Use-after-free and out of bounds issues found using Address
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	940	Sanitizer
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	941	* MFSA 2014-50/CVE-2014-1539 (bmo#995603)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	942	Clickjacking through cursor invisability after Flash interaction
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	943	* MFSA 2014-51/CVE-2014-1540 (bmo#978862)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	944	Use-after-free in Event Listener Manager
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	945	* MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	946	Use-after-free with SMIL Animation Controller
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	947	* MFSA 2014-53/CVE-2014-1542 (bmo#991533)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	948	Buffer overflow in Web Audio Speex resampler
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	949	* MFSA 2014-54/CVE-2014-1543 (bmo#1011859)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	950	Buffer overflow in Gamepad API
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	951	* MFSA 2014-55/CVE-2014-1545 (bmo#1018783)
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	952	Out of bounds write in NSPR
733 b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	953	- rebased patches
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	954	- removed obsolete patches
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	955	* firefox-browser-css.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	956	* mozilla-aarch64-bmo-962488.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	957	* mozilla-aarch64-bmo-963023.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	958	* mozilla-aarch64-bmo-963024.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	959	* mozilla-aarch64-bmo-963027.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	960	* mozilla-ppc64-xpcom.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	961	* mozilla-ppc64le-javascript.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	962	* mozilla-ppc64le-libffi.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	963	* mozilla-ppc64le-mfbt.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	964	* mozilla-ppc64le-webrtc.patch
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	965	* mozilla-ppc64le-xpcom.patch
744 e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	966	* mozilla-ppc64le-build.patch
e2d94ddb82f0 manual merge from 30.0 release Wolfgang Rosenauer <wr@rosenauer.org> parents: 738 diff changeset	967	- requires NSPR 4.10.6
725 b688c34894ee minor updates Wolfgang Rosenauer <wr@rosenauer.org> parents: 718 diff changeset	968	- enabled GStreamer 1.0 usage for 13.2 and above
b688c34894ee minor updates Wolfgang Rosenauer <wr@rosenauer.org> parents: 718 diff changeset	969
b688c34894ee minor updates Wolfgang Rosenauer <wr@rosenauer.org> parents: 718 diff changeset	970	-------------------------------------------------------------------
738 f118b88b7d7f Aurora 31 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 733 diff changeset	971	Sat May 10 06:09:37 UTC 2014 - wr@rosenauer.org
f118b88b7d7f Aurora 31 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 733 diff changeset	972
f118b88b7d7f Aurora 31 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 733 diff changeset	973	- update to Firefox 29.0.1
f118b88b7d7f Aurora 31 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 733 diff changeset	974	* Seer disabled by default (bmo#1005958)
f118b88b7d7f Aurora 31 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 733 diff changeset	975	* Session Restore failed with a corrupted sessionstore.js file
f118b88b7d7f Aurora 31 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 733 diff changeset	976	(bmo#1001167)
f118b88b7d7f Aurora 31 update Wolfgang Rosenauer <wr@rosenauer.org> parents: 733 diff changeset	977	* pdf.js printing white page (bmo#1003707, bnc#876833)
733 b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	978	- general.useragent.locale gets overwritten with en-US while it
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	979	should be using the active langpack's setting
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	980
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	981	-------------------------------------------------------------------
727 727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	982	Sat Apr 26 12:18:07 UTC 2014 - wr@rosenauer.org
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	983
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	984	- update to Firefox 29.0 (bnc#875378)
733 b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	985	* MFSA 2014-34/CVE-2014-1518/CVE-2014-1519
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	986	Miscellaneous memory safety hazards
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	987	* MFSA 2014-36/CVE-2014-1522 (bmo#995289)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	988	Web Audio memory corruption issues
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	989	* MFSA 2014-37/CVE-2014-1523 (bmo#969226)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	990	Out of bounds read while decoding JPG images
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	991	* MFSA 2014-38/CVE-2014-1524 (bmo#989183)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	992	Buffer overflow when using non-XBL object as XBL
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	993	* MFSA 2014-39/CVE-2014-1525 (bmo#989210)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	994	Use-after-free in the Text Track Manager for HTML video
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	995	* MFSA 2014-41/CVE-2014-1528 (bmo#963962)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	996	Out-of-bounds write in Cairo
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	997	* MFSA 2014-42/CVE-2014-1529 (bmo#987003)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	998	Privilege escalation through Web Notification API
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	999	* MFSA 2014-43/CVE-2014-1530 (bmo#895557)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1000	Cross-site scripting (XSS) using history navigations
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1001	* MFSA 2014-44/CVE-2014-1531 (bmo#987140)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1002	Use-after-free in imgLoader while resizing images
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1003	* MFSA 2014-45/CVE-2014-1492 (bmo#903885)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1004	Incorrect IDNA domain name matching for wildcard certificates
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1005	(fixed by NSS 3.16)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1006	* MFSA 2014-46/CVE-2014-1532 (bmo#966006)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1007	Use-after-free in nsHostResolver
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1008	* MFSA 2014-47/CVE-2014-1526 (bmo#988106)
b2202fea7983 manual forward merge from 29 and 30 branches Wolfgang Rosenauer <wr@rosenauer.org> parents: 727 diff changeset	1009	Debugger can bypass XrayWrappers with JavaScript
727 727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	1010	- rebased patches
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	1011	- removed obsolete patches
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	1012	* firefox-browser-css.patch
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	1013	* mozilla-aarch64-599882cfb998.diff
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	1014	* mozilla-aarch64-bmo-963028.patch
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	1015	* mozilla-aarch64-bmo-963029.patch
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	1016	* mozilla-aarch64-bmo-963030.patch
727fef76f8d7 manual merge from firefox29 Wolfgang Rosenauer <wr@rosenauer.org> parents: 725 diff changeset	1017	* mozilla-aarch64-bmo-963031.patch
716 cef565f1c325 update to Firefox 29.0b7 Wolfgang Rosenauer <wr@rosenauer.org> parents: 715 diff changeset	1018	- requires NSS 3.16
cef565f1c325 update to Firefox 29.0b7 Wolfgang Rosenauer <wr@rosenauer.org> parents: 715 diff changeset	1019	- added mozilla-icu-strncat.patch to fix post build checks
cef565f1c325 update to Firefox 29.0b7 Wolfgang Rosenauer <wr@rosenauer.org> parents: 715 diff changeset	1020
cef565f1c325 update to Firefox 29.0b7 Wolfgang Rosenauer <wr@rosenauer.org> parents: 715 diff changeset	1021	-------------------------------------------------------------------
715 e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1022	Mon Apr 7 15:34:31 UTC 2014 - dmueller@suse.com
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1023
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1024	- add mozilla-aarch64-599882cfb998.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1025	mozilla-aarch64-bmo-810631.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1026	mozilla-aarch64-bmo-962488.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1027	mozilla-aarch64-bmo-963030.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1028	mozilla-aarch64-bmo-963027.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1029	mozilla-aarch64-bmo-963028.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1030	mozilla-aarch64-bmo-963029.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1031	mozilla-aarch64-bmo-963023.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1032	mozilla-aarch64-bmo-963024.patch,
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1033	mozilla-aarch64-bmo-963031.patch: AArch64 porting
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1034
e1c226a4de34 AArch64 porting Dirk M?ller <dmueller@suse.com> parents: 714 diff changeset	1035	-------------------------------------------------------------------
714 b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1036	Mon Mar 24 16:18:44 UTC 2014 - dvaleev@suse.com
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1037
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1038	- Add patch for bmo#973977
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1039	* mozilla-ppc64-xpcom.patch
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1040
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1041	-------------------------------------------------------------------
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1042	Mon Mar 24 14:29:12 UTC 2014 - dvaleev@suse.com
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1043
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1044	- Refresh mozilla-ppc64le-xpcom.patch patch
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1045
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1046	-------------------------------------------------------------------
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1047	Fri Mar 21 19:01:42 UTC 2014 - dvaleev@suse.com
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1048
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1049	- Adapt mozilla-ppc64le-xpcom.patch to Mozilla > 24.0 build system
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1050
b686e856c800 import PPC64(LE) changes from OBS Wolfgang Rosenauer <wr@rosenauer.org> parents: 712 diff changeset	1051	-------------------------------------------------------------------
711 012a5adf5c74 moved to mozilla-release (28.0build2) Wolfgang Rosenauer <wr@rosenauer.org> parents: 710 diff changeset	1052	Sun Mar 16 13:39:15 UTC 2014 - wr@rosenauer.org
012a5adf5c74 moved to mozilla-release (28.0build2) Wolfgang Rosenauer <wr@rosenauer.org> parents: 710 diff changeset	1053
712 427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1054	- update to Firefox 28.0 (bnc#868603)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1055	* MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1056	Miscellaneous memory safety hazards
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1057	* MFSA 2014-17/CVE-2014-1497 (bmo#966311)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1058	Out of bounds read during WAV file decoding
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1059	* MFSA 2014-18/CVE-2014-1498 (bmo#935618)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1060	crypto.generateCRMFRequest does not validate type of key
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1061	* MFSA 2014-19/CVE-2014-1499 (bmo#961512)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1062	Spoofing attack on WebRTC permission prompt
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1063	* MFSA 2014-20/CVE-2014-1500 (bmo#956524)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1064	onbeforeunload and Javascript navigation DOS
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1065	* MFSA 2014-22/CVE-2014-1502 (bmo#972622)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1066	WebGL content injection from one domain to rendering in another
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1067	* MFSA 2014-23/CVE-2014-1504 (bmo#911547)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1068	Content Security Policy for data: documents not preserved by
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1069	session restore
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1070	* MFSA 2014-26/CVE-2014-1508 (bmo#963198)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1071	Information disclosure through polygon rendering in MathML
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1072	* MFSA 2014-27/CVE-2014-1509 (bmo#966021)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1073	Memory corruption in Cairo during PDF font rendering
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1074	* MFSA 2014-28/CVE-2014-1505 (bmo#941887)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1075	SVG filters information disclosure through feDisplacementMap
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1076	* MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1077	Privilege escalation using WebIDL-implemented APIs
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1078	* MFSA 2014-30/CVE-2014-1512 (bmo#982957)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1079	Use-after-free in TypeObject
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1080	* MFSA 2014-31/CVE-2014-1513 (bmo#982974)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1081	Out-of-bounds read/write through neutering ArrayBuffer objects
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1082	* MFSA 2014-32/CVE-2014-1514 (bmo#983344)
427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1083	Out-of-bounds write through TypedArrayObject after neutering
707 bfa2e0576454 update to 28.0b9 Wolfgang Rosenauer <wr@rosenauer.org> parents: 705 diff changeset	1084	- requires NSPR 4.10.3 and NSS 3.15.5
712 427ae22e730e changelog Wolfgang Rosenauer <wr@rosenauer.org> parents: 711 diff changeset	1085	- new build dependency (and recommends):
703 c4aab80e472f Firefox 28.0beta1 Wolfgang Rosenauer <wr@rosenauer.org> parents: 700 diff changeset	1086	* libpulse
710 5341dc98d26c update of PPC64LE patches taken from Wolfgang Rosenauer <wr@rosenauer.org> parents: 707 diff changeset	1087	- update of PowerPC 64 patches (bmo#976648) (pcerny@suse.com)

author	Wolfgang Rosenauer <wr@rosenauer.org>
	Sat, 12 Mar 2016 08:51:29 +0100
branch	firefox45
changeset 904	6a889427cd4f
parent 903	83801946c93f
child 906	7e9a2b678bba
permissions	-rw-r--r--