755
|
1 |
-------------------------------------------------------------------
|
|
2 |
Sat Aug 30 10:53:59 UTC 2014 - wr@rosenauer.org
|
|
3 |
|
|
4 |
- renamed package to firefox-esr
|
|
5 |
|
|
6 |
-------------------------------------------------------------------
|
|
7 |
Fri Aug 29 16:39:43 UTC 2014 - wr@rosenauer.org
|
|
8 |
|
|
9 |
- update to Firefox 31.1.0esr (bnc#)
|
|
10 |
- changes to support compilation on 11.4
|
|
11 |
* explicit xz BuildRequires
|
|
12 |
* mozilla-nullptr-gcc45.patch
|
|
13 |
* remove unresolved makeinfo BuildRequires
|
|
14 |
|
|
15 |
-------------------------------------------------------------------
|
|
16 |
Sun Jul 20 18:11:44 UTC 2014 - wr@rosenauer.org
|
|
17 |
|
|
18 |
- update to Firefox 31.0 (bnc#887746)
|
|
19 |
* MFSA 2014-56/CVE-2014-1547/CVE-2014-1548
|
|
20 |
Miscellaneous memory safety hazards
|
|
21 |
* MFSA 2014-57/CVE-2014-1549 (bmo#1020205)
|
|
22 |
Buffer overflow during Web Audio buffering for playback
|
|
23 |
* MFSA 2014-58/CVE-2014-1550 (bmo#1020411)
|
|
24 |
Use-after-free in Web Audio due to incorrect control message ordering
|
|
25 |
* MFSA 2014-60/CVE-2014-1561 (bmo#1000514, bmo#910375)
|
|
26 |
Toolbar dialog customization event spoofing
|
|
27 |
* MFSA 2014-61/CVE-2014-1555 (bmo#1023121)
|
|
28 |
Use-after-free with FireOnStateChange event
|
|
29 |
* MFSA 2014-62/CVE-2014-1556 (bmo#1028891)
|
|
30 |
Exploitable WebGL crash with Cesium JavaScript library
|
|
31 |
* MFSA 2014-63/CVE-2014-1544 (bmo#963150)
|
|
32 |
Use-after-free while when manipulating certificates in the trusted cache
|
|
33 |
(solved with NSS 3.16.2 requirement)
|
|
34 |
* MFSA 2014-64/CVE-2014-1557 (bmo#913805)
|
|
35 |
Crash in Skia library when scaling high quality images
|
|
36 |
* MFSA 2014-65/CVE-2014-1558/CVE-2014-1559/CVE-2014-1560
|
|
37 |
(bmo#1015973, bmo#1026022, bmo#997795)
|
|
38 |
Certificate parsing broken by non-standard character encoding
|
|
39 |
* MFSA 2014-66/CVE-2014-1552 (bmo#985135)
|
|
40 |
IFRAME sandbox same-origin access through redirect
|
|
41 |
- use EGL on ARM
|
|
42 |
- rebased patches
|
|
43 |
- requires NSS 3.16.2
|
|
44 |
- requires python-devel (not only python)
|
|
45 |
|
|
46 |
-------------------------------------------------------------------
|
|
47 |
Mon Jun 9 08:28:17 UTC 2014 - wr@rosenauer.org
|
|
48 |
|
|
49 |
- update to Firefox 30.0 (bnc#881874)
|
|
50 |
* MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
|
|
51 |
(bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
|
|
52 |
bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
|
|
53 |
bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
|
|
54 |
bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
|
|
55 |
bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
|
|
56 |
bmo#1009952, bmo#1011007)
|
|
57 |
Miscellaneous memory safety hazards (rv:30.0)
|
|
58 |
* MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
|
|
59 |
(bmo#989994, bmo#999274, bmo#1005584)
|
|
60 |
Use-after-free and out of bounds issues found using Address
|
|
61 |
Sanitizer
|
|
62 |
* MFSA 2014-50/CVE-2014-1539 (bmo#995603)
|
|
63 |
Clickjacking through cursor invisability after Flash interaction
|
|
64 |
* MFSA 2014-51/CVE-2014-1540 (bmo#978862)
|
|
65 |
Use-after-free in Event Listener Manager
|
|
66 |
* MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
|
|
67 |
Use-after-free with SMIL Animation Controller
|
|
68 |
* MFSA 2014-53/CVE-2014-1542 (bmo#991533)
|
|
69 |
Buffer overflow in Web Audio Speex resampler
|
|
70 |
* MFSA 2014-54/CVE-2014-1543 (bmo#1011859)
|
|
71 |
Buffer overflow in Gamepad API
|
|
72 |
* MFSA 2014-55/CVE-2014-1545 (bmo#1018783)
|
|
73 |
Out of bounds write in NSPR
|
|
74 |
- rebased patches
|
|
75 |
- removed obsolete patches
|
|
76 |
* firefox-browser-css.patch
|
|
77 |
* mozilla-aarch64-bmo-962488.patch
|
|
78 |
* mozilla-aarch64-bmo-963023.patch
|
|
79 |
* mozilla-aarch64-bmo-963024.patch
|
|
80 |
* mozilla-aarch64-bmo-963027.patch
|
|
81 |
* mozilla-ppc64-xpcom.patch
|
|
82 |
* mozilla-ppc64le-javascript.patch
|
|
83 |
* mozilla-ppc64le-libffi.patch
|
|
84 |
* mozilla-ppc64le-mfbt.patch
|
|
85 |
* mozilla-ppc64le-webrtc.patch
|
|
86 |
* mozilla-ppc64le-xpcom.patch
|
|
87 |
* mozilla-ppc64le-build.patch
|
|
88 |
- requires NSPR 4.10.6
|
|
89 |
- enabled GStreamer 1.0 usage for 13.2 and above
|
|
90 |
|
|
91 |
-------------------------------------------------------------------
|
|
92 |
Sat May 10 06:09:37 UTC 2014 - wr@rosenauer.org
|
|
93 |
|
|
94 |
- update to Firefox 29.0.1
|
|
95 |
* Seer disabled by default (bmo#1005958)
|
|
96 |
* Session Restore failed with a corrupted sessionstore.js file
|
|
97 |
(bmo#1001167)
|
|
98 |
* pdf.js printing white page (bmo#1003707, bnc#876833)
|
|
99 |
- general.useragent.locale gets overwritten with en-US while it
|
|
100 |
should be using the active langpack's setting
|
|
101 |
|
|
102 |
-------------------------------------------------------------------
|
|
103 |
Sat Apr 26 12:18:07 UTC 2014 - wr@rosenauer.org
|
|
104 |
|
|
105 |
- update to Firefox 29.0 (bnc#875378)
|
|
106 |
* MFSA 2014-34/CVE-2014-1518/CVE-2014-1519
|
|
107 |
Miscellaneous memory safety hazards
|
|
108 |
* MFSA 2014-36/CVE-2014-1522 (bmo#995289)
|
|
109 |
Web Audio memory corruption issues
|
|
110 |
* MFSA 2014-37/CVE-2014-1523 (bmo#969226)
|
|
111 |
Out of bounds read while decoding JPG images
|
|
112 |
* MFSA 2014-38/CVE-2014-1524 (bmo#989183)
|
|
113 |
Buffer overflow when using non-XBL object as XBL
|
|
114 |
* MFSA 2014-39/CVE-2014-1525 (bmo#989210)
|
|
115 |
Use-after-free in the Text Track Manager for HTML video
|
|
116 |
* MFSA 2014-41/CVE-2014-1528 (bmo#963962)
|
|
117 |
Out-of-bounds write in Cairo
|
|
118 |
* MFSA 2014-42/CVE-2014-1529 (bmo#987003)
|
|
119 |
Privilege escalation through Web Notification API
|
|
120 |
* MFSA 2014-43/CVE-2014-1530 (bmo#895557)
|
|
121 |
Cross-site scripting (XSS) using history navigations
|
|
122 |
* MFSA 2014-44/CVE-2014-1531 (bmo#987140)
|
|
123 |
Use-after-free in imgLoader while resizing images
|
|
124 |
* MFSA 2014-45/CVE-2014-1492 (bmo#903885)
|
|
125 |
Incorrect IDNA domain name matching for wildcard certificates
|
|
126 |
(fixed by NSS 3.16)
|
|
127 |
* MFSA 2014-46/CVE-2014-1532 (bmo#966006)
|
|
128 |
Use-after-free in nsHostResolver
|
|
129 |
* MFSA 2014-47/CVE-2014-1526 (bmo#988106)
|
|
130 |
Debugger can bypass XrayWrappers with JavaScript
|
|
131 |
- rebased patches
|
|
132 |
- removed obsolete patches
|
|
133 |
* firefox-browser-css.patch
|
|
134 |
* mozilla-aarch64-599882cfb998.diff
|
|
135 |
* mozilla-aarch64-bmo-963028.patch
|
|
136 |
* mozilla-aarch64-bmo-963029.patch
|
|
137 |
* mozilla-aarch64-bmo-963030.patch
|
|
138 |
* mozilla-aarch64-bmo-963031.patch
|
|
139 |
- requires NSS 3.16
|
|
140 |
- added mozilla-icu-strncat.patch to fix post build checks
|
|
141 |
|
|
142 |
-------------------------------------------------------------------
|
|
143 |
Mon Apr 7 15:34:31 UTC 2014 - dmueller@suse.com
|
|
144 |
|
|
145 |
- add mozilla-aarch64-599882cfb998.patch,
|
|
146 |
mozilla-aarch64-bmo-810631.patch,
|
|
147 |
mozilla-aarch64-bmo-962488.patch,
|
|
148 |
mozilla-aarch64-bmo-963030.patch,
|
|
149 |
mozilla-aarch64-bmo-963027.patch,
|
|
150 |
mozilla-aarch64-bmo-963028.patch,
|
|
151 |
mozilla-aarch64-bmo-963029.patch,
|
|
152 |
mozilla-aarch64-bmo-963023.patch,
|
|
153 |
mozilla-aarch64-bmo-963024.patch,
|
|
154 |
mozilla-aarch64-bmo-963031.patch: AArch64 porting
|
|
155 |
|
|
156 |
-------------------------------------------------------------------
|
|
157 |
Mon Mar 24 16:18:44 UTC 2014 - dvaleev@suse.com
|
|
158 |
|
|
159 |
- Add patch for bmo#973977
|
|
160 |
* mozilla-ppc64-xpcom.patch
|
|
161 |
|
|
162 |
-------------------------------------------------------------------
|
|
163 |
Mon Mar 24 14:29:12 UTC 2014 - dvaleev@suse.com
|
|
164 |
|
|
165 |
- Refresh mozilla-ppc64le-xpcom.patch patch
|
|
166 |
|
|
167 |
-------------------------------------------------------------------
|
|
168 |
Fri Mar 21 19:01:42 UTC 2014 - dvaleev@suse.com
|
|
169 |
|
|
170 |
- Adapt mozilla-ppc64le-xpcom.patch to Mozilla > 24.0 build system
|
|
171 |
|
|
172 |
-------------------------------------------------------------------
|
|
173 |
Sun Mar 16 13:39:15 UTC 2014 - wr@rosenauer.org
|
|
174 |
|
|
175 |
- update to Firefox 28.0 (bnc#868603)
|
|
176 |
* MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
|
|
177 |
Miscellaneous memory safety hazards
|
|
178 |
* MFSA 2014-17/CVE-2014-1497 (bmo#966311)
|
|
179 |
Out of bounds read during WAV file decoding
|
|
180 |
* MFSA 2014-18/CVE-2014-1498 (bmo#935618)
|
|
181 |
crypto.generateCRMFRequest does not validate type of key
|
|
182 |
* MFSA 2014-19/CVE-2014-1499 (bmo#961512)
|
|
183 |
Spoofing attack on WebRTC permission prompt
|
|
184 |
* MFSA 2014-20/CVE-2014-1500 (bmo#956524)
|
|
185 |
onbeforeunload and Javascript navigation DOS
|
|
186 |
* MFSA 2014-22/CVE-2014-1502 (bmo#972622)
|
|
187 |
WebGL content injection from one domain to rendering in another
|
|
188 |
* MFSA 2014-23/CVE-2014-1504 (bmo#911547)
|
|
189 |
Content Security Policy for data: documents not preserved by
|
|
190 |
session restore
|
|
191 |
* MFSA 2014-26/CVE-2014-1508 (bmo#963198)
|
|
192 |
Information disclosure through polygon rendering in MathML
|
|
193 |
* MFSA 2014-27/CVE-2014-1509 (bmo#966021)
|
|
194 |
Memory corruption in Cairo during PDF font rendering
|
|
195 |
* MFSA 2014-28/CVE-2014-1505 (bmo#941887)
|
|
196 |
SVG filters information disclosure through feDisplacementMap
|
|
197 |
* MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
|
|
198 |
Privilege escalation using WebIDL-implemented APIs
|
|
199 |
* MFSA 2014-30/CVE-2014-1512 (bmo#982957)
|
|
200 |
Use-after-free in TypeObject
|
|
201 |
* MFSA 2014-31/CVE-2014-1513 (bmo#982974)
|
|
202 |
Out-of-bounds read/write through neutering ArrayBuffer objects
|
|
203 |
* MFSA 2014-32/CVE-2014-1514 (bmo#983344)
|
|
204 |
Out-of-bounds write through TypedArrayObject after neutering
|
|
205 |
- requires NSPR 4.10.3 and NSS 3.15.5
|
|
206 |
- new build dependency (and recommends):
|
|
207 |
* libpulse
|
|
208 |
- update of PowerPC 64 patches (bmo#976648) (pcerny@suse.com)
|
|
209 |
- rebased patches
|
|
210 |
|
|
211 |
-------------------------------------------------------------------
|
|
212 |
Mon Feb 17 11:59:28 UTC 2014 - wr@rosenauer.org
|
|
213 |
|
|
214 |
- update to Firefox 27.0.1
|
|
215 |
* Fixed stability issues with Greasemonkey and other JS that used
|
|
216 |
ClearTimeoutOrInterval
|
|
217 |
* JS math correctness issue (bmo#941381)
|
|
218 |
- incorporate Google API key for geolocation (bnc#864170)
|
|
219 |
- updated list of "other" locales in RPM requirements
|
|
220 |
|
|
221 |
-------------------------------------------------------------------
|
|
222 |
Tue Jan 28 15:45:41 UTC 2014 - wr@rosenauer.org
|
|
223 |
|
|
224 |
- update to Firefox 27.0 (bnc#861847)
|
|
225 |
* MFSA 2014-01/CVE-2014-1477/CVE-2014-1478
|
|
226 |
Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
|
|
227 |
* MFSA 2014-02/CVE-2014-1479 (bmo#911864)
|
|
228 |
Clone protected content with XBL scopes
|
|
229 |
* MFSA 2014-03/CVE-2014-1480 (bmo#916726)
|
|
230 |
UI selection timeout missing on download prompts
|
|
231 |
* MFSA 2014-04/CVE-2014-1482 (bmo#943803)
|
|
232 |
Incorrect use of discarded images by RasterImage
|
|
233 |
* MFSA 2014-05/CVE-2014-1483 (bmo#950427)
|
|
234 |
Information disclosure with *FromPoint on iframes
|
|
235 |
* MFSA 2014-06/CVE-2014-1484 (bmo#953993)
|
|
236 |
Profile path leaks to Android system log
|
|
237 |
* MFSA 2014-07/CVE-2014-1485 (bmo#910139)
|
|
238 |
XSLT stylesheets treated as styles in Content Security Policy
|
|
239 |
* MFSA 2014-08/CVE-2014-1486 (bmo#942164)
|
|
240 |
Use-after-free with imgRequestProxy and image proccessing
|
|
241 |
* MFSA 2014-09/CVE-2014-1487 (bmo#947592)
|
|
242 |
Cross-origin information leak through web workers
|
|
243 |
* MFSA 2014-10/CVE-2014-1489 (bmo#959531)
|
|
244 |
Firefox default start page UI content invokable by script
|
|
245 |
* MFSA 2014-11/CVE-2014-1488 (bmo#950604)
|
|
246 |
Crash when using web workers with asm.js
|
|
247 |
* MFSA 2014-12/CVE-2014-1490/CVE-2014-1491
|
|
248 |
(bmo#934545, bmo#930874, bmo#930857)
|
|
249 |
NSS ticket handling issues
|
|
250 |
* MFSA 2014-13/CVE-2014-1481(bmo#936056)
|
|
251 |
Inconsistent JavaScript handling of access to Window objects
|
|
252 |
- requires NSS 3.15.4 or higher
|
|
253 |
- rebased/reworked patches
|
|
254 |
- removed obsolete mozilla-bug929439.patch
|
|
255 |
|
|
256 |
-------------------------------------------------------------------
|
|
257 |
Thu Dec 12 21:19:54 UTC 2013 - uweigand@de.ibm.com
|
|
258 |
|
|
259 |
- Add support for powerpc64le-linux.
|
|
260 |
* mozilla-ppc64le.patch: general support
|
|
261 |
* mozilla-libffi-ppc64le.patch: libffi backport
|
|
262 |
* mozilla-xpcom-ppc64le.patch: port xpcom
|
|
263 |
- Add build fix from mainline.
|
|
264 |
* mozilla-bug929439.patch
|
|
265 |
|
|
266 |
-------------------------------------------------------------------
|
|
267 |
Sun Dec 8 20:26:23 UTC 2013 - wr@rosenauer.org
|
|
268 |
|
|
269 |
- update to Firefox 26.0 (bnc#854367, bnc#854370)
|
|
270 |
* rebased patches
|
|
271 |
* requires NSPR 4.10.2 and NSS 3.15.3.1
|
|
272 |
* MFSA 2013-104/CVE-2013-5609/CVE-2013-5610
|
|
273 |
Miscellaneous memory safety hazards
|
|
274 |
* MFSA 2013-105/CVE-2013-5611 (bmo#771294)
|
|
275 |
Application Installation doorhanger persists on navigation
|
|
276 |
* MFSA 2013-106/CVE-2013-5612 (bmo#871161)
|
|
277 |
Character encoding cross-origin XSS attack
|
|
278 |
* MFSA 2013-107/CVE-2013-5614 (bmo#886262)
|
|
279 |
Sandbox restrictions not applied to nested object elements
|
|
280 |
* MFSA 2013-108/CVE-2013-5616 (bmo#938341)
|
|
281 |
Use-after-free in event listeners
|
|
282 |
* MFSA 2013-109/CVE-2013-5618 (bmo#926361)
|
|
283 |
Use-after-free during Table Editing
|
|
284 |
* MFSA 2013-110/CVE-2013-5619 (bmo#917841)
|
|
285 |
Potential overflow in JavaScript binary search algorithms
|
|
286 |
* MFSA 2013-111/CVE-2013-6671 (bmo#930281)
|
|
287 |
Segmentation violation when replacing ordered list elements
|
|
288 |
* MFSA 2013-112/CVE-2013-6672 (bmo#894736)
|
|
289 |
Linux clipboard information disclosure though selection paste
|
|
290 |
* MFSA 2013-113/CVE-2013-6673 (bmo#970380)
|
|
291 |
Trust settings for built-in roots ignored during EV certificate
|
|
292 |
validation
|
|
293 |
* MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449)
|
|
294 |
Use-after-free in synthetic mouse movement
|
|
295 |
* MFSA 2013-115/CVE-2013-5615 (bmo#929261)
|
|
296 |
GetElementIC typed array stubs can be generated outside observed
|
|
297 |
typesets
|
|
298 |
* MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693)
|
|
299 |
JPEG information leak
|
|
300 |
* MFSA 2013-117 (bmo#946351)
|
|
301 |
Mis-issued ANSSI/DCSSI certificate
|
|
302 |
(fixed via NSS 3.15.3.1)
|
|
303 |
- removed gecko.js preference file as GStreamer is enabled by
|
|
304 |
default now
|
|
305 |
|
|
306 |
-------------------------------------------------------------------
|
|
307 |
Thu Oct 24 18:16:19 UTC 2013 - wr@rosenauer.org
|
|
308 |
|
|
309 |
- update to Firefox 25.0 (bnc#847708)
|
|
310 |
* rebased patches
|
|
311 |
* requires NSS 3.15.2 or above
|
|
312 |
* MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
|
|
313 |
Miscellaneous memory safety hazards
|
|
314 |
* MFSA 2013-94/CVE-2013-5593 (bmo#868327)
|
|
315 |
Spoofing addressbar through SELECT element
|
|
316 |
* MFSA 2013-95/CVE-2013-5604 (bmo#914017)
|
|
317 |
Access violation with XSLT and uninitialized data
|
|
318 |
* MFSA 2013-96/CVE-2013-5595 (bmo#916580)
|
|
319 |
Improperly initialized memory and overflows in some JavaScript
|
|
320 |
functions
|
|
321 |
* MFSA 2013-97/CVE-2013-5596 (bmo#910881)
|
|
322 |
Writing to cycle collected object during image decoding
|
|
323 |
* MFSA 2013-98/CVE-2013-5597 (bmo#918864)
|
|
324 |
Use-after-free when updating offline cache
|
|
325 |
* MFSA 2013-99/CVE-2013-5598 (bmo#920515)
|
|
326 |
Security bypass of PDF.js checks using iframes
|
|
327 |
* MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
|
|
328 |
(bmo#915210, bmo#915576, bmo#916685)
|
|
329 |
Miscellaneous use-after-free issues found through ASAN fuzzing
|
|
330 |
* MFSA 2013-101/CVE-2013-5602 (bmo#897678)
|
|
331 |
Memory corruption in workers
|
|
332 |
* MFSA 2013-102/CVE-2013-5603 (bmo#916404)
|
|
333 |
Use-after-free in HTML document templates
|
|
334 |
|
|
335 |
-------------------------------------------------------------------
|
|
336 |
Tue Sep 24 07:31:30 UTC 2013 - wr@rosenauer.org
|
|
337 |
|
|
338 |
- as GStreamer is not automatically required anymore but loaded
|
|
339 |
dynamically if available, require it explicitely
|
|
340 |
- recommend optional GStreamer plugins for comprehensive media
|
|
341 |
support
|
|
342 |
|
|
343 |
-------------------------------------------------------------------
|
|
344 |
Mon Sep 16 11:59:18 UTC 2013 - lnussel@suse.de
|
|
345 |
|
|
346 |
- move greek to the translations-common package (bnc#840551)
|
|
347 |
|
|
348 |
-------------------------------------------------------------------
|
|
349 |
Sat Sep 14 14:39:58 UTC 2013 - wr@rosenauer.org
|
|
350 |
|
|
351 |
- update to Firefox 24.0 (bnc#840485)
|
|
352 |
* MFSA 2013-76/CVE-2013-1718/CVE-2013-1719
|
|
353 |
Miscellaneous memory safety hazards
|
|
354 |
* MFSA 2013-77/CVE-2013-1720 (bmo#888820)
|
|
355 |
Improper state in HTML5 Tree Builder with templates
|
|
356 |
* MFSA 2013-78/CVE-2013-1721 (bmo#890277)
|
|
357 |
Integer overflow in ANGLE library
|
|
358 |
* MFSA 2013-79/CVE-2013-1722 (bmo#893308)
|
|
359 |
Use-after-free in Animation Manager during stylesheet cloning
|
|
360 |
* MFSA 2013-80/CVE-2013-1723 (bmo#891292)
|
|
361 |
NativeKey continues handling key messages after widget is destroyed
|
|
362 |
* MFSA 2013-81/CVE-2013-1724 (bmo#894137)
|
|
363 |
Use-after-free with select element
|
|
364 |
* MFSA 2013-82/CVE-2013-1725 (bmo#876762)
|
|
365 |
Calling scope for new Javascript objects can lead to memory corruption
|
|
366 |
* MFSA 2013-85/CVE-2013-1728 (bmo#883686)
|
|
367 |
Uninitialized data in IonMonkey
|
|
368 |
* MFSA 2013-88/CVE-2013-1730 (bmo#851353)
|
|
369 |
Compartment mismatch re-attaching XBL-backed nodes
|
|
370 |
* MFSA 2013-89/CVE-2013-1732 (bmo#883514)
|
|
371 |
Buffer overflow with multi-column, lists, and floats
|
|
372 |
* MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
|
|
373 |
Memory corruption involving scrolling
|
|
374 |
* MFSA 2013-91/CVE-2013-1737 (bmo#907727)
|
|
375 |
User-defined properties on DOM proxies get the wrong "this" object
|
|
376 |
* MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)
|
|
377 |
GC hazard with default compartments and frame chain restoration
|
|
378 |
- enable gstreamer explicitely via pref (gecko.js)
|
|
379 |
- require NSS 3.15.1
|
|
380 |
|
|
381 |
-------------------------------------------------------------------
|
|
382 |
Mon Aug 26 07:35:36 UTC 2013 - wr@rosenauer.org
|
|
383 |
|
|
384 |
- update to Firefox 23.0.1
|
|
385 |
* Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls
|
|
386 |
(bmo#901527)
|
|
387 |
|
|
388 |
-------------------------------------------------------------------
|
|
389 |
Sun Aug 4 18:30:11 UTC 2013 - wr@rosenauer.org
|
|
390 |
|
|
391 |
- update to Firefox 23.0 (bnc#833389)
|
|
392 |
* MFSA 2013-63/CVE-2013-1701/CVE-2013-1702
|
|
393 |
Miscellaneous memory safety hazards
|
|
394 |
* MFSA 2013-64/CVE-2013-1704 (bmo#883313)
|
|
395 |
Use after free mutating DOM during SetBody
|
|
396 |
* MFSA 2013-65/CVE-2013-1705 (bmo#882865)
|
|
397 |
Buffer underflow when generating CRMF requests
|
|
398 |
* MFSA 2013-67/CVE-2013-1708 (bmo#879924)
|
|
399 |
Crash during WAV audio file decoding
|
|
400 |
* MFSA 2013-68/CVE-2013-1709 (bmo#838253)
|
|
401 |
Document URI misrepresentation and masquerading
|
|
402 |
* MFSA 2013-69/CVE-2013-1710 (bmo#871368)
|
|
403 |
CRMF requests allow for code execution and XSS attacks
|
|
404 |
* MFSA 2013-70/CVE-2013-1711 (bmo#843829)
|
|
405 |
Bypass of XrayWrappers using XBL Scopes
|
|
406 |
* MFSA 2013-72/CVE-2013-1713 (bmo#887098)
|
|
407 |
Wrong principal used for validating URI for some Javascript
|
|
408 |
components
|
|
409 |
* MFSA 2013-73/CVE-2013-1714 (bmo#879787)
|
|
410 |
Same-origin bypass with web workers and XMLHttpRequest
|
|
411 |
* MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
|
|
412 |
Local Java applets may read contents of local file system
|
|
413 |
- requires NSPR 4.10 and NSS 3.15
|
|
414 |
|
|
415 |
-------------------------------------------------------------------
|
|
416 |
Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com
|
|
417 |
|
|
418 |
- fix build on ARM (/-g/ matches /-grecord-switches/)
|
|
419 |
|
|
420 |
-------------------------------------------------------------------
|
|
421 |
Sat Jun 22 17:48:06 UTC 2013 - wr@rosenauer.org
|
|
422 |
|
|
423 |
- update to Firefox 22.0 (bnc#825935)
|
|
424 |
* removed obsolete patches
|
|
425 |
+ mozilla-qcms-ppc.patch
|
|
426 |
+ mozilla-gstreamer-760140.patch
|
|
427 |
* GStreamer support does not build on 12.1 anymore (build only
|
|
428 |
on 12.2 and later)
|
|
429 |
* MFSA 2013-49/CVE-2013-1682/CVE-2013-1683
|
|
430 |
Miscellaneous memory safety hazards
|
|
431 |
* MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
|
|
432 |
Memory corruption found using Address Sanitizer
|
|
433 |
* MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
|
|
434 |
Privileged content access and execution via XBL
|
|
435 |
* MFSA 2013-52/CVE-2013-1688 (bmo#873966)
|
|
436 |
Arbitrary code execution within Profiler
|
|
437 |
* MFSA 2013-53/CVE-2013-1690 (bmo#857883)
|
|
438 |
Execution of unmapped memory through onreadystatechange event
|
|
439 |
* MFSA 2013-54/CVE-2013-1692 (bmo#866915)
|
|
440 |
Data in the body of XHR HEAD requests leads to CSRF attacks
|
|
441 |
* MFSA 2013-55/CVE-2013-1693 (bmo#711043)
|
|
442 |
SVG filters can lead to information disclosure
|
|
443 |
* MFSA 2013-56/CVE-2013-1694 (bmo#848535)
|
|
444 |
PreserveWrapper has inconsistent behavior
|
|
445 |
* MFSA 2013-57/CVE-2013-1695 (bmo#849791)
|
|
446 |
Sandbox restrictions not applied to nested frame elements
|
|
447 |
* MFSA 2013-58/CVE-2013-1696 (bmo#761667)
|
|
448 |
X-Frame-Options ignored when using server push with multi-part
|
|
449 |
responses
|
|
450 |
* MFSA 2013-59/CVE-2013-1697 (bmo#858101)
|
|
451 |
XrayWrappers can be bypassed to run user defined methods in a
|
|
452 |
privileged context
|
|
453 |
* MFSA 2013-60/CVE-2013-1698 (bmo#876044)
|
|
454 |
getUserMedia permission dialog incorrectly displays location
|
|
455 |
* MFSA 2013-61/CVE-2013-1699 (bmo#840882)
|
|
456 |
Homograph domain spoofing in .com, .net and .name
|
|
457 |
|
|
458 |
-------------------------------------------------------------------
|
|
459 |
Tue Jun 11 21:06:58 UTC 2013 - dvaleev@suse.com
|
|
460 |
|
|
461 |
- Fix qcms altivec include (mozilla-qcms-ppc.patch)
|
|
462 |
|
|
463 |
-------------------------------------------------------------------
|
|
464 |
Fri May 10 05:25:39 UTC 2013 - wr@rosenauer.org
|
|
465 |
|
|
466 |
- update to Firefox 21.0 (bnc#819204)
|
|
467 |
* removed upstreamed patch firefox-712763.patch
|
|
468 |
* removed disabled mozilla-disable-neon-option.patch
|
|
469 |
* MFSA 2013-41/CVE-2013-0801/CVE-2013-1669
|
|
470 |
Miscellaneous memory safety hazards
|
|
471 |
* MFSA 2013-42/CVE-2013-1670 (bmo#853709)
|
|
472 |
Privileged access for content level constructor
|
|
473 |
* MFSA 2013-43/CVE-2013-1671 (bmo#842255)
|
|
474 |
File input control has access to full path
|
|
475 |
* MFSA 2013-46/CVE-2013-1674 (bmo#860971)
|
|
476 |
Use-after-free with video and onresize event
|
|
477 |
* MFSA 2013-47/CVE-2013-1675 (bmo#866825)
|
|
478 |
Uninitialized functions in DOMSVGZoomEvent
|
|
479 |
* MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/
|
|
480 |
CVE-2013-1679/CVE-2013-1680/CVE-2013-1681
|
|
481 |
Memory corruption found using Address Sanitizer
|
|
482 |
|
|
483 |
-------------------------------------------------------------------
|
|
484 |
Tue Apr 9 06:41:31 UTC 2013 - wr@rosenauer.org
|
|
485 |
|
|
486 |
- revert to use GStreamer 0.10 on 12.3 (bnc#814101)
|
|
487 |
(remove mozilla-gstreamer-1.patch)
|
|
488 |
|
|
489 |
-------------------------------------------------------------------
|
|
490 |
Fri Apr 5 17:04:11 UTC 2013 - schwab@linux-m68k.org
|
|
491 |
|
|
492 |
- Explicitly disable WebRTC support on non-x86, the configure script
|
|
493 |
disables it only half-heartedly
|
|
494 |
|
|
495 |
-------------------------------------------------------------------
|
|
496 |
Fri Mar 29 22:15:21 UTC 2013 - wr@rosenauer.org
|
|
497 |
|
|
498 |
- update to Firefox 20.0 (bnc#813026)
|
|
499 |
* requires NSPR 4.9.5 and NSS 3.14.3
|
|
500 |
* mozilla-webrtc-ppc.patch included upstream
|
|
501 |
* MFSA 2013-30/CVE-2013-0788/CVE-2013-0789
|
|
502 |
Miscellaneous memory safety hazards
|
|
503 |
* MFSA 2013-31/CVE-2013-0800 (bmo#825721)
|
|
504 |
Out-of-bounds write in Cairo library
|
|
505 |
* MFSA 2013-35/CVE-2013-0796 (bmo#827106)
|
|
506 |
WebGL crash with Mesa graphics driver on Linux
|
|
507 |
* MFSA 2013-36/CVE-2013-0795 (bmo#825697)
|
|
508 |
Bypass of SOW protections allows cloning of protected nodes
|
|
509 |
* MFSA 2013-37/CVE-2013-0794 (bmo#626775)
|
|
510 |
Bypass of tab-modal dialog origin disclosure
|
|
511 |
* MFSA 2013-38/CVE-2013-0793 (bmo#803870)
|
|
512 |
Cross-site scripting (XSS) using timed history navigations
|
|
513 |
* MFSA 2013-39/CVE-2013-0792 (bmo#722831)
|
|
514 |
Memory corruption while rendering grayscale PNG images
|
|
515 |
- use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch)
|
|
516 |
|
|
517 |
-------------------------------------------------------------------
|
|
518 |
Tue Mar 12 23:08:15 UTC 2013 - dmueller@suse.com
|
|
519 |
|
|
520 |
- build fixes for armv7hl:
|
|
521 |
* disable debug build as armv7hl does not have enough memory
|
|
522 |
* disable webrtc on armv7hl as it is non-compiling
|
|
523 |
|
|
524 |
-------------------------------------------------------------------
|
|
525 |
Thu Mar 7 19:03:32 UTC 2013 - wr@rosenauer.org
|
|
526 |
|
|
527 |
- update to Firefox 19.0.2 (bnc#808243)
|
|
528 |
* MFSA 2013-29/CVE-2013-0787 (bmo#848644)
|
|
529 |
Use-after-free in HTML Editor
|
|
530 |
|
|
531 |
-------------------------------------------------------------------
|
|
532 |
Thu Feb 28 22:06:36 UTC 2013 - wr@rosenauer.org
|
|
533 |
|
|
534 |
- update to Firefox 19.0.1
|
|
535 |
* blocklist updates
|
|
536 |
|
|
537 |
-------------------------------------------------------------------
|
|
538 |
Sat Feb 16 07:08:55 UTC 2013 - wr@rosenauer.org
|
|
539 |
|
|
540 |
- update to Firefox 19.0 (bnc#804248)
|
|
541 |
* MFSA 2013-21/CVE-2013-0783/2013-0784
|
|
542 |
Miscellaneous memory safety hazards
|
|
543 |
* MFSA 2013-22/CVE-2013-0772 (bmo#801366)
|
|
544 |
Out-of-bounds read in image rendering
|
|
545 |
* MFSA 2013-23/CVE-2013-0765 (bmo#830614)
|
|
546 |
Wrapped WebIDL objects can be wrapped again
|
|
547 |
* MFSA 2013-24/CVE-2013-0773 (bmo#809652)
|
|
548 |
Web content bypass of COW and SOW security wrappers
|
|
549 |
* MFSA 2013-25/CVE-2013-0774 (bmo#827193)
|
|
550 |
Privacy leak in JavaScript Workers
|
|
551 |
* MFSA 2013-26/CVE-2013-0775 (bmo#831095)
|
|
552 |
Use-after-free in nsImageLoadingContent
|
|
553 |
* MFSA 2013-27/CVE-2013-0776 (bmo#796475)
|
|
554 |
Phishing on HTTPS connection through malicious proxy
|
|
555 |
* MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
|
|
556 |
CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
|
|
557 |
Use-after-free, out of bounds read, and buffer overflow issues
|
|
558 |
found using Address Sanitizer
|
|
559 |
- removed obsolete patches
|
|
560 |
* mozilla-webrtc.patch
|
|
561 |
* mozilla-gstreamer-803287.patch
|
|
562 |
- added patch to fix session restore window order (bmo#712763)
|
|
563 |
|
|
564 |
-------------------------------------------------------------------
|
|
565 |
Sat Feb 2 08:40:52 UTC 2013 - wr@rosenauer.org
|
|
566 |
|
|
567 |
- update to Firefox 18.0.2
|
|
568 |
* blocklist and CTP updates
|
|
569 |
* fixes in JS engine
|
|
570 |
|
|
571 |
-------------------------------------------------------------------
|
|
572 |
Wed Jan 16 20:51:55 UTC 2013 - wr@rosenauer.org
|
|
573 |
|
|
574 |
- update to Firefox 18.0.1
|
|
575 |
* blocklist updates
|
|
576 |
* backed out bmo#677092 (removed patch)
|
|
577 |
* fixed problems involving HTTP proxy transactions
|
|
578 |
|
|
579 |
-------------------------------------------------------------------
|
|
580 |
Sat Jan 12 17:25:11 UTC 2013 - schwab@linux-m68k.org
|
|
581 |
|
|
582 |
- Fix WebRTC to build on powerpc
|
|
583 |
|
|
584 |
-------------------------------------------------------------------
|
|
585 |
Sun Jan 6 21:54:18 UTC 2013 - wr@rosenauer.org
|
|
586 |
|
|
587 |
- update to Firefox 18.0 (bnc#796895)
|
|
588 |
* MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
|
|
589 |
Miscellaneous memory safety hazards
|
|
590 |
* MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
|
|
591 |
CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
|
|
592 |
Use-after-free and buffer overflow issues found using Address Sanitizer
|
|
593 |
* MFSA 2013-03/CVE-2013-0768 (bmo#815795)
|
|
594 |
Buffer Overflow in Canvas
|
|
595 |
* MFSA 2013-04/CVE-2012-0759 (bmo#802026)
|
|
596 |
URL spoofing in addressbar during page loads
|
|
597 |
* MFSA 2013-05/CVE-2013-0744 (bmo#814713)
|
|
598 |
Use-after-free when displaying table with many columns and column groups
|
|
599 |
* MFSA 2013-06/CVE-2013-0751 (bmo#790454)
|
|
600 |
Touch events are shared across iframes
|
|
601 |
* MFSA 2013-07/CVE-2013-0764 (bmo#804237)
|
|
602 |
Crash due to handling of SSL on threads
|
|
603 |
* MFSA 2013-08/CVE-2013-0745 (bmo#794158)
|
|
604 |
AutoWrapperChanger fails to keep objects alive during garbage collection
|
|
605 |
* MFSA 2013-09/CVE-2013-0746 (bmo#816842)
|
|
606 |
Compartment mismatch with quickstubs returned values
|
|
607 |
* MFSA 2013-10/CVE-2013-0747 (bmo#733305)
|
|
608 |
Event manipulation in plugin handler to bypass same-origin policy
|
|
609 |
* MFSA 2013-11/CVE-2013-0748 (bmo#806031)
|
|
610 |
Address space layout leaked in XBL objects
|
|
611 |
* MFSA 2013-12/CVE-2013-0750 (bmo#805121)
|
|
612 |
Buffer overflow in Javascript string concatenation
|
|
613 |
* MFSA 2013-13/CVE-2013-0752 (bmo#805024)
|
|
614 |
Memory corruption in XBL with XML bindings containing SVG
|
|
615 |
* MFSA 2013-14/CVE-2013-0757 (bmo#813901)
|
|
616 |
Chrome Object Wrapper (COW) bypass through changing prototype
|
|
617 |
* MFSA 2013-15/CVE-2013-0758 (bmo#813906)
|
|
618 |
Privilege escalation through plugin objects
|
|
619 |
* MFSA 2013-16/CVE-2013-0753 (bmo#814001)
|
|
620 |
Use-after-free in serializeToStream
|
|
621 |
* MFSA 2013-17/CVE-2013-0754 (bmo#814026)
|
|
622 |
Use-after-free in ListenerManager
|
|
623 |
* MFSA 2013-18/CVE-2013-0755 (bmo#814027)
|
|
624 |
Use-after-free in Vibrate
|
|
625 |
* MFSA 2013-19/CVE-2013-0756 (bmo#814029)
|
|
626 |
Use-after-free in Javascript Proxy objects
|
|
627 |
- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
|
|
628 |
- removed obsolete SLE11 patches (mozilla-gcc43*)
|
|
629 |
- reenable WebRTC
|
|
630 |
- added mozilla-libproxy-compat.patch for libproxy API compat
|
|
631 |
on openSUSE 11.2 and earlier
|
|
632 |
- backed out restartless language packs as it broke multi-locale
|
|
633 |
setup (bmo#677092, bmo#818468)
|
|
634 |
|
|
635 |
-------------------------------------------------------------------
|
|
636 |
Thu Nov 29 19:56:51 UTC 2012 - wr@rosenauer.org
|
|
637 |
|
|
638 |
- update to Firefox 17.0.1
|
|
639 |
* revert some useragent changes introduced in 17.0
|
|
640 |
* leaving private browsing with social enabled doesn't reset all
|
|
641 |
social components (bmo#815042)
|
|
642 |
- fix KDE integration for file dialogs
|
|
643 |
|
|
644 |
-------------------------------------------------------------------
|
|
645 |
Tue Nov 20 19:52:02 UTC 2012 - wr@rosenauer.org
|
|
646 |
|
|
647 |
- update to Firefox 17.0 (bnc#790140)
|
|
648 |
* MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
|
|
649 |
Miscellaneous memory safety hazards
|
|
650 |
* MFSA 2012-92/CVE-2012-4202 (bmo#758200)
|
|
651 |
Buffer overflow while rendering GIF images
|
|
652 |
* MFSA 2012-93/CVE-2012-4201 (bmo#747607)
|
|
653 |
evalInSanbox location context incorrectly applied
|
|
654 |
* MFSA 2012-94/CVE-2012-5836 (bmo#792857)
|
|
655 |
Crash when combining SVG text on path with CSS
|
|
656 |
* MFSA 2012-95/CVE-2012-4203 (bmo#765628)
|
|
657 |
Javascript: URLs run in privileged context on New Tab page
|
|
658 |
* MFSA 2012-96/CVE-2012-4204 (bmo#778603)
|
|
659 |
Memory corruption in str_unescape
|
|
660 |
* MFSA 2012-97/CVE-2012-4205 (bmo#779821)
|
|
661 |
XMLHttpRequest inherits incorrect principal within sandbox
|
|
662 |
* MFSA 2012-99/CVE-2012-4208 (bmo#798264)
|
|
663 |
XrayWrappers exposes chrome-only properties when not in chrome
|
|
664 |
compartment
|
|
665 |
* MFSA 2012-100/CVE-2012-5841 (bmo#805807)
|
|
666 |
Improper security filtering for cross-origin wrappers
|
|
667 |
* MFSA 2012-101/CVE-2012-4207 (bmo#801681)
|
|
668 |
Improper character decoding in HZ-GB-2312 charset
|
|
669 |
* MFSA 2012-102/CVE-2012-5837 (bmo#800363)
|
|
670 |
Script entered into Developer Toolbar runs with chrome privileges
|
|
671 |
* MFSA 2012-103/CVE-2012-4209 (bmo#792405)
|
|
672 |
Frames can shadow top.location
|
|
673 |
* MFSA 2012-104/CVE-2012-4210 (bmo#796866)
|
|
674 |
CSS and HTML injection through Style Inspector
|
|
675 |
* MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
|
|
676 |
CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
|
|
677 |
CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
|
|
678 |
Use-after-free and buffer overflow issues found using Address
|
|
679 |
Sanitizer
|
|
680 |
* MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
|
|
681 |
Use-after-free, buffer overflow, and memory corruption issues
|
|
682 |
found using Address Sanitizer
|
|
683 |
- rebased patches
|
|
684 |
- disabled WebRTC since build is broken (bmo#776877)
|
|
685 |
|
|
686 |
-------------------------------------------------------------------
|
|
687 |
Tue Nov 20 15:42:55 UTC 2012 - pcerny@suse.com
|
|
688 |
|
|
689 |
- build on SLE11
|
|
690 |
* mozilla-gcc43-enums.patch
|
|
691 |
* mozilla-gcc43-template_hacks.patch
|
|
692 |
* mozilla-gcc43-templates_instantiation.patch
|
|
693 |
|
|
694 |
-------------------------------------------------------------------
|
|
695 |
Wed Oct 24 08:27:29 UTC 2012 - wr@rosenauer.org
|
|
696 |
|
|
697 |
- update to Firefox 16.0.2 (bnc#786522)
|
|
698 |
* MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
|
|
699 |
(bmo#800666, bmo#793121, bmo#802557)
|
|
700 |
Fixes for Location object issues
|
|
701 |
- bring back Obsoletes for libproxy's mozjs plugin for distributions
|
|
702 |
before 12.2 to avoid crashes
|
|
703 |
|
|
704 |
-------------------------------------------------------------------
|
|
705 |
Thu Oct 11 01:51:16 UTC 2012 - wr@rosenauer.org
|
|
706 |
|
|
707 |
- update to Firefox 16.0.1 (bnc#783533)
|
|
708 |
* MFSA 2012-88/CVE-2012-4191 (bmo#798045)
|
|
709 |
Miscellaneous memory safety hazards
|
|
710 |
* MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
|
|
711 |
defaultValue security checks not applied
|
|
712 |
|
|
713 |
-------------------------------------------------------------------
|
|
714 |
Sun Oct 7 21:40:14 UTC 2012 - wr@rosenauer.org
|
|
715 |
|
|
716 |
- update to Firefox 16.0 (bnc#783533)
|
|
717 |
* MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
|
|
718 |
Miscellaneous memory safety hazards
|
|
719 |
* MFSA 2012-75/CVE-2012-3984 (bmo#575294)
|
|
720 |
select element persistance allows for attacks
|
|
721 |
* MFSA 2012-76/CVE-2012-3985 (bmo#655649)
|
|
722 |
Continued access to initial origin after setting document.domain
|
|
723 |
* MFSA 2012-77/CVE-2012-3986 (bmo#775868)
|
|
724 |
Some DOMWindowUtils methods bypass security checks
|
|
725 |
* MFSA 2012-79/CVE-2012-3988 (bmo#725770)
|
|
726 |
DOS and crash with full screen and history navigation
|
|
727 |
* MFSA 2012-80/CVE-2012-3989 (bmo#783867)
|
|
728 |
Crash with invalid cast when using instanceof operator
|
|
729 |
* MFSA 2012-81/CVE-2012-3991 (bmo#783260)
|
|
730 |
GetProperty function can bypass security checks
|
|
731 |
* MFSA 2012-82/CVE-2012-3994 (bmo#765527)
|
|
732 |
top object and location property accessible by plugins
|
|
733 |
* MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
|
|
734 |
Chrome Object Wrapper (COW) does not disallow acces to privileged
|
|
735 |
functions or properties
|
|
736 |
* MFSA 2012-84/CVE-2012-3992 (bmo#775009)
|
|
737 |
Spoofing and script injection through location.hash
|
|
738 |
* MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
|
|
739 |
CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
|
|
740 |
Use-after-free, buffer overflow, and out of bounds read issues
|
|
741 |
found using Address Sanitizer
|
|
742 |
* MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
|
|
743 |
CVE-2012-4188
|
|
744 |
Heap memory corruption issues found using Address Sanitizer
|
|
745 |
* MFSA 2012-87/CVE-2012-3990 (bmo#787704)
|
|
746 |
Use-after-free in the IME State Manager
|
|
747 |
- requires NSPR 4.9.2
|
|
748 |
- improve GStreamer integration (bmo#760140)
|
|
749 |
- removed upstreamed mozilla-crashreporter-restart-args.patch
|
|
750 |
- webapprt now included
|
|
751 |
- use kmozillahelper's new REVEAL command (bnc#777415)
|
|
752 |
(requires mozilla-kde4-integration >= 0.6.4)
|
|
753 |
- updated translations-other with new languages
|
|
754 |
|
|
755 |
-------------------------------------------------------------------
|
|
756 |
Mon Sep 10 19:37:56 UTC 2012 - wr@rosenauer.org
|
|
757 |
|
|
758 |
- update to Firefox 15.0.1 (bnc#779936)
|
|
759 |
* Sites visited while in Private Browsing mode could be found
|
|
760 |
through manual browser cache inspection (bmo#787743)
|
|
761 |
|
|
762 |
-------------------------------------------------------------------
|
|
763 |
Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org
|
|
764 |
|
|
765 |
- update to Firefox 15.0 (bnc#777588)
|
|
766 |
* MFSA 2012-57/CVE-2012-1970
|
|
767 |
Miscellaneous memory safety hazards
|
|
768 |
* MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
|
|
769 |
CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
|
|
770 |
CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
|
|
771 |
Use-after-free issues found using Address Sanitizer
|
|
772 |
* MFSA 2012-59/CVE-2012-1956 (bmo#756719)
|
|
773 |
Location object can be shadowed using Object.defineProperty
|
|
774 |
* MFSA 2012-60/CVE-2012-3965 (bmo#769108)
|
|
775 |
Escalation of privilege through about:newtab
|
|
776 |
* MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
|
|
777 |
Memory corruption with bitmap format images with negative height
|
|
778 |
* MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
|
|
779 |
WebGL use-after-free and memory corruption
|
|
780 |
* MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
|
|
781 |
SVG buffer overflow and use-after-free issues
|
|
782 |
* MFSA 2012-64/CVE-2012-3971
|
|
783 |
Graphite 2 memory corruption
|
|
784 |
* MFSA 2012-65/CVE-2012-3972 (bmo#746855)
|
|
785 |
Out-of-bounds read in format-number in XSLT
|
|
786 |
* MFSA 2012-66/CVE-2012-3973 (bmo#757128)
|
|
787 |
HTTPMonitor extension allows for remote debugging without explicit
|
|
788 |
activation
|
|
789 |
* MFSA 2012-68/CVE-2012-3975 (bmo#770684)
|
|
790 |
DOMParser loads linked resources in extensions when parsing
|
|
791 |
text/html
|
|
792 |
* MFSA 2012-69/CVE-2012-3976 (bmo#768568)
|
|
793 |
Incorrect site SSL certificate data display
|
|
794 |
* MFSA 2012-70/CVE-2012-3978 (bmo#770429)
|
|
795 |
Location object security checks bypassed by chrome code
|
|
796 |
* MFSA 2012-72/CVE-2012-3980 (bmo#771859)
|
|
797 |
Web console eval capable of executing chrome-privileged code
|
|
798 |
- fix HTML5 video crash with GStreamer enabled (bmo#761030)
|
|
799 |
- GStreamer is only used for MP4 (no WebM, OGG)
|
|
800 |
- updated filelist
|
|
801 |
- moved browser specific preferences to correct location
|
|
802 |
|
|
803 |
-------------------------------------------------------------------
|
|
804 |
Sun Jul 29 08:34:39 UTC 2012 - aj@suse.de
|
|
805 |
|
|
806 |
- Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16)
|
|
807 |
|
|
808 |
-------------------------------------------------------------------
|
|
809 |
Sat Jul 14 19:31:51 UTC 2012 - wr@rosenauer.org
|
|
810 |
|
|
811 |
- update to 14.0.1 (bnc#771583)
|
|
812 |
* MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
|
|
813 |
Miscellaneous memory safety hazards
|
|
814 |
* MFSA 2012-43/CVE-2012-1950
|
|
815 |
Incorrect URL displayed in addressbar through drag and drop
|
|
816 |
* MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
|
|
817 |
Gecko memory corruption
|
|
818 |
* MFSA 2012-45/CVE-2012-1955 (bmo#757376)
|
|
819 |
Spoofing issue with location
|
|
820 |
* MFSA 2012-46/CVE-2012-1966 (bmo#734076)
|
|
821 |
XSS through data: URLs
|
|
822 |
* MFSA 2012-47/CVE-2012-1957 (bmo#750096)
|
|
823 |
Improper filtering of javascript in HTML feed-view
|
|
824 |
* MFSA 2012-48/CVE-2012-1958 (bmo#750820)
|
|
825 |
use-after-free in nsGlobalWindow::PageHidden
|
|
826 |
* MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
|
|
827 |
Same-compartment Security Wrappers can be bypassed
|
|
828 |
* MFSA 2012-50/CVE-2012-1960 (bmo#761014)
|
|
829 |
Out of bounds read in QCMS
|
|
830 |
* MFSA 2012-51/CVE-2012-1961 (bmo#761655)
|
|
831 |
X-Frame-Options header ignored when duplicated
|
|
832 |
* MFSA 2012-52/CVE-2012-1962 (bmo#764296)
|
|
833 |
JSDependentString::undepend string conversion results in memory
|
|
834 |
corruption
|
|
835 |
* MFSA 2012-53/CVE-2012-1963 (bmo#767778)
|
|
836 |
Content Security Policy 1.0 implementation errors cause data
|
|
837 |
leakage
|
|
838 |
* MFSA 2012-55/CVE-2012-1965 (bmo#758990)
|
|
839 |
feed: URLs with an innerURI inherit security context of page
|
|
840 |
* MFSA 2012-56/CVE-2012-1967 (bmo#758344)
|
|
841 |
Code execution through javascript: URLs
|
|
842 |
- license change from tri license to MPL-2.0
|
|
843 |
- fix crashreporter restart option (bmo#762780)
|
|
844 |
- require NSS 3.13.5
|
|
845 |
- remove mozjs pacrunner obsoletes again for now
|
|
846 |
- adopted mozilla-prefer_plugin_pref.patch
|
|
847 |
- PPC fixes:
|
|
848 |
* reenabled mozilla-yarr-pcre.patch to fix build for PPC
|
|
849 |
* add patches for bmo#750620 and bmo#746112
|
|
850 |
* fix xpcshell segfault on ppc
|
|
851 |
|
|
852 |
-------------------------------------------------------------------
|
|
853 |
Fri Jun 15 12:37:09 UTC 2012 - wr@rosenauer.org
|
|
854 |
|
|
855 |
- update to Firefox 13.0.1
|
|
856 |
* bugfix release
|
|
857 |
- obsolete libproxy's mozjs pacrunner (bnc#759123)
|
|
858 |
|
|
859 |
-------------------------------------------------------------------
|
|
860 |
Sat Jun 2 08:22:51 UTC 2012 - wr@rosenauer.org
|
|
861 |
|
|
862 |
- update to Firefox 13.0 (bnc#765204)
|
|
863 |
* MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
|
|
864 |
Miscellaneous memory safety hazards
|
|
865 |
* MFSA 2012-36/CVE-2012-1944 (bmo#751422)
|
|
866 |
Content Security Policy inline-script bypass
|
|
867 |
* MFSA 2012-37/CVE-2012-1945 (bmo#670514)
|
|
868 |
Information disclosure though Windows file shares and shortcut
|
|
869 |
files
|
|
870 |
* MFSA 2012-38/CVE-2012-1946 (bmo#750109)
|
|
871 |
Use-after-free while replacing/inserting a node in a document
|
|
872 |
* MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
|
|
873 |
Buffer overflow and use-after-free issues found using Address
|
|
874 |
Sanitizer
|
|
875 |
- require NSS 3.13.4
|
|
876 |
* MFSA 2012-39/CVE-2012-0441 (bmo#715073)
|
|
877 |
- fix sound notifications when filename/path contains a whitespace
|
|
878 |
(bmo#749739)
|
|
879 |
|
|
880 |
-------------------------------------------------------------------
|
|
881 |
Wed May 23 14:40:16 UTC 2012 - adrian@suse.de
|
|
882 |
|
|
883 |
- fix build on arm
|
|
884 |
|
|
885 |
-------------------------------------------------------------------
|
|
886 |
Wed May 16 05:34:01 UTC 2012 - wr@rosenauer.org
|
|
887 |
|
|
888 |
- reenabled crashreporter for Factory/12.2
|
|
889 |
(fix in mozilla-gcc47.patch)
|
|
890 |
|
|
891 |
-------------------------------------------------------------------
|
|
892 |
Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org
|
|
893 |
|
|
894 |
- update to Firefox 12.0 (bnc#758408)
|
|
895 |
* rebased patches
|
|
896 |
* MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
|
|
897 |
Miscellaneous memory safety hazards
|
|
898 |
* MFSA 2012-22/CVE-2012-0469 (bmo#738985)
|
|
899 |
use-after-free in IDBKeyRange
|
|
900 |
* MFSA 2012-23/CVE-2012-0470 (bmo#734288)
|
|
901 |
Invalid frees causes heap corruption in gfxImageSurface
|
|
902 |
* MFSA 2012-24/CVE-2012-0471 (bmo#715319)
|
|
903 |
Potential XSS via multibyte content processing errors
|
|
904 |
* MFSA 2012-25/CVE-2012-0472 (bmo#744480)
|
|
905 |
Potential memory corruption during font rendering using cairo-dwrite
|
|
906 |
* MFSA 2012-26/CVE-2012-0473 (bmo#743475)
|
|
907 |
WebGL.drawElements may read illegal video memory due to
|
|
908 |
FindMaxUshortElement error
|
|
909 |
* MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
|
|
910 |
Page load short-circuit can lead to XSS
|
|
911 |
* MFSA 2012-28/CVE-2012-0475 (bmo#694576)
|
|
912 |
Ambiguous IPv6 in Origin headers may bypass webserver access
|
|
913 |
restrictions
|
|
914 |
* MFSA 2012-29/CVE-2012-0477 (bmo#718573)
|
|
915 |
Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
|
|
916 |
* MFSA 2012-30/CVE-2012-0478 (bmo#727547)
|
|
917 |
Crash with WebGL content using textImage2D
|
|
918 |
* MFSA 2012-31/CVE-2011-3062 (bmo#739925)
|
|
919 |
Off-by-one error in OpenType Sanitizer
|
|
920 |
* MFSA 2012-32/CVE-2011-1187 (bmo#624621)
|
|
921 |
HTTP Redirections and remote content can be read by javascript errors
|
|
922 |
* MFSA 2012-33/CVE-2012-0479 (bmo#714631)
|
|
923 |
Potential site identity spoofing when loading RSS and Atom feeds
|
|
924 |
- added mozilla-libnotify.patch to allow fallback from libnotify
|
|
925 |
to xul based events if no notification-daemon is running
|
|
926 |
- gcc 4.7 fixes
|
|
927 |
* mozilla-gcc47.patch
|
|
928 |
* disabled crashreporter temporarily for Factory
|
|
929 |
- recommend libcanberra0 for proper sound notifications
|
|
930 |
|
|
931 |
-------------------------------------------------------------------
|
|
932 |
Fri Mar 9 21:47:07 UTC 2012 - wr@rosenauer.org
|
|
933 |
|
|
934 |
- update to Firefox 11.0 (bnc#750044)
|
|
935 |
* MFSA 2012-13/CVE-2012-0455 (bmo#704354)
|
|
936 |
XSS with Drag and Drop and Javascript: URL
|
|
937 |
* MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
|
|
938 |
SVG issues found with Address Sanitizer
|
|
939 |
* MFSA 2012-15/CVE-2012-0451 (bmo#717511)
|
|
940 |
XSS with multiple Content Security Policy headers
|
|
941 |
* MFSA 2012-16/CVE-2012-0458
|
|
942 |
Escalation of privilege with Javascript: URL as home page
|
|
943 |
* MFSA 2012-17/CVE-2012-0459 (bmo#723446)
|
|
944 |
Crash when accessing keyframe cssText after dynamic modification
|
|
945 |
* MFSA 2012-18/CVE-2012-0460 (bmo#727303)
|
|
946 |
window.fullScreen writeable by untrusted content
|
|
947 |
* MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
|
|
948 |
CVE-2012-0463
|
|
949 |
Miscellaneous memory safety hazards
|
|
950 |
- ported and reenabled KDE integration (bnc#746591)
|
|
951 |
- explicitely build-require X libs
|
|
952 |
|
|
953 |
-------------------------------------------------------------------
|
|
954 |
Mon Mar 5 13:31:48 UTC 2012 - vdziewiecki@suse.com
|
|
955 |
|
|
956 |
- add Provides: browser(npapi) FATE#313084
|
|
957 |
|
|
958 |
-------------------------------------------------------------------
|
|
959 |
Fri Feb 17 17:41:11 UTC 2012 - pcerny@suse.com
|
|
960 |
|
|
961 |
- better plugin directory resolution (bnc#747320)
|
|
962 |
|
|
963 |
-------------------------------------------------------------------
|
|
964 |
Thu Feb 16 08:47:31 UTC 2012 - wr@rosenauer.org
|
|
965 |
|
|
966 |
- update to Firefox 10.0.2 (bnc#747328)
|
|
967 |
* CVE-2011-3026 (bmo#727401)
|
|
968 |
libpng: integer overflow leading to heap-buffer overflow
|
|
969 |
|
|
970 |
-------------------------------------------------------------------
|
|
971 |
Thu Feb 9 09:26:11 UTC 2012 - wr@rosenauer.org
|
|
972 |
|
|
973 |
- update to Firefox 10.0.1 (bnc#746616)
|
|
974 |
* MFSA 2012-10/CVE-2012-0452 (bmo#724284)
|
|
975 |
use after free in nsXBLDocumentInfo::ReadPrototypeBindings
|
|
976 |
|
|
977 |
-------------------------------------------------------------------
|
|
978 |
Tue Feb 7 10:40:58 UTC 2012 - dvaleev@suse.com
|
|
979 |
|
|
980 |
- Use YARR interpreter instead of PCRE on platforms where YARR JIT
|
|
981 |
is not supported, since PCRE doesnt build (bmo#691898)
|
|
982 |
- fix ppc64 build (bmo#703534)
|
|
983 |
|
|
984 |
-------------------------------------------------------------------
|
|
985 |
Mon Jan 30 09:41:59 UTC 2012 - wr@rosenauer.org
|
|
986 |
|
|
987 |
- update to Firefox 10.0 (bnc#744275)
|
|
988 |
* MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
|
|
989 |
Miscellaneous memory safety hazards
|
|
990 |
* MFSA 2012-03/CVE-2012-0445 (bmo#701071)
|
|
991 |
<iframe> element exposed across domains via name attribute
|
|
992 |
* MFSA 2012-04/CVE-2011-3659 (bmo#708198)
|
|
993 |
Child nodes from nsDOMAttribute still accessible after removal
|
|
994 |
of nodes
|
|
995 |
* MFSA 2012-05/CVE-2012-0446 (bmo#705651)
|
|
996 |
Frame scripts calling into untrusted objects bypass security
|
|
997 |
checks
|
|
998 |
* MFSA 2012-06/CVE-2012-0447 (bmo#710079)
|
|
999 |
Uninitialized memory appended when encoding icon images may
|
|
1000 |
cause information disclosure
|
|
1001 |
* MFSA 2012-07/CVE-2012-0444 (bmo#719612)
|
|
1002 |
Potential Memory Corruption When Decoding Ogg Vorbis files
|
|
1003 |
* MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
|
|
1004 |
Crash with malformed embedded XSLT stylesheets
|
|
1005 |
- KDE integration has been disabled since it needs refactoring
|
|
1006 |
- removed obsolete ppc64 patch
|
|
1007 |
|
|
1008 |
-------------------------------------------------------------------
|
|
1009 |
Sun Jan 22 12:08:07 UTC 2012 - joop.boonen@opensuse.org
|
|
1010 |
|
|
1011 |
- Disable neon for arm as it doesn't build correctly
|
|
1012 |
|
|
1013 |
-------------------------------------------------------------------
|
|
1014 |
Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org
|
|
1015 |
|
|
1016 |
- update to Firefox 9.0.1
|
|
1017 |
* (strongparent) parentNode of element gets lost (bmo#335998)
|
|
1018 |
|
|
1019 |
-------------------------------------------------------------------
|
|
1020 |
Sun Dec 18 09:58:52 UTC 2011 - adrian@suse.de
|
|
1021 |
|
|
1022 |
- fix arm build, don't package crashreporter there
|
|
1023 |
|
|
1024 |
-------------------------------------------------------------------
|
|
1025 |
Sun Dec 18 09:52:08 UTC 2011 - wr@rosenauer.org
|
|
1026 |
|
|
1027 |
- update to Firefox 9 (bnc#737533)
|
|
1028 |
* MFSA 2011-53/CVE-2011-3660
|
|
1029 |
Miscellaneous memory safety hazards (rv:9.0)
|
|
1030 |
* MFSA 2011-54/CVE-2011-3661 (bmo#691299)
|
|
1031 |
Potentially exploitable crash in the YARR regular expression
|
|
1032 |
library
|
|
1033 |
* MFSA 2011-55/CVE-2011-3658 (bmo#708186)
|
|
1034 |
nsSVGValue out-of-bounds access
|
|
1035 |
* MFSA 2011-56/CVE-2011-3663 (bmo#704482)
|
|
1036 |
Key detection without JavaScript via SVG animation
|
|
1037 |
* MFSA 2011-58/VE-2011-3665 (bmo#701259)
|
|
1038 |
Crash scaling <video> to extreme sizes
|
|
1039 |
|
|
1040 |
-------------------------------------------------------------------
|
|
1041 |
Sun Nov 27 03:51:54 UTC 2011 - mgorse@suse.com
|
|
1042 |
|
|
1043 |
- Fix accessibility under GNOME 3 (bnc#732898)
|
|
1044 |
|
|
1045 |
-------------------------------------------------------------------
|
|
1046 |
Sat Nov 12 15:16:38 UTC 2011 - dvaleev@suse.com
|
|
1047 |
|
|
1048 |
- fix ppc64 build
|
|
1049 |
|
|
1050 |
-------------------------------------------------------------------
|
|
1051 |
Sun Nov 6 08:20:59 UTC 2011 - wr@rosenauer.org
|
|
1052 |
|
|
1053 |
- update to Firefox 8 (bnc#728520)
|
|
1054 |
* MFSA 2011-47/CVE-2011-3648 (bmo#690225)
|
|
1055 |
Potential XSS against sites using Shift-JIS
|
|
1056 |
* MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
|
|
1057 |
Miscellaneous memory safety hazards
|
|
1058 |
* MFSA 2011-49/CVE-2011-3650 (bmo#674776)
|
|
1059 |
Memory corruption while profiling using Firebug
|
|
1060 |
* MFSA 2011-52/CVE-2011-3655 (bmo#672182)
|
|
1061 |
Code execution via NoWaiverWrapper
|
|
1062 |
- rebased patches
|
|
1063 |
|
|
1064 |
-------------------------------------------------------------------
|
|
1065 |
Thu Oct 20 12:34:47 UTC 2011 - wr@rosenauer.org
|
|
1066 |
|
|
1067 |
- enable telemetry prompt
|
|
1068 |
|
|
1069 |
-------------------------------------------------------------------
|
|
1070 |
Fri Sep 30 10:52:36 UTC 2011 - wr@rosenauer.org
|
|
1071 |
|
|
1072 |
- update to minor release 7.0.1
|
|
1073 |
* fixed staged addon updates
|
|
1074 |
- set intl.locale.matchOS=true in the base package as it causes
|
|
1075 |
too much confusion when it's only available with branding-openSUSE
|
|
1076 |
|
|
1077 |
-------------------------------------------------------------------
|
|
1078 |
Fri Sep 23 11:22:22 UTC 2011 - wr@rosenauer.org
|
|
1079 |
|
|
1080 |
- update to Firefox 7 (bnc#720264)
|
|
1081 |
including
|
|
1082 |
* Improve Responsiveness with Memory Reductions
|
|
1083 |
* Instant Sync
|
|
1084 |
* WebSocket protocol 8
|
|
1085 |
* MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
|
|
1086 |
Miscellaneous memory safety hazards
|
|
1087 |
* MFSA 2011-39/CVE-2011-3000 (bmo#655389)
|
|
1088 |
Defense against multiple Location headers due to CRLF Injection
|
|
1089 |
* MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
|
|
1090 |
Code installation through holding down Enter
|
|
1091 |
* MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
|
|
1092 |
Potentially exploitable WebGL crashes
|
|
1093 |
* MFSA 2011-42/CVE-2011-3232 (bmo#653672)
|
|
1094 |
Potentially exploitable crash in the YARR regular expression
|
|
1095 |
library
|
|
1096 |
* MFSA 2011-43/CVE-2011-3004 (bmo#653926)
|
|
1097 |
loadSubScript unwraps XPCNativeWrapper scope parameter
|
|
1098 |
* MFSA 2011-44/CVE-2011-3005 (bmo#675747)
|
|
1099 |
Use after free reading OGG headers
|
|
1100 |
* MFSA 2011-45
|
|
1101 |
Inferring keystrokes from motion data
|
|
1102 |
- removed obsolete mozilla-cairo-lcd.patch
|
|
1103 |
- rebased patches
|
|
1104 |
- removed XLIB_SKIP_ARGB_VISUALS=1 from environment in
|
|
1105 |
mozilla.sh.in (bnc#680758)
|
|
1106 |
|
|
1107 |
-------------------------------------------------------------------
|
|
1108 |
Fri Sep 16 06:57:38 UTC 2011 - wr@rosenauer.org
|
|
1109 |
|
|
1110 |
- fixed loading of kde.js under KDE (bnc#718311)
|
|
1111 |
|
|
1112 |
-------------------------------------------------------------------
|
|
1113 |
Wed Sep 14 07:02:04 UTC 2011 - wr@rosenauer.org
|
|
1114 |
|
|
1115 |
- add dbus-1-glib-devel to BuildRequires (not pulled in
|
|
1116 |
automatically anymore on 12.1)
|
|
1117 |
- increase minversions for NSPR and NSS
|
|
1118 |
|
|
1119 |
-------------------------------------------------------------------
|
|
1120 |
Fri Sep 9 20:44:15 UTC 2011 - wr@rosenauer.org
|
|
1121 |
|
|
1122 |
- recreated source archive to get correct source-stamp.txt
|
|
1123 |
|
|
1124 |
-------------------------------------------------------------------
|
|
1125 |
Wed Sep 7 14:30:34 UTC 2011 - pcerny@suse.com
|
|
1126 |
|
|
1127 |
- security update to 6.0.2 (bnc#714931)
|
|
1128 |
* Complete blocking of certificates issued by DigiNotar
|
|
1129 |
(bmo#683449)
|
|
1130 |
|
|
1131 |
-------------------------------------------------------------------
|
|
1132 |
Fri Sep 2 14:40:07 UTC 2011 - pcerny@suse.com
|
|
1133 |
|
|
1134 |
- security update to 6.0.1 (bnc#714931)
|
|
1135 |
* MFSA 2011-34
|
|
1136 |
Protection against fraudulent DigiNotar certificates
|
|
1137 |
(bmo#682927)
|
|
1138 |
|
|
1139 |
-------------------------------------------------------------------
|
|
1140 |
Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org
|
|
1141 |
|
|
1142 |
- update to 6.0 (bnc#712224)
|
|
1143 |
included security fixes MFSA 2011-29
|
|
1144 |
* CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
|
|
1145 |
Miscellaneous memory safety hazards
|
|
1146 |
* CVE-2011-2993 (bmo#657267)
|
|
1147 |
Unsigned scripts can call script inside signed JAR
|
|
1148 |
* CVE-2011-2988 (bmo#665934)
|
|
1149 |
Heap overflow in ANGLE library
|
|
1150 |
* CVE-2011-0084 (bmo#648094)
|
|
1151 |
Crash in SVGTextElement.getCharNumAtPosition()
|
|
1152 |
* CVE-2011-2990
|
|
1153 |
Credential leakage using Content Security Policy reports
|
|
1154 |
* CVE-2011-2986 (bmo#655836)
|
|
1155 |
Cross-origin data theft using canvas and Windows D2D
|
|
1156 |
- removed obsolete curl header dependency (mozilla-curl.patch)
|
|
1157 |
|
|
1158 |
-------------------------------------------------------------------
|
|
1159 |
Fri Jul 22 13:34:12 UTC 2011 - wr@rosenauer.org
|
|
1160 |
|
|
1161 |
- update to 6.0b3
|
|
1162 |
* removed obsolete patches
|
|
1163 |
- firefox-shellservice.patch
|
|
1164 |
- mozilla-gio.patch
|
|
1165 |
- mozilla-ppc-ipc.patch
|
|
1166 |
- firefox-linkorder.patch
|
|
1167 |
- firefox-no-sync-l10n.patch
|
|
1168 |
- recognize linux3 as platform for symbolstore.py
|
|
1169 |
|
|
1170 |
-------------------------------------------------------------------
|
|
1171 |
Fri Jul 1 19:53:18 CEST 2011 - vuntz@opensuse.org
|
|
1172 |
|
|
1173 |
- Add x-scheme-handler/ftp to the MimeType key in the .desktop, to
|
|
1174 |
let desktops know that Firefox can deal with ftp: URIs.
|
|
1175 |
|
|
1176 |
-------------------------------------------------------------------
|
|
1177 |
Fri Jul 1 06:45:08 UTC 2011 - wr@rosenauer.org
|
|
1178 |
|
|
1179 |
- create upstream branding package again (supposedly empty)
|
|
1180 |
(bnc#703401)
|
|
1181 |
- fix build on SLE11 (changes do not affect/are not applied for
|
|
1182 |
later versions)
|
|
1183 |
|
|
1184 |
-------------------------------------------------------------------
|
|
1185 |
Wed Jun 22 06:41:17 UTC 2011 - wr@rosenauer.org
|
|
1186 |
|
|
1187 |
- enable startup notification (bnc#701465)
|
|
1188 |
|
|
1189 |
-------------------------------------------------------------------
|
|
1190 |
Mon Jun 20 19:37:01 UTC 2011 - wr@rosenauer.org
|
|
1191 |
|
|
1192 |
- update to 5.0 final
|
|
1193 |
- included fixes for security issues: (bnc#701296, bnc#700578)
|
|
1194 |
* MFSA 2011-19/CVE-2011-2374 CVE-2011-2375
|
|
1195 |
Miscellaneous memory safety hazards
|
|
1196 |
* MFSA 2011-20/CVE-2011-2373 (bmo#617247)
|
|
1197 |
Use-after-free vulnerability when viewing XUL document with
|
|
1198 |
script disabled
|
|
1199 |
* MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
|
|
1200 |
Memory corruption due to multipart/x-mixed-replace images
|
|
1201 |
* MFSA 2011-22/CVE-2011-2371 (bmo#664009)
|
|
1202 |
Integer overflow and arbitrary code execution in
|
|
1203 |
Array.reduceRight()
|
|
1204 |
* MFSA 2011-25/CVE-2011-2366
|
|
1205 |
Stealing of cross-domain images using WebGL textures
|
|
1206 |
* MFSA 2011-26/CVE-2011-2367 CVE-2011-2368
|
|
1207 |
Multiple WebGL crashes
|
|
1208 |
* MFSA 2011-27/CVE-2011-2369 (bmo#650001)
|
|
1209 |
XSS encoding hazard with inline SVG
|
|
1210 |
* MFSA 2011-28/CVE-2011-2370 (bmo#645699)
|
|
1211 |
Non-whitelisted site can trigger xpinstall
|
|
1212 |
|
|
1213 |
-------------------------------------------------------------------
|
|
1214 |
Mon Jun 20 09:17:42 UTC 2011 - wr@rosenauer.org
|
|
1215 |
|
|
1216 |
- update to 5.0b7
|
|
1217 |
* updated supported locales
|
|
1218 |
- do not build dump_syms static (not needed for us)
|
|
1219 |
-> fix build for openSUSE 12.1 and above
|
|
1220 |
|
|
1221 |
-------------------------------------------------------------------
|
|
1222 |
Wed Jun 15 14:59:32 UTC 2011 - wr@rosenauer.org
|
|
1223 |
|
|
1224 |
- update to 5.0b6
|
|
1225 |
- include proper revision information into the build
|
|
1226 |
- speedier find-external-requires.sh
|
|
1227 |
|
|
1228 |
-------------------------------------------------------------------
|
|
1229 |
Tue May 31 06:53:55 UTC 2011 - wr@rosenauer.org
|
|
1230 |
|
|
1231 |
- update to 5.0b3
|
|
1232 |
- transformed to standalone Firefox (not xulrunner based)
|
|
1233 |
(with new Firefox rapid release cycle it makes no sense anymore)
|
|
1234 |
* imported all relevant xulrunner patches
|
|
1235 |
- do not compile in build timestamp
|
|
1236 |
|
|
1237 |
-------------------------------------------------------------------
|
|
1238 |
Fri Apr 15 07:08:53 UTC 2011 - wr@rosenauer.org
|
|
1239 |
|
|
1240 |
- security update to 4.0.1 (bnc#689281)
|
|
1241 |
* MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0079
|
|
1242 |
CVE-2011-0080 CVE-2011-0081
|
|
1243 |
Miscellaneous memory safety hazards
|
|
1244 |
* MFSA 2011-17/CVE-2011-0068 (bmo#623791)
|
|
1245 |
WebGLES vulnerabilities
|
|
1246 |
* MFSA 2011-18/CVE-2011-1202 (bmo#640339)
|
|
1247 |
XSLT generate-id() function heap address leak
|
|
1248 |
|
|
1249 |
-------------------------------------------------------------------
|
|
1250 |
Wed Mar 30 11:24:36 UTC 2011 - wr@rosenauer.org
|
|
1251 |
|
|
1252 |
- add all available icon sizes
|
|
1253 |
|
|
1254 |
-------------------------------------------------------------------
|
|
1255 |
Tue Mar 29 11:55:53 UTC 2011 - cfarrell@novell.com
|
|
1256 |
|
|
1257 |
- license update: MPLv1.1 or GPLv2+ or LGPLv2+
|
|
1258 |
Sync licenses with Fedora. MPL does not state ^or later^
|
|
1259 |
|
|
1260 |
-------------------------------------------------------------------
|
|
1261 |
Fri Mar 18 08:49:15 UTC 2011 - wr@rosenauer.org
|
|
1262 |
|
|
1263 |
- update to version 4.0rc2
|
|
1264 |
- fixed rpm macros delivered with devel package (bnc#679950)
|
|
1265 |
|
|
1266 |
-------------------------------------------------------------------
|
|
1267 |
Wed Feb 23 07:52:04 UTC 2011 - wr@rosenauer.org
|
|
1268 |
|
|
1269 |
- update to version 4.0b12
|
|
1270 |
- rebased patches
|
|
1271 |
|
|
1272 |
-------------------------------------------------------------------
|
|
1273 |
Fri Feb 4 09:32:50 UTC 2011 - wr@rosenauer.org
|
|
1274 |
|
|
1275 |
- update to version 4.0b11
|
|
1276 |
* loads of bugfixes compared to last beta
|
|
1277 |
* added "Do Not Track" option
|
|
1278 |
- rebased patches
|
|
1279 |
- disable testpilot
|
|
1280 |
|
|
1281 |
-------------------------------------------------------------------
|
|
1282 |
Fri Jan 28 08:56:12 UTC 2011 - wr@rosenauer.org
|
|
1283 |
|
|
1284 |
- set correct desktop file name within KDE for 11.4 and up
|
|
1285 |
- add devel package with macros for extensions (from lnussel@suse.de)
|
|
1286 |
|
|
1287 |
-------------------------------------------------------------------
|
|
1288 |
Sat Jan 22 22:21:52 UTC 2011 - wr@rosenauer.org
|
|
1289 |
|
|
1290 |
- update to version 4.0b10
|
|
1291 |
- removed obsolete firefox-shell-bmo624267.patch
|
|
1292 |
- testpilot moved to distribution/extensions
|
|
1293 |
- updated locale provides and removed bn-IN from locales
|
|
1294 |
|
|
1295 |
-------------------------------------------------------------------
|
|
1296 |
Tue Jan 11 06:13:40 UTC 2011 - wr@rosenauer.org
|
|
1297 |
|
|
1298 |
- update to version 4.0b9
|
|
1299 |
- added x-scheme-handler for http and https to desktop file for
|
|
1300 |
newer Gnome environments
|
|
1301 |
- fixed default browser check/set for GIO (bmo#611953)
|
|
1302 |
(mozilla-shellservice.patch)
|
|
1303 |
- removed obsolete firefox-appname.patch (integrated into
|
|
1304 |
shellservice patch)
|
|
1305 |
- renamed desktop file to firefox.desktop for 11.4 and newer
|
|
1306 |
(bnc#664211)
|
|
1307 |
- removed support for 10.3 and older from the spec file
|
|
1308 |
- removed obsolete "Ximian" categories from desktop file
|
|
1309 |
|
|
1310 |
-------------------------------------------------------------------
|
|
1311 |
Mon Jan 3 17:35:46 CET 2011 - meissner@suse.de
|
|
1312 |
|
|
1313 |
- Mirror ac_add_options --disable-ipc from xulrunner for PowerPC.
|
|
1314 |
|
|
1315 |
-------------------------------------------------------------------
|
|
1316 |
Wed Dec 15 07:49:45 UTC 2010 - wr@rosenauer.org
|
|
1317 |
|
|
1318 |
- update to version 4.0beta8
|
|
1319 |
|
|
1320 |
-------------------------------------------------------------------
|
|
1321 |
Tue Nov 30 14:19:59 UTC 2010 - wr@rosenauer.org
|
|
1322 |
|
|
1323 |
- major update to version 4.0beta7
|
|
1324 |
* based on mozilla-xulrunner20
|
|
1325 |
* far too many internal changes to list
|
|
1326 |
|
|
1327 |
-------------------------------------------------------------------
|
|
1328 |
Wed Oct 27 07:12:14 CEST 2010 - wr@rosenauer.org
|
|
1329 |
|
|
1330 |
- security update to 3.6.12 (bnc#649492)
|
|
1331 |
* MFSA 2010-73/CVE-2010-3765 (bmo#607222)
|
|
1332 |
Heap buffer overflow mixing document.write and DOM insertion
|
|
1333 |
|
|
1334 |
-------------------------------------------------------------------
|
|
1335 |
Wed Oct 6 07:13:52 CEST 2010 - wr@rosenauer.org
|
|
1336 |
|
|
1337 |
- security update to 3.6.11 (bnc#645315)
|
|
1338 |
* MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
|
|
1339 |
Miscellaneous memory safety hazards
|
|
1340 |
* MFSA 2010-65/CVE-2010-3179 (bmo#583077)
|
|
1341 |
Buffer overflow and memory corruption using document.write
|
|
1342 |
* MFSA 2010-66/CVE-2010-3180 (bmo#588929)
|
|
1343 |
Use-after-free error in nsBarProp
|
|
1344 |
* MFSA 2010-67/CVE-2010-3183 (bmo#598669)
|
|
1345 |
Dangling pointer vulnerability in LookupGetterOrSetter
|
|
1346 |
* MFSA 2010-68/CVE-2010-3177 (bmo#556734)
|
|
1347 |
XSS in gopher parser when parsing hrefs
|
|
1348 |
* MFSA 2010-69/CVE-2010-3178 (bmo#576616)
|
|
1349 |
Cross-site information disclosure via modal calls
|
|
1350 |
* MFSA 2010-70/CVE-2010-3170 (bmo#578697)
|
|
1351 |
SSL wildcard certificate matching IP addresses
|
|
1352 |
* MFSA 2010-71/CVE-2010-3182 (bmo#590753)
|
|
1353 |
Unsafe library loading vulnerabilities
|
|
1354 |
* MFSA 2010-72/CVE-2010-3173
|
|
1355 |
Insecure Diffie-Hellman key exchange
|
|
1356 |
|
|
1357 |
-------------------------------------------------------------------
|
|
1358 |
Wed Sep 15 07:39:22 CEST 2010 - wr@rosenauer.org
|
|
1359 |
|
|
1360 |
- update to 3.6.10
|
|
1361 |
* fixing startup topcrash (bmo#594699)
|
|
1362 |
|
|
1363 |
-------------------------------------------------------------------
|
|
1364 |
Thu Aug 26 07:40:28 CEST 2010 - wr@rosenauer.org
|
|
1365 |
|
|
1366 |
- security update to 3.6.9 (bnc#637303)
|
|
1367 |
* MFSA 2010-49/CVE-2010-3169
|
|
1368 |
Miscellaneous memory safety hazards
|
|
1369 |
* MFSA 2010-50/CVE-2010-2765 (bmo#576447)
|
|
1370 |
Frameset integer overflow vulnerability
|
|
1371 |
* MFSA 2010-51/CVE-2010-2767 (bmo#584512)
|
|
1372 |
Dangling pointer vulnerability using DOM plugin array
|
|
1373 |
* MFSA 2010-53/CVE-2010-3166 (bmo#579655)
|
|
1374 |
Heap buffer overflow in nsTextFrameUtils::TransformText
|
|
1375 |
* MFSA 2010-54/CVE-2010-2760 (bmo#585815)
|
|
1376 |
Dangling pointer vulnerability in nsTreeSelection
|
|
1377 |
* MFSA 2010-55/CVE-2010-3168 (bmo#576075)
|
|
1378 |
XUL tree removal crash and remote code execution
|
|
1379 |
* MFSA 2010-56/CVE-2010-3167 (bmo#576070)
|
|
1380 |
Dangling pointer vulnerability in nsTreeContentView
|
|
1381 |
* MFSA 2010-57/CVE-2010-2766 (bmo#580445)
|
|
1382 |
Crash and remote code execution in normalizeDocument
|
|
1383 |
* MFSA 2010-59/CVE-2010-2762 (bmo#584180)
|
|
1384 |
SJOW creates scope chains ending in outer object
|
|
1385 |
* MFSA 2010-61/CVE-2010-2768 (bmo#579744)
|
|
1386 |
UTF-7 XSS by overriding document charset using <object> type
|
|
1387 |
attribute
|
|
1388 |
* MFSA 2010-62/CVE-2010-2769 (bmo#520189)
|
|
1389 |
Copy-and-paste or drag-and-drop into designMode document allows
|
|
1390 |
XSS
|
|
1391 |
* MFSA 2010-63/CVE-2010-2764 (bmo#552090)
|
|
1392 |
Information leak via XMLHttpRequest statusText
|
|
1393 |
|
|
1394 |
-------------------------------------------------------------------
|
|
1395 |
Wed Jul 28 08:33:14 CEST 2010 - meissner@suse.de
|
|
1396 |
|
|
1397 |
- disable crash reporter for non x86/x86_64 to make it build.
|
|
1398 |
|
|
1399 |
-------------------------------------------------------------------
|
|
1400 |
Sat Jul 24 12:42:58 CEST 2010 - wr@rosenauer.org
|
|
1401 |
|
|
1402 |
- security update to 3.6.8 (bnc#622506)
|
|
1403 |
* MFSA 2010-48/CVE-2010-2755 (bmo#575836)
|
|
1404 |
Dangling pointer crash regression from plugin parameter array
|
|
1405 |
fix
|
|
1406 |
|
|
1407 |
-------------------------------------------------------------------
|
|
1408 |
Fri Jul 16 06:48:44 CEST 2010 - wr@rosenauer.org
|
|
1409 |
|
|
1410 |
- security update to 3.6.7 (bnc#622506)
|
|
1411 |
* MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
|
|
1412 |
Miscellaneous memory safety hazards
|
|
1413 |
* MFSA 2010-35/CVE-2010-1208 (bmo#572986)
|
|
1414 |
DOM attribute cloning remote code execution vulnerability
|
|
1415 |
* MFSA 2010-36/CVE-2010-1209 (bmo#552110)
|
|
1416 |
Use-after-free error in NodeIterator
|
|
1417 |
* MFSA 2010-37/CVE-2010-1214 (bmo#572985)
|
|
1418 |
Plugin parameter EnsureCachedAttrParamArrays remote code
|
|
1419 |
execution vulnerability
|
|
1420 |
* MFSA 2010-38/CVE-2010-1215 (bmo#567069)
|
|
1421 |
Arbitrary code execution using SJOW and fast native function
|
|
1422 |
* MFSA 2010-39/CVE-2010-2752 (bmo#574059)
|
|
1423 |
nsCSSValue::Array index integer overflow
|
|
1424 |
* MFSA 2010-40/CVE-2010-2753 (bmo#571106)
|
|
1425 |
nsTreeSelection dangling pointer remote code execution
|
|
1426 |
vulnerability
|
|
1427 |
* MFSA 2010-41/CVE-2010-1205 (bmo#570451)
|
|
1428 |
Remote code execution using malformed PNG image
|
|
1429 |
* MFSA 2010-42/CVE-2010-1213 (bmo#568148)
|
|
1430 |
Cross-origin data disclosure via Web Workers and importScripts
|
|
1431 |
* MFSA 2010-43/CVE-2010-1207 (bmo#571287)
|
|
1432 |
Same-origin bypass using canvas context
|
|
1433 |
* MFSA 2010-44/CVE-2010-1210 (bmo#564679)
|
|
1434 |
Characters mapped to U+FFFD in 8 bit encodings cause subsequent
|
|
1435 |
character to vanish
|
|
1436 |
* MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
|
|
1437 |
Multiple location bar spoofing vulnerabilities
|
|
1438 |
* MFSA 2010-46/CVE-2010-0654 (bmo#524223)
|
|
1439 |
Cross-domain data theft using CSS
|
|
1440 |
* MFSA 2010-47/CVE-2010-2754 (bmo#568564)
|
|
1441 |
Cross-origin data leakage from script filename in error messages
|
|
1442 |
|
|
1443 |
-------------------------------------------------------------------
|
|
1444 |
Sun Jun 27 20:24:31 CEST 2010 - wr@rosenauer.org
|
|
1445 |
|
|
1446 |
- update to 3.6.6 release
|
|
1447 |
* modifies the crash protection feature to increase the amount
|
|
1448 |
of time that plugins are allowed to be non-responsive before
|
|
1449 |
being terminated.
|
|
1450 |
|
|
1451 |
-------------------------------------------------------------------
|
|
1452 |
Wed Jun 23 14:40:35 CEST 2010 - wr@rosenauer.org
|
|
1453 |
|
|
1454 |
- update to final 3.6.4 release (bnc#603356)
|
|
1455 |
* MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/
|
|
1456 |
CVE-2010-1203
|
|
1457 |
Crashes with evidence of memory corruption (rv:1.9.2.4)
|
|
1458 |
* MFSA 2010-28/CVE-2010-1198 (bmo#532246)
|
|
1459 |
Freed object reuse across plugin instances
|
|
1460 |
* MFSA 2010-29/CVE-2010-1196 (bmo#534666)
|
|
1461 |
Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
|
|
1462 |
* MFSA 2010-30/CVE-2010-1199 (bmo#554255)
|
|
1463 |
Integer Overflow in XSLT Node Sorting
|
|
1464 |
* MFSA 2010-31/CVE-2010-1125 (bmo#552255)
|
|
1465 |
focus() behavior can be used to inject or steal keystrokes
|
|
1466 |
* MFSA 2010-32/CVE-2010-1197 (bmo#537120)
|
|
1467 |
Content-Disposition: attachment ignored if
|
|
1468 |
Content-Type: multipart also present
|
|
1469 |
* MFSA 2010-33/CVE-2008-5913 (bmo#475585)
|
|
1470 |
User tracking across sites using Math.random()
|
|
1471 |
|
|
1472 |
-------------------------------------------------------------------
|
|
1473 |
Mon Jun 7 07:07:33 CEST 2010 - wr@rosenauer.org
|
|
1474 |
|
|
1475 |
- update to 3.6.4(build6)
|
|
1476 |
|
|
1477 |
-------------------------------------------------------------------
|
|
1478 |
Sun Apr 18 09:42:40 CEST 2010 - wr@rosenauer.org
|
|
1479 |
|
|
1480 |
- security update to 3.6.4 (Lorentz)
|
|
1481 |
* enable crashreporter also for x86-64
|
|
1482 |
* Flash runs in a separate process to avoid crashing Firefox
|
|
1483 |
(ix86 only; x86-64 still uses nspluginwrapper)
|
|
1484 |
|
|
1485 |
-------------------------------------------------------------------
|
|
1486 |
Thu Apr 1 11:15:38 UTC 2010 - wr@rosenauer.org
|
|
1487 |
|
|
1488 |
- security update to 3.6.3
|
|
1489 |
* MFSA 2010-25/CVE-2010-1121 (bmo#555109)
|
|
1490 |
Re-use of freed object due to scope confusion
|
|
1491 |
|
|
1492 |
-------------------------------------------------------------------
|
|
1493 |
Thu Mar 18 06:43:33 CET 2010 - wr@rosenauer.org
|
|
1494 |
|
|
1495 |
- security update to version 3.6.2 (bnc#586567)
|
|
1496 |
* MFSA 2010-08/CVE-2010-1028
|
|
1497 |
WOFF heap corruption due to integer overflow
|
|
1498 |
* MFSA 2010-09/CVE-2010-0164 (bmo#547143)
|
|
1499 |
Deleted frame reuse in multipart/x-mixed-replace image
|
|
1500 |
* MFSA 2010-10/CVE-2010-0170 (bmo#541530)
|
|
1501 |
XSS via plugins and unprotected Location object
|
|
1502 |
* MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167
|
|
1503 |
Crashes with evidence of memory corruption
|
|
1504 |
* MFSA 2010-12/CVE-2010-0171 (bmo#531364)
|
|
1505 |
XSS using addEventListener and setTimeout on a wrapped object
|
|
1506 |
* MFSA 2010-13/CVE-2010-0168 (bmo#540642)
|
|
1507 |
Content policy bypass with image preloading
|
|
1508 |
* MFSA 2010-14/CVE-2010-0169 (bmo#535806)
|
|
1509 |
Browser chrome defacement via cached XUL stylesheets
|
|
1510 |
* MFSA 2010-15/CVE-2010-0172 (bmo#537862)
|
|
1511 |
Asynchronous Auth Prompt attaches to wrong window
|
|
1512 |
* MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
|
|
1513 |
Crashes with evidence of memory corruption
|
|
1514 |
* MFSA 2010-18/CVE-2010-0176 (bmo#538308)
|
|
1515 |
Dangling pointer vulnerability in nsTreeContentView
|
|
1516 |
* MFSA 2010-19/CVE-2010-0177 (bmo#538310)
|
|
1517 |
Dangling pointer vulnerability in nsPluginArray
|
|
1518 |
* MFSA 2010-20/CVE-2010-0178 (bmo#546909)
|
|
1519 |
Chrome privilege escalation via forced URL drag and drop
|
|
1520 |
* MFSA 2010-22/CVE-2009-3555 (bmo#545755)
|
|
1521 |
Update NSS to support TLS renegotiation indication
|
|
1522 |
* MFSA 2010-23/CVE-2010-0181 (bmo#452093)
|
|
1523 |
Image src redirect to mailto: URL opens email editor
|
|
1524 |
* MFSA 2010-24/CVE-2010-0182 (bmo#490790)
|
|
1525 |
XMLDocument::load() doesn't check nsIContentPolicy
|
|
1526 |
|
|
1527 |
-------------------------------------------------------------------
|
|
1528 |
Mon Jan 18 09:42:50 CET 2010 - wr@rosenauer.org
|
|
1529 |
|
|
1530 |
- update to 3.6rc2 (already named 3.6.0)
|
|
1531 |
- removed obsolete orbit-devel build requirement
|
|
1532 |
|
|
1533 |
-------------------------------------------------------------------
|
|
1534 |
Wed Jan 6 17:15:40 CET 2010 - wr@rosenauer.org
|
|
1535 |
|
|
1536 |
- major update to 3.6rc1
|
|
1537 |
|
|
1538 |
-------------------------------------------------------------------
|
|
1539 |
Fri Dec 25 09:39:42 CET 2009 - wr@rosenauer.org
|
|
1540 |
|
|
1541 |
- update to version 3.5.7 (bnc#568011)
|
|
1542 |
* DNS resolution in MakeSN of nsAuthSSPI causing issues for
|
|
1543 |
proxy servers that support NTLM auth (bmo#535193)
|
|
1544 |
- added missing lockdown preferences (bnc#567131)
|
|
1545 |
|
|
1546 |
-------------------------------------------------------------------
|
|
1547 |
Thu Dec 17 20:06:38 CET 2009 - wr@rosenauer.org
|
|
1548 |
|
|
1549 |
- readded firefox-ui-lockdown.patch (bnc#546158)
|
|
1550 |
|
|
1551 |
-------------------------------------------------------------------
|
|
1552 |
Thu Dec 3 21:53:59 CET 2009 - wr@rosenauer.org
|
|
1553 |
|
|
1554 |
- security update to version 3.5.6 (bnc#559807)
|
|
1555 |
* MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982
|
|
1556 |
Crashes with evidence of memory corruption (rv:1.9.1.6)
|
|
1557 |
* MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816)
|
|
1558 |
Memory safety fixes in liboggplay media library
|
|
1559 |
* MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613)
|
|
1560 |
Integer overflow, crash in libtheora video library
|
|
1561 |
* MFSA 2009-68/CVE-2009-3983 (bmo#487872)
|
|
1562 |
NTLM reflection vulnerability
|
|
1563 |
* MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232)
|
|
1564 |
Location bar spoofing vulnerabilities
|
|
1565 |
* MFSA 2009-70/VE-2009-3986 (bmo#522430)
|
|
1566 |
Privilege escalation via chrome window.opener
|
|
1567 |
- fixed firefox-browser-css.patch (bnc#561027)
|
|
1568 |
|
|
1569 |
-------------------------------------------------------------------
|
|
1570 |
Mon Nov 23 22:31:21 CET 2009 - wr@rosenauer.org
|
|
1571 |
|
|
1572 |
- rebased patches for fuzz=0
|
|
1573 |
|
|
1574 |
-------------------------------------------------------------------
|
|
1575 |
Thu Nov 5 19:49:33 UTC 2009 - wr@rosenauer.org
|
|
1576 |
|
|
1577 |
- update to version 3.5.5 (bnc#553172)
|
|
1578 |
|
|
1579 |
-------------------------------------------------------------------
|
|
1580 |
Sat Oct 17 23:19:23 CEST 2009 - wr@rosenauer.org
|
|
1581 |
|
|
1582 |
- security update to version 3.5.4 (bnc#545277)
|
|
1583 |
* MFSA 2009-52/CVE-2009-3370 (bmo#511615)
|
|
1584 |
Form history vulnerable to stealing
|
|
1585 |
* MFSA 2009-53/CVE-2009-3274 (bmo#514823)
|
|
1586 |
Local downloaded file tampering
|
|
1587 |
* MFSA 2009-54/CVE-2009-3371 (bmo#514554)
|
|
1588 |
Crash with recursive web-worker calls
|
|
1589 |
* MFSA 2009-55/CVE-2009-3372 (bmo#500644)
|
|
1590 |
Crash in proxy auto-configuration regexp parsing
|
|
1591 |
* MFSA 2009-56/CVE-2009-3373 (bmo#511689)
|
|
1592 |
Heap buffer overflow in GIF color map parser
|
|
1593 |
* MFSA 2009-57/CVE-2009-3374 (bmo#505988)
|
|
1594 |
Chrome privilege escalation in XPCVariant::VariantDataToJS()
|
|
1595 |
* MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862)
|
|
1596 |
Heap buffer overflow in string to number conversion
|
|
1597 |
* MFSA 2009-61/CVE-2009-3375 (bmo#503226)
|
|
1598 |
Cross-origin data theft through document.getSelection()
|
|
1599 |
* MFSA 2009-62/CVE-2009-3376 (bmo#511521)
|
|
1600 |
Download filename spoofing with RTL override
|
|
1601 |
* MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378
|
|
1602 |
Upgrade media libraries to fix memory safety bugs
|
|
1603 |
* MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383
|
|
1604 |
Crashes with evidence of memory corruption
|
|
1605 |
- removed upstreamed patch
|
|
1606 |
* firefox-bug506901.patch
|
|
1607 |
|
|
1608 |
-------------------------------------------------------------------
|
|
1609 |
Wed Oct 7 20:11:24 CEST 2009 - llunak@novell.com
|
|
1610 |
|
|
1611 |
- fix KDE button order in one more place (bnc#170055)
|
|
1612 |
|
|
1613 |
-------------------------------------------------------------------
|
|
1614 |
Fri Oct 2 20:26:49 CEST 2009 - wr@rosenauer.org
|
|
1615 |
|
|
1616 |
- improve UI colors to be usable with dark themes at all
|
|
1617 |
(firefox-browser-css.patch) (bnc#503351)
|
|
1618 |
- extend list of supported architectures as ABI identifier
|
|
1619 |
(mozilla-abi.patch) (bnc#543460)
|
|
1620 |
|
|
1621 |
-------------------------------------------------------------------
|
|
1622 |
Mon Sep 14 00:07:55 CEST 2009 - wr@rosenauer.org
|
|
1623 |
|
|
1624 |
- added KDE integration patch from llunak@novell.com
|
|
1625 |
(firefox-kde.patch)
|
|
1626 |
* support for knotify, making -kde4-addon obsolete
|
|
1627 |
* KDE-specific support functional (bnc#170055)
|
|
1628 |
- do not build libnkgnomevfs (bmo#512671) (firefox-no-gnomevfs)
|
|
1629 |
|
|
1630 |
-------------------------------------------------------------------
|
|
1631 |
Thu Sep 10 09:34:26 CEST 2009 - wr@rosenauer.org
|
|
1632 |
|
|
1633 |
- security update to version 3.5.3 (bnc#534458)
|
|
1634 |
* MFSA 2009-47/CVE-2009-3069/CVE-2009-3070/CVE-2009-3071/
|
|
1635 |
CVE-2009-3072/CVE-2009-3073/CVE-2009-3074/CVE-2009-3075
|
|
1636 |
Crashes with evidence of memory corruption
|
|
1637 |
* MFSA 2009-49/CVE-2009-3077 (bmo#506871)
|
|
1638 |
TreeColumns dangling pointer vulnerability
|
|
1639 |
* MFSA 2009-50/CVE-2009-3078 (bmo#453827)
|
|
1640 |
Location bar spoofing via tall line-height Unicode characters
|
|
1641 |
* MFSA 2009-51/CVE-2009-3079 (bmo#454363)
|
|
1642 |
Chrome privilege escalation with FeedWriter
|
|
1643 |
|
|
1644 |
-------------------------------------------------------------------
|
|
1645 |
Wed Aug 19 22:14:07 CEST 2009 - wr@rosenauer.org
|
|
1646 |
|
|
1647 |
- renamed patch firefox-contextmenu-gnome to firefox-cross-desktop
|
|
1648 |
as it contains more tweaks to handle non-Gnome environments and
|
|
1649 |
especially KDE integration:
|
|
1650 |
* added the ability to set the KDE default browser
|
|
1651 |
(still part of bnc#170055)
|
|
1652 |
|
|
1653 |
-------------------------------------------------------------------
|
|
1654 |
Sat Aug 8 00:14:18 CEST 2009 - wr@rosenauer.org
|
|
1655 |
|
|
1656 |
- split -translations package into -common and -other
|
|
1657 |
(bnc#529180)
|
|
1658 |
- remove "set as background" from context menu if not running in
|
|
1659 |
Gnome (part of bnc#170055)
|
|
1660 |
|
|
1661 |
-------------------------------------------------------------------
|
|
1662 |
Fri Jul 31 09:01:57 CEST 2009 - wr@rosenauer.org
|
|
1663 |
|
|
1664 |
- security update to version 3.5.2
|
|
1665 |
* MFSA 2009-38/CVE-2009-2470 (bmo#459524)
|
|
1666 |
Data corruption with SOCKS5 reply containing DNS name longer
|
|
1667 |
than 15 characters
|
|
1668 |
* MFSA 2009-44/CVE-2009-2654 (bmo#451898)
|
|
1669 |
Location bar and SSL indicator spoofing via window.open() on
|
|
1670 |
invalid URL
|
|
1671 |
* MFSA 2009-45
|
|
1672 |
Crashes with evidence of memory corruption
|
|
1673 |
* MFSA 2009-46 (bmo#498897)
|
|
1674 |
Chrome privilege escalation due to incorrectly cached wrapper
|
|
1675 |
* various other stability fixes
|
|
1676 |
- export MOZ_APP_LAUNCHER in the startscript (bmo#453689)
|
|
1677 |
|
|
1678 |
-------------------------------------------------------------------
|
|
1679 |
Tue Jul 28 14:54:46 CEST 2009 - wr@rosenauer.org
|
|
1680 |
|
|
1681 |
- fixed %exclude usage
|
|
1682 |
- fixed preferences' advanced pane for fresh profiles (bmo#506901)
|
|
1683 |
|
|
1684 |
-------------------------------------------------------------------
|
|
1685 |
Wed Jul 15 20:13:19 CEST 2009 - wr@rosenauer.org
|
|
1686 |
|
|
1687 |
- security update to version 3.5.1
|
|
1688 |
* MFSA 2009-41
|
|
1689 |
Corrupt JIT state after deep return from native function
|
|
1690 |
|
|
1691 |
-------------------------------------------------------------------
|
|
1692 |
Mon Jul 6 12:33:47 CEST 2009 - wr@rosenauer.org
|
|
1693 |
|
|
1694 |
- added mozilla-linkorder.patch to fix build with --as-needed
|
|
1695 |
|
|
1696 |
-------------------------------------------------------------------
|
|
1697 |
Tue Jun 30 08:52:00 CEST 2009 - wr@rosenauer.org
|
|
1698 |
|
|
1699 |
- update to final version 3.5 (20090623)
|
|
1700 |
|
|
1701 |
-------------------------------------------------------------------
|
|
1702 |
Tue Jun 23 09:39:50 CEST 2009 - wr@rosenauer.org
|
|
1703 |
|
|
1704 |
- fixed build by linking to a real file
|
|
1705 |
|
|
1706 |
-------------------------------------------------------------------
|
|
1707 |
Thu Jun 18 10:19:40 CEST 2009 - wr@rosenauer.org
|
|
1708 |
|
|
1709 |
- update to version 3.5rc2 (20090617)
|
|
1710 |
- BuildRequire mozilla-xulrunner191 = 1.9.1.0
|
|
1711 |
|
|
1712 |
-------------------------------------------------------------------
|
|
1713 |
Sat Jun 6 15:59:02 CEST 2009 - wr@rosenauer.org
|
|
1714 |
|
|
1715 |
- update to version 3.5b99 (20090604)
|
|
1716 |
- BuildRequire mozilla-xulrunner191 = 1.9.1b99
|
|
1717 |
|
|
1718 |
-------------------------------------------------------------------
|
|
1719 |
Wed May 27 08:03:16 CEST 2009 - wr@rosenauer.org
|
|
1720 |
|
|
1721 |
- fixed typos in improved xulrunner dependencies
|
|
1722 |
|
|
1723 |
-------------------------------------------------------------------
|
|
1724 |
Mon May 11 18:25:12 CEST 2009 - wr@rosenauer.org
|
|
1725 |
|
|
1726 |
- use non-localized Downloads folder (bnc#501724)
|
|
1727 |
|
|
1728 |
-------------------------------------------------------------------
|
|
1729 |
Mon May 4 07:57:50 CEST 2009 - wr@rosenauer.org
|
|
1730 |
|
|
1731 |
- update to new major version 3.5b4
|
|
1732 |
* based on Gecko 1.9.1 (mozilla-xulrunner191)
|
|
1733 |
* Private Browsing Mode
|
|
1734 |
* TraceMonkey JavaScript engine
|
|
1735 |
* Geolocation support
|
|
1736 |
* native JSON and web worker threads support
|
|
1737 |
* speculative parsing for faster content rendering
|
|
1738 |
* Some HTML5 support
|
|
1739 |
- updated firefox.schemas
|
|
1740 |
- improved firefox-no-update.patch
|
|
1741 |
|
|
1742 |
-------------------------------------------------------------------
|
|
1743 |
Tue Apr 28 10:47:54 CEST 2009 - wr@rosenauer.org
|
|
1744 |
|
|
1745 |
- security update to 3.0.10
|
|
1746 |
* MFSA 2009-23/CVE-2009-1313 (bmo#489647)
|
|
1747 |
Crash in nsTextFrame::ClearTextRun()
|
|
1748 |
|
|
1749 |
-------------------------------------------------------------------
|
|
1750 |
Thu Apr 16 13:52:21 CEST 2009 - wr@rosenauer.org
|
|
1751 |
|
|
1752 |
- security update to 3.0.9 (bnc#495473)
|
|
1753 |
* MFSA 2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304/CVE-2009-1305
|
|
1754 |
Crashes with evidence of memory corruption (rv:1.9.0.9)
|
|
1755 |
* MFSA 2009-15/CVE-2009-0652 (bmo#479336)
|
|
1756 |
URL spoofing with box drawing character
|
|
1757 |
* MFSA 2009-16/CVE-2009-1306 (bmo#474536)
|
|
1758 |
jar: scheme ignores the content-disposition: header on the
|
|
1759 |
inner URI
|
|
1760 |
* MFSA 2009-17/CVE-2009-1307 (bmo#481342)
|
|
1761 |
Same-origin violations when Adobe Flash loaded via
|
|
1762 |
view-source: scheme
|
|
1763 |
* MFSA 2009-18/CVE-2009-1308 (bmo#481558)
|
|
1764 |
XSS hazard using third-party stylesheets and XBL bindings
|
|
1765 |
* MFSA 2009-19/CVE-2009-1309 (bmo#482206,478433)
|
|
1766 |
Same-origin violations in XMLHttpRequest and
|
|
1767 |
XPCNativeWrapper.toString
|
|
1768 |
* MFSA 2009-20/CVE-2009-1310 (bmo#483086)
|
|
1769 |
Malicious search plugins can inject code into arbitrary sites
|
|
1770 |
* MFSA 2009-21/CVE-2009-1311 (bmo#471962)
|
|
1771 |
POST data sent to wrong site when saving web page with
|
|
1772 |
embedded frame
|
|
1773 |
* MFSA 2009-22/CVE-2009-1312 (bmo#475636)
|
|
1774 |
Firefox allows Refresh header to redirect to javascript: URIs
|
|
1775 |
|
|
1776 |
-------------------------------------------------------------------
|
|
1777 |
Fri Mar 27 09:43:43 CET 2009 - wr@rosenauer.org
|
|
1778 |
|
|
1779 |
- security update to 1.9.0.8 (bnc#488955,489411)
|
|
1780 |
* MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217)
|
|
1781 |
Crash and remote code execution in XSL transformation
|
|
1782 |
* MFSA 2009-13/CVE-2009-1044 (bmo#484320)
|
|
1783 |
Arbitrary code execution via XUL tree moveToEdgeShift
|
|
1784 |
- allow RPM provides for stuff besides shared libraries
|
|
1785 |
(e.g. mime-types)
|
|
1786 |
|
|
1787 |
-------------------------------------------------------------------
|
|
1788 |
Sun Mar 1 11:08:58 CET 2009 - wr@rosenauer.org
|
|
1789 |
|
|
1790 |
- security update to 3.0.7 (bnc#478625)
|
|
1791 |
* MFSA 2009-07 - Crashes with evidence of memory corruption
|
|
1792 |
CVE-2009-0771 - Layout Engine Crashes
|
|
1793 |
CVE-2009-0772 - Layout Engine Crashes
|
|
1794 |
CVE-2009-0773 - crashes in the JavaScript engine
|
|
1795 |
CVE-2009-0774 - Layout Engine Crashes
|
|
1796 |
* MFSA 2009-08/CVE-2009-0775 - (bmo#474456)
|
|
1797 |
Mozilla Firefox XUL Linked Clones Double Free Vulnerability
|
|
1798 |
* MFSA 2009-09/CVE-2009-0776 (bmo#414540)
|
|
1799 |
XML data theft via RDFXMLDataSource and cross-domain redirect
|
|
1800 |
* MFSA 2009-10/CVE-2009-0040 (bmo#478901)
|
|
1801 |
Upgrade PNG library to fix memory safety hazards
|
|
1802 |
* MFSA 2009-11/CVE-2009-0777 (bmo#452979)
|
|
1803 |
URL spoofing with invisible control characters
|
|
1804 |
|
|
1805 |
-------------------------------------------------------------------
|
|
1806 |
Wed Feb 4 18:58:59 EST 2009 - hfiguiere@suse.de
|
|
1807 |
|
|
1808 |
- Review and approve changes.
|
|
1809 |
|
|
1810 |
-------------------------------------------------------------------
|
|
1811 |
Wed Jan 28 13:48:00 CET 2009 - wr@rosenauer.org
|
|
1812 |
|
|
1813 |
- security update to 3.0.6 (bnc#470074)
|
|
1814 |
* MFSA 2009-06/CVE-2009-0358: Directives to not cache pages ignored
|
|
1815 |
(bmo#441751)
|
|
1816 |
* MFSA 2009-05/CVE-2009-0357: XMLHttpRequest allows reading
|
|
1817 |
HTTPOnly cookies (bmo#380418)
|
|
1818 |
* MFSA 2009-04/CVE-2009-0356: Chrome privilege escalation via
|
|
1819 |
local .desktop files (bmo#460425)
|
|
1820 |
* MFSA 2009-03/CVE-2009-0355: Local file stealing with SessionStore
|
|
1821 |
(bmo#466937)
|
|
1822 |
* MFSA 2009-02/CVE-2009-0354: XSS using a chrome XBL method
|
|
1823 |
and window.eval (bmo#468581)
|
|
1824 |
* MFSA 2009-01/CVE-2009-0352 - CVE-2009-0353: Crashes with
|
|
1825 |
evidence of memory corruption (rv:1.9.0.6) (bmo#452913,
|
|
1826 |
bmo#449006, bmo#331088, bmo#401042, bmo#416461, bmo#422283,
|
|
1827 |
bmo#422301, bmo#431705, bmo#437142, bmo#421839, bmo#420697,
|
|
1828 |
bmo#461027)
|
|
1829 |
* (non security) added lv locale
|
|
1830 |
|
|
1831 |
-------------------------------------------------------------------
|
|
1832 |
Thu Jan 22 11:09:42 EST 2009 - hfiguiere@suse.de
|
|
1833 |
|
|
1834 |
- Fix the wrapper script for PowerPC 64-bits (bnc#464753)
|
|
1835 |
|
|
1836 |
-------------------------------------------------------------------
|
|
1837 |
Wed Dec 17 13:13:25 EST 2008 - hfiguiere@suse.de
|
|
1838 |
|
|
1839 |
- Review and approve changes.
|
|
1840 |
|
|
1841 |
-------------------------------------------------------------------
|
|
1842 |
Mon Dec 15 16:41:57 CET 2008 - wr@rosenauer.org
|
|
1843 |
|
|
1844 |
- security update to 1.9.0.5 (bnc#455804)
|
|
1845 |
for details
|
|
1846 |
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
|
|
1847 |
* removed aboutRights workaround again
|
|
1848 |
* added et locale
|
|
1849 |
|
|
1850 |
-------------------------------------------------------------------
|
|
1851 |
Tue Nov 25 10:14:45 EST 2008 - hfiguiere@suse.de
|
|
1852 |
|
|
1853 |
- Review and approve changes.
|
|
1854 |
|
|
1855 |
-------------------------------------------------------------------
|
|
1856 |
Sat Nov 22 13:26:03 CET 2008 - wr@rosenauer.org
|
|
1857 |
|
|
1858 |
- replace license agreement with about:rights toolbar
|
|
1859 |
(backported from upcoming FF 3.0.5) (bnc#436054, bmo#456439)
|
|
1860 |
(it's always displayed in en-US)
|
|
1861 |
|
|
1862 |
-------------------------------------------------------------------
|
|
1863 |
Fri Nov 21 03:11:41 EST 2008 - hfiguiere@suse.de
|
|
1864 |
|
|
1865 |
- Update firefox-lockdown-ui.patch
|
|
1866 |
* Print Setup is now properly locked down. bnc#431028
|
|
1867 |
* Bookmark editing it now properly locked down. bnc#439335
|
|
1868 |
* Bookmars are properly hidden.
|
|
1869 |
* History is properly locked down. bnc#439343
|
|
1870 |
* Make sure the search bar is not put back when resetting the
|
|
1871 |
toolbar. bnc#439358
|
|
1872 |
|
|
1873 |
-------------------------------------------------------------------
|
|
1874 |
Thu Nov 20 18:49:19 CST 2008 - maw@suse.de
|
|
1875 |
|
|
1876 |
- Review and approve changes.
|
|
1877 |
|
|
1878 |
-------------------------------------------------------------------
|
|
1879 |
Thu Nov 13 08:22:13 CET 2008 - wr@rosenauer.org
|
|
1880 |
|
|
1881 |
- lockdown cleanup
|
|
1882 |
* removed gecko-lockdown.patch from Firefox (it's in xulrunner)
|
|
1883 |
* stripped out some toolkit stuff from firefox-ui-lockdown
|
|
1884 |
* added extra default preferences for lockdown
|
|
1885 |
|
|
1886 |
-------------------------------------------------------------------
|
|
1887 |
Wed Nov 12 17:55:19 CST 2008 - maw@suse.de
|
|
1888 |
|
|
1889 |
- Review and approve changes.
|
|
1890 |
|
|
1891 |
-------------------------------------------------------------------
|
|
1892 |
Tue Nov 11 09:15:59 CET 2008 - wr@rosenauer.org
|
|
1893 |
|
|
1894 |
- update to security/maintenance release 3.0.4 (bnc#439841)
|
|
1895 |
* support additional locales (bg, cy, eo, oc)
|
|
1896 |
- removed obsolete configure option (enable-gconf)
|
|
1897 |
|
|
1898 |
-------------------------------------------------------------------
|
|
1899 |
Fri Nov 7 15:39:54 CST 2008 - maw@suse.de
|
|
1900 |
|
|
1901 |
- Review and approve changes.
|
|
1902 |
|
|
1903 |
-------------------------------------------------------------------
|
|
1904 |
Tue Nov 4 23:27:03 CET 2008 - wr@rosenauer.org
|
|
1905 |
|
|
1906 |
- moved gconf schema into branding packages (bnc#441646)
|
|
1907 |
|
|
1908 |
-------------------------------------------------------------------
|
|
1909 |
Tue Oct 28 16:16:14 EDT 2008 - hfiguiere@suse.de
|
|
1910 |
|
|
1911 |
- Fix missing %endif (for fix for bnc#434283)
|
|
1912 |
|
|
1913 |
-------------------------------------------------------------------
|
|
1914 |
Mon Oct 27 17:05:02 EDT 2008 - hfiguiere@suse.de
|
|
1915 |
|
|
1916 |
- Add disable_show_passwords to firefox.schemas. (FATE #301534)
|
|
1917 |
|
|
1918 |
-------------------------------------------------------------------
|
|
1919 |
Mon Oct 27 11:57:29 CET 2008 - wr@rosenauer.org
|
|
1920 |
|
|
1921 |
- make biarch dependencies work correctly (bnc#434283)
|
|
1922 |
|
|
1923 |
-------------------------------------------------------------------
|
|
1924 |
Thu Oct 23 10:14:22 EDT 2008 - hfiguiere@suse.de
|
|
1925 |
|
|
1926 |
- Added firefox-ui-lockdown.patch and gecko-lockdown.patch
|
|
1927 |
* Lockdown: FATE#302023, FATE#302024
|
|
1928 |
|
|
1929 |
-------------------------------------------------------------------
|
|
1930 |
Mon Oct 6 14:55:48 CEST 2008 - sbrabec@suse.cz
|
|
1931 |
|
|
1932 |
- Conflict with other branding providers (FATE#304881).
|
|
1933 |
|
|
1934 |
-------------------------------------------------------------------
|
|
1935 |
Mon Sep 29 12:27:43 CDT 2008 - maw@suse.de
|
|
1936 |
|
|
1937 |
- Review and approve changes.
|
|
1938 |
|
|
1939 |
-------------------------------------------------------------------
|
|
1940 |
Mon Sep 29 11:36:30 CDT 2008 - maw@suse.de
|
|
1941 |
|
|
1942 |
- Remove a reference to a stale patch.
|
|
1943 |
|
|
1944 |
-------------------------------------------------------------------
|
|
1945 |
Sun Sep 28 18:19:26 CEST 2008 - wr@rosenauer.org
|
|
1946 |
|
|
1947 |
- update to regression fix release 3.0.3
|
|
1948 |
* Fixed a problem where users were unable to retrieve saved
|
|
1949 |
passwords or save new passwords (bmo#454708, bnc#429179#c20,
|
|
1950 |
CVE-2008-4063, CVE-2008-4064, CVE-2008-3836, andCVE-2008-4070)
|
|
1951 |
|
|
1952 |
-------------------------------------------------------------------
|
|
1953 |
Thu Sep 25 14:47:13 CDT 2008 - maw@suse.de
|
|
1954 |
|
|
1955 |
- Review and approve changes.
|
|
1956 |
|
|
1957 |
-------------------------------------------------------------------
|
|
1958 |
Mon Sep 15 13:45:16 CEST 2008 - wr@rosenauer.org
|
|
1959 |
|
|
1960 |
- update to security/maintenance release 3.0.2 (bnc#429179)
|
|
1961 |
- removed unused files from sources
|
|
1962 |
- fix more rpmlint complaints and provide a config file to filter
|
|
1963 |
false positives
|
|
1964 |
- disable Gnome crashreporter as it has no value
|
|
1965 |
- brought man-page up to date for the firefox stub
|
|
1966 |
(removing firefox-bin reference)
|
|
1967 |
- en-US locale not longer packaged in translations subpackage
|
|
1968 |
|
|
1969 |
-------------------------------------------------------------------
|
|
1970 |
Fri Aug 15 18:56:26 CDT 2008 - maw@novell.com
|
|
1971 |
|
|
1972 |
- Review and approve changes.
|
|
1973 |
|
|
1974 |
-------------------------------------------------------------------
|
|
1975 |
Mon Aug 4 09:26:05 CEST 2008 - wr@rosenauer.org
|
|
1976 |
|
|
1977 |
- Tweak branding split
|
|
1978 |
|
|
1979 |
-------------------------------------------------------------------
|
|
1980 |
Tue Jul 29 15:02:47 CEST 2008 - vuntz@novell.com
|
|
1981 |
|
|
1982 |
- Create branding package (bnc#390752):
|
|
1983 |
+ search-addons.tar.bz2, bookmarks.html.suse and
|
|
1984 |
firefox-suse-default-prefs.js will be moved to
|
|
1985 |
MozillaFirefox-branding-openSUSE
|
|
1986 |
+ create a MozillaFirefox-branding-upstream package
|
|
1987 |
|
|
1988 |
-------------------------------------------------------------------
|
|
1989 |
Mon Jul 28 20:54:22 CEST 2008 - mauro@suse.de
|
|
1990 |
|
|
1991 |
- Update to stability/security release 3.0.1 (bnc#407573)
|
|
1992 |
(thanks, Wolfgang)
|
|
1993 |
+ MFSA 2008-36 Crash with malformed GIF file on Mac OS X
|
|
1994 |
+ MFSA 2008-35 Command-line URLs launch multiple tabs when
|
|
1995 |
Firefox not running
|
|
1996 |
+ MFSA 2008-34 Remote code execution by overflowing CSS reference counter
|
|
1997 |
- Set browser.shell.checkDefaultBrowser to true (bnc#404119)
|
|
1998 |
|
|
1999 |
-------------------------------------------------------------------
|
|
2000 |
Tue Jun 17 18:49:33 CEST 2008 - maw@suse.de
|
|
2001 |
|
|
2002 |
- Merge changes from the build service (thanks, Wolfgang)
|
|
2003 |
(bnc#400001 and SWAMP#18164).
|
|
2004 |
|
|
2005 |
-------------------------------------------------------------------
|
|
2006 |
Tue Jun 17 14:40:04 CEST 2008 - wr@rosenauer.org
|
|
2007 |
|
|
2008 |
- update to version 3.0
|
|
2009 |
- fixed double entry in bookmarks for www.opensuse.org (bnc#396980
|
|
2010 |
|
|
2011 |
-------------------------------------------------------------------
|
|
2012 |
Thu May 15 13:45:51 CEST 2008 - aj@suse.de
|
|
2013 |
|
|
2014 |
- Add Planet SUSE, forums.o.o and How to participate to default
|
|
2015 |
URLs.
|
|
2016 |
|
|
2017 |
-------------------------------------------------------------------
|
|
2018 |
Fri May 2 16:25:24 CEST 2008 - maw@suse.de
|
|
2019 |
|
|
2020 |
- network.protocol-handler.app.* prefs are no longer supported;
|
|
2021 |
remove references to them from firefox-suse-default-prefs.js
|
|
2022 |
(bnc#383697).
|
|
2023 |
|
|
2024 |
-------------------------------------------------------------------
|
|
2025 |
Thu Apr 3 01:42:34 CEST 2008 - maw@suse.de
|
|
2026 |
|
|
2027 |
- Update to Firefox 3.0b5 (2.9.95) (thanks, Wolfgang).
|
|
2028 |
|
|
2029 |
-------------------------------------------------------------------
|
|
2030 |
Wed Mar 26 01:05:18 CET 2008 - maw@suse.de
|
|
2031 |
|
|
2032 |
- Merge changes from the build service (thanks, Wolfgang)
|
|
2033 |
- Update to the fourth Firefox 3.0 Beta (2.9.94):
|
|
2034 |
+ Based upon the Gecko 1.9 Web rendering platform, which improves
|
|
2035 |
performance, stability, and rendering correctness; it also
|
|
2036 |
boasts a considerable simplification in its code
|
|
2037 |
+ Security improvements:
|
|
2038 |
* One-click site info
|
|
2039 |
* Malware Protection
|
|
2040 |
* New Web Forgery Protection page
|
|
2041 |
* New SSL error pages
|
|
2042 |
* Add-ons and Plugin version check
|
|
2043 |
* Secure add-on updates
|
|
2044 |
* Effective top-level domain (eTLD) service to better restrict
|
|
2045 |
cookies and other restricted content to a single domain
|
|
2046 |
* Better protection against cross-site JSON data leaks
|
|
2047 |
+ Usability improvements:
|
|
2048 |
* Easier password management
|
|
2049 |
* Simplified add-on installation
|
|
2050 |
* New Download Manager
|
|
2051 |
* Resumable downloading
|
|
2052 |
* Full page zoom
|
|
2053 |
* Podcasts and Videocasts can be associated with your media
|
|
2054 |
playback tools
|
|
2055 |
* Tab scrolling and quickmenu
|
|
2056 |
* Save what you were doing: Firefox will prompt users to save
|
|
2057 |
tabs on exit
|
|
2058 |
* Optimized Open in Tabs behavior
|
|
2059 |
* Location and Search bar size can now be customized with a
|
|
2060 |
simple resizer item
|
|
2061 |
* Text selection improvements
|
|
2062 |
* Find toolbar
|
|
2063 |
* Improved integration with Linux: Firefox's default icons,
|
|
2064 |
buttons, and menu styles now use the native GTK theme
|
|
2065 |
+ Personalization improvements:
|
|
2066 |
* Star button: quickly add bookmarks from the location bar
|
|
2067 |
with a single click; a second click lets you file and tag them
|
|
2068 |
* Tags: associate keywords with your bookmarks to sort them
|
|
2069 |
by topic
|
|
2070 |
* Location bar & auto-complete
|
|
2071 |
* Smart Bookmarks Folder
|
|
2072 |
* Places Organizer: view, organize and search through all
|
|
2073 |
of your bookmarks, tags, and browsing history with multiple
|
|
2074 |
views and smart folders to store your frequent searches
|
|
2075 |
* Web-based protocol handlers
|
|
2076 |
* Download & Install Add-ons
|
|
2077 |
* Easy to use Download Actions
|
|
2078 |
+ Improved platform for web developers:
|
|
2079 |
* New graphics and font handling: new graphics and text
|
|
2080 |
rendering architectures in Gecko 1.9 provides rendering
|
|
2081 |
improvements in CSS, SVG as well as improved display of
|
|
2082 |
fonts with ligatures and complex scripts
|
|
2083 |
* Color management: (set gfx.color_management.enabled on
|
|
2084 |
in about:config and restart the browser to enable.);
|
|
2085 |
Firefox can now adjust images with embedded color profiles
|
|
2086 |
* Offline support: enables web applications to provide
|
|
2087 |
offline functionality (website authors must add support
|
|
2088 |
for offline browsing to their site for this feature
|
|
2089 |
to be available to users)
|
|
2090 |
+ Improved performance:
|
|
2091 |
* Speed: improvements to the JavaScript engine as well as
|
|
2092 |
profile guided optimizations have resulted in significant
|
|
2093 |
improvements in performance; compared to Firefox 2,
|
|
2094 |
web applications like Google Mail and Zoho Office run
|
|
2095 |
twice as fast in Firefox 3 Beta 4, and the popular
|
|
2096 |
SunSpider test from Apple shows improvements over
|
|
2097 |
previous releases
|
|
2098 |
* Memory usage: Several new technologies work together to
|
|
2099 |
reduce the amount of memory used by Firefox 3 Beta 4
|
|
2100 |
over a web browsing session; memory cycles are broken
|
|
2101 |
and collected by an automated cycle collector, a new
|
|
2102 |
memory allocator reduces fragmentation, hundreds of leaks
|
|
2103 |
have been fixed, and caching strategies have been tuned
|
|
2104 |
* Reliability: A user's bookmarks, history, cookies, and
|
|
2105 |
preferences are now stored in a transactionally secure
|
|
2106 |
database format which will prevent data loss even if their
|
|
2107 |
system crashes
|
|
2108 |
- This version depends upon the mozilla-xulrunner190 package
|
|
2109 |
- Drop various stale packages, respin several that have been
|
|
2110 |
kept around, and add a few new ones.
|
|
2111 |
|
|
2112 |
-------------------------------------------------------------------
|
|
2113 |
Mon Feb 11 18:18:14 CET 2008 - maw@suse.de
|
|
2114 |
|
|
2115 |
- Security update to version 2.0.0.12 (bnc#354469):
|
|
2116 |
+ MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div
|
|
2117 |
overlay
|
|
2118 |
+ MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet
|
|
2119 |
redirect
|
|
2120 |
+ MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain
|
|
2121 |
text files
|
|
2122 |
+ MFSA 2008-08/CVE-2008-0591 File action dialog tampering
|
|
2123 |
+ MFSA 2008-06/CVE-2008-0419 Web browsing history and forward
|
|
2124 |
navigation stealing
|
|
2125 |
+ MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI
|
|
2126 |
+ MFSA 2008-04/CVE-2008-0417 Stored password corruption
|
|
2127 |
+ MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote
|
|
2128 |
Code Execution
|
|
2129 |
+ MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing
|
|
2130 |
vulnerabilities
|
|
2131 |
+ MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory
|
|
2132 |
corruption (rv:1.8.1.12)
|
|
2133 |
- Reference libaoss.so in start script (bnc#117079)
|
|
2134 |
- Remove mozilla-canvas-1.8.1.10.patch, as it has been upstreamed
|
|
2135 |
- Update firefox-ui-lockdown.patch (FATE#301534, FATE#302023, and
|
|
2136 |
FATE#302024)
|
|
2137 |
- Add application/x-xpinstall mime type to MozillaFirefox.desktop
|
|
2138 |
- Add MozillaFirefox.xml to bind .xpi to application/x-xpinstall
|
|
2139 |
in desktop.
|
|
2140 |
|
|
2141 |
-------------------------------------------------------------------
|
|
2142 |
Thu Jan 17 17:52:47 CET 2008 - maw@suse.de
|
|
2143 |
|
|
2144 |
- Add mozilla-maxpathlen.patch (#354150 and bmo #412610).
|
|
2145 |
|
|
2146 |
-------------------------------------------------------------------
|
|
2147 |
Fri Dec 21 18:46:50 CET 2007 - maw@suse.de
|
|
2148 |
|
|
2149 |
- Add firefox-348446-empty-lists.patch (bnc#348446).
|
|
2150 |
|
|
2151 |
-------------------------------------------------------------------
|
|
2152 |
Wed Dec 5 02:21:26 CET 2007 - maw@suse.de
|
|
2153 |
|
|
2154 |
- Respin proxy-dev.patch (bnc#340678) -- thanks, Anders!
|
|
2155 |
|
|
2156 |
-------------------------------------------------------------------
|
|
2157 |
Tue Nov 27 18:25:25 CET 2007 - maw@suse.de
|
|
2158 |
|
|
2159 |
- Security update to version 2.0.0.10 (#341905, #341591):
|
|
2160 |
+ MFSA 2007-39 Referer-spoofing via window.location race condition
|
|
2161 |
+ MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10)
|
|
2162 |
+ MFSA 2007-37 jar: URI scheme XSS hazard
|
|
2163 |
+ Fixes for regressions introduced in 2.0.0.8
|
|
2164 |
+ Updated dbus.patch, startup.patch, misc.dif, and configure.patch
|
|
2165 |
- Add mozilla-gcc4.3-fixes.patch
|
|
2166 |
- Add mozilla-canvas-1.8.1.10.patch (#341591#c10).
|
|
2167 |
|
|
2168 |
-------------------------------------------------------------------
|
|
2169 |
Mon Nov 26 18:27:25 CET 2007 - maw@suse.de
|
|
2170 |
|
|
2171 |
- Build with -ftree-vrp -fwrapv, per advice in #342603#c17.
|
|
2172 |
|
|
2173 |
-------------------------------------------------------------------
|
|
2174 |
Tue Nov 13 17:49:01 CET 2007 - maw@suse.de
|
|
2175 |
|
|
2176 |
- Add firefox-gcc4.3-fixes.patch.
|
|
2177 |
|
|
2178 |
-------------------------------------------------------------------
|
|
2179 |
Fri Oct 19 02:04:45 CEST 2007 - maw@suse.de
|
|
2180 |
|
|
2181 |
- Security update to version 2.0.0.8 (#332512) (thanks, Wolfgang)
|
|
2182 |
* MFSA 2007-29 Crashes with evidence of memory corruption
|
|
2183 |
* MFSA 2007-30 onUnload Tailgating
|
|
2184 |
* MFSA 2007-31 Digest authentication request splitting
|
|
2185 |
* MFSA 2007-32 File input focus stealing vulnerability
|
|
2186 |
* MFSA 2007-33 XUL pages can hide the window titlebar
|
|
2187 |
* MFSA 2007-34 Possible file stealing through sftp protocol
|
|
2188 |
* MFSA 2007-35 XPCNativeWraper pollution using Script object
|
|
2189 |
complete advisories on
|
|
2190 |
http://www.mozilla.org/projects/security/known-vulnerabilities.html
|
|
2191 |
|
|
2192 |
-------------------------------------------------------------------
|
|
2193 |
Sun Sep 23 19:49:12 CEST 2007 - maw@suse.de
|
|
2194 |
|
|
2195 |
- Don't explicitly require libaoss.so (#326751).
|
|
2196 |
|
|
2197 |
-------------------------------------------------------------------
|
|
2198 |
Fri Sep 14 23:13:06 CEST 2007 - maw@suse.de
|
|
2199 |
|
|
2200 |
- Update the Novell Support search plugin in search-addons.tar.bz2
|
|
2201 |
(#297261)
|
|
2202 |
- Set the browser.tabs.loadFolderAndReplace preference to false
|
|
2203 |
by default (#230759).
|
|
2204 |
|
|
2205 |
-------------------------------------------------------------------
|
|
2206 |
Wed Sep 12 15:21:06 CEST 2007 - dmueller@suse.de
|
|
2207 |
|
|
2208 |
- fix hardlinks accross partitions
|
|
2209 |
|
|
2210 |
-------------------------------------------------------------------
|
|
2211 |
Thu Sep 6 16:07:12 CEST 2007 - maw@suse.de
|
|
2212 |
|
|
2213 |
- Add http://software.opensuse.org/search?baseproject=openSUSE:10.3
|
|
2214 |
to the default bookmarks (#308223).
|
|
2215 |
|
|
2216 |
-------------------------------------------------------------------
|
|
2217 |
Mon Sep 3 22:33:09 CEST 2007 - ro@suse.de
|
|
2218 |
|
|
2219 |
- move last change a bit further in specfile
|
|
2220 |
|
|
2221 |
-------------------------------------------------------------------
|
|
2222 |
Fri Aug 31 18:36:16 CEST 2007 - maw@suse.de
|
|
2223 |
|
|
2224 |
- Mark a .png file as nonexecutable.
|
|
2225 |
|
|
2226 |
-------------------------------------------------------------------
|
|
2227 |
Tue Aug 28 16:44:08 CEST 2007 - maw@suse.de
|
|
2228 |
|
|
2229 |
- Minor .spec update (#305193)
|
|
2230 |
+ Remove two obsolete patches
|
|
2231 |
+ Correct releasedate
|
|
2232 |
+ Include only the officially supported locales.
|
|
2233 |
|
|
2234 |
-------------------------------------------------------------------
|
|
2235 |
Wed Aug 22 17:53:03 CEST 2007 - maw@suse.de
|
|
2236 |
|
|
2237 |
- Merge changes from the build service (thanks, Wolfgang):
|
|
2238 |
+ Provide locale dependency information (#302288)
|
|
2239 |
+ Add x11-session.patch, supporting X11 session management
|
|
2240 |
(#227047)
|
|
2241 |
+ Update to version 2.0.0.6
|
|
2242 |
* MFSA 2007-26 Privilege escalation through chrome-loaded
|
|
2243 |
about:blank windows
|
|
2244 |
* MFSA 2007-27 Unescaped URIs passed to external programs
|
|
2245 |
(only relevant on Windows)
|
|
2246 |
- Use %fdupes.
|
|
2247 |
|
|
2248 |
-------------------------------------------------------------------
|
|
2249 |
Tue Aug 21 09:45:35 CEST 2007 - aj@suse.de
|
|
2250 |
|
|
2251 |
- Adjust bookmarks: Add news.opensuse.org, use new software.o.o
|
|
2252 |
page.
|
|
2253 |
|
|
2254 |
-------------------------------------------------------------------
|
|
2255 |
Thu Aug 16 14:57:27 CEST 2007 - mauro@suse.de
|
|
2256 |
|
|
2257 |
- Revert previous change.
|
|
2258 |
|
|
2259 |
-------------------------------------------------------------------
|
|
2260 |
Tue Aug 14 11:58:23 CEST 2007 - mauro@suse.de
|
|
2261 |
|
|
2262 |
- Added support for ymp in the mimetypes.rdf
|
|
2263 |
- Added OneClickInstallUrlHandler for handing the actual call from firefox.
|
|
2264 |
- Fixes bnc #295677
|
|
2265 |
|
|
2266 |
-------------------------------------------------------------------
|
|
2267 |
Mon Jul 23 18:57:07 CEST 2007 - maw@suse.de
|
|
2268 |
|
|
2269 |
- Security update to version 2.0.0.5 (#288115) which has fixes for:
|
|
2270 |
MFSA 2007-18
|
|
2271 |
CVE-2007-3734 - Browser flaws
|
|
2272 |
CVE-2007-3735 - Javascript flaws
|
|
2273 |
|
|
2274 |
MFSA 2007-19
|
|
2275 |
CVE-2007-3736
|
|
2276 |
|
|
2277 |
MFSA 2007-20
|
|
2278 |
CVE-2007-3089
|
|
2279 |
|
|
2280 |
MFSA 2007-21
|
|
2281 |
CVE-2007-3737
|
|
2282 |
|
|
2283 |
MFSA 2007-22
|
|
2284 |
CVE-2007-3285
|
|
2285 |
|
|
2286 |
MFSA 2007-23
|
|
2287 |
CVE-2007-3670
|
|
2288 |
|
|
2289 |
MFSA 2007-24
|
|
2290 |
CVE-2007-3656
|
|
2291 |
|
|
2292 |
MFSA 2007-25
|
|
2293 |
CVE-2007-3738
|
|
2294 |
|
|
2295 |
-------------------------------------------------------------------
|
|
2296 |
Thu Jun 21 15:59:01 CEST 2007 - adrian@suse.de
|
|
2297 |
|
|
2298 |
- fix changelog entry order
|
|
2299 |
|
|
2300 |
-------------------------------------------------------------------
|
|
2301 |
Mon Jun 18 13:22:42 CDT 2007 - maw@suse.de
|
|
2302 |
|
|
2303 |
- Use mozilla.sh.in from the build service (#230681).
|
|
2304 |
|
|
2305 |
-------------------------------------------------------------------
|
|
2306 |
Tue Jun 5 15:55:08 CEST 2007 - sbrabec@suse.cz
|
|
2307 |
|
|
2308 |
- Removed invalid desktop category "Application" (#254654).
|
|
2309 |
|
|
2310 |
-------------------------------------------------------------------
|
|
2311 |
Mon Jun 4 19:53:35 CDT 2007 - maw@suse.de
|
|
2312 |
|
|
2313 |
- Security update to version 2.0.0.4
|
|
2314 |
- Refresh configure.patch, startup.patch, and visibility.patch
|
|
2315 |
- Now use l10n-%{version}.tar.bz2 instead of l10n.tar.bz2.
|
|
2316 |
|
|
2317 |
-------------------------------------------------------------------
|
|
2318 |
Mon Apr 30 16:49:55 CEST 2007 - ro@suse.de
|
|
2319 |
|
|
2320 |
- added unzip to BuildRequires
|
|
2321 |
|
|
2322 |
-------------------------------------------------------------------
|
|
2323 |
Wed Apr 18 14:16:44 CEST 2007 - mfabian@suse.de
|
|
2324 |
|
|
2325 |
- add Japanese to the languages which get PANGO enabled in the
|
|
2326 |
start script to support the Japanese combining characters
|
|
2327 |
U+3099 U+309A (see bugzilla #262718 comment #29).
|
|
2328 |
|
|
2329 |
-------------------------------------------------------------------
|
|
2330 |
Mon Mar 12 11:06:10 CST 2007 - maw@suse.de
|
|
2331 |
|
|
2332 |
- Package gconf stuff.
|
|
2333 |
|
|
2334 |
-------------------------------------------------------------------
|
|
2335 |
Wed Feb 21 16:37:25 CST 2007 - maw@suse.de
|
|
2336 |
|
|
2337 |
- Security update to 2.0.0.2 (#244923), which covers:
|
|
2338 |
+ mfsa2007-01
|
|
2339 |
* CVE-2007-0775 - layout engine crashes
|
|
2340 |
* CVE-2007-0776 - SVG
|
|
2341 |
* CVE-2007-0777 - javascript engine corruption
|
|
2342 |
+ mfsa2007-02
|
|
2343 |
* CVE-2007-0995 - Invalid trailing characters in HTML tag attributes
|
|
2344 |
* CVE-2007-0996 - Child frame character set inheritance
|
|
2345 |
* CVE-2006-6077 - Injected password forms
|
|
2346 |
+ mfsa2007-02
|
|
2347 |
+ mfsa2007-03
|
|
2348 |
* CVE-2007-0078
|
|
2349 |
+ mfsa2007-04
|
|
2350 |
* CVE-2007-0079
|
|
2351 |
+ mfsa2007-05
|
|
2352 |
* CVE-2007-0780
|
|
2353 |
* CVE-2007-0800
|
|
2354 |
+ mfsa2007-06
|
|
2355 |
* CVE-2007-0008 - client flaw
|
|
2356 |
* CVE-2007-0009 - server flaw
|
|
2357 |
+ mfsa2007-07
|
|
2358 |
* CVE-2007-0981
|
|
2359 |
- Updates mozilla.sh.in (#230681)
|
|
2360 |
- Fixes #232209
|
|
2361 |
- Updates the man page (#243037)
|
|
2362 |
- Properly propagates exit codes (#241492)
|
|
2363 |
- Adds em-356370.patch (#217374)
|
|
2364 |
|
|
2365 |
-------------------------------------------------------------------
|
|
2366 |
Thu Jan 25 10:16:56 CST 2007 - maw@suse.de
|
|
2367 |
|
|
2368 |
- Fixup the Gnome paths, keeping in closer sync with the
|
|
2369 |
buildservice.
|
|
2370 |
|
|
2371 |
-------------------------------------------------------------------
|
|
2372 |
Thu Jan 18 09:27:54 CST 2007 - maw@suse.de
|
|
2373 |
|
|
2374 |
- Gnome is now in /usr, so remove references to /opt/gnome
|
|
2375 |
- Install firefox.png with the executable bit not set.
|
|
2376 |
|
|
2377 |
-------------------------------------------------------------------
|
|
2378 |
Wed Jan 10 12:57:39 CET 2007 - meissner@suse.de
|
|
2379 |
|
|
2380 |
- readd MozillaFirebird provides (was incorrect in removing it).
|
|
2381 |
|
|
2382 |
-------------------------------------------------------------------
|
|
2383 |
Mon Jan 8 11:16:08 CET 2007 - meissner@suse.de
|
|
2384 |
|
|
2385 |
- Do not provide MozillaFirebird, just obsolete it.
|
|
2386 |
|
|
2387 |
-------------------------------------------------------------------
|
|
2388 |
Fri Dec 1 02:22:49 CET 2006 - maw@suse.de
|
|
2389 |
|
|
2390 |
- Update gecko-lockdown.patch (#220616).
|
|
2391 |
|
|
2392 |
-------------------------------------------------------------------
|
|
2393 |
Thu Nov 30 19:02:54 CET 2006 - maw@suse.de
|
|
2394 |
|
|
2395 |
- Update firefox-suse-default-prefs.js, adding
|
|
2396 |
'pref("browser.backspace_action", 2);' (#217374)
|
|
2397 |
|
|
2398 |
-------------------------------------------------------------------
|
|
2399 |
Thu Nov 30 08:17:28 CET 2006 - aj@suse.de
|
|
2400 |
|
|
2401 |
- Fix last change (#224431).
|
|
2402 |
|
|
2403 |
-------------------------------------------------------------------
|
|
2404 |
Wed Nov 29 11:45:47 CET 2006 - aj@suse.de
|
|
2405 |
|
|
2406 |
- Change download bookmark (#224431).
|
|
2407 |
- Rename bookmark folder to openSUSE.
|
|
2408 |
|
|
2409 |
-------------------------------------------------------------------
|
|
2410 |
Tue Nov 28 08:09:48 CET 2006 - aj@suse.de
|
|
2411 |
|
|
2412 |
- Sync from Buildservice with following critical fixes (thanks
|
|
2413 |
Wolfgang Rosenauer!):
|
|
2414 |
* fixed system-proxies.patch to actually work (#223881).
|
|
2415 |
* Rearrange Bookmarks to pass trademark review.
|
|
2416 |
|
|
2417 |
-------------------------------------------------------------------
|
|
2418 |
Mon Nov 27 19:40:44 CET 2006 - aj@suse.de
|
|
2419 |
|
|
2420 |
- Fix tango theme (#223796).
|
|
2421 |
|
|
2422 |
-------------------------------------------------------------------
|
|
2423 |
Mon Nov 27 17:40:50 CET 2006 - aj@suse.de
|
|
2424 |
|
|
2425 |
- Use www.opensuse.org as home page.
|
|
2426 |
|
|
2427 |
-------------------------------------------------------------------
|
|
2428 |
Sun Nov 12 11:28:00 CET 2006 - aj@suse.de
|
|
2429 |
|
|
2430 |
- Set novell.com as home page.
|
|
2431 |
- Update from BuildService (thanks Wolfgang!):
|
|
2432 |
- fixed crash in htmlparser (#217257, bmo #358797)
|
|
2433 |
- added gconf2 as PreReq (#212505)
|
|
2434 |
- added 32bit libaoss.so as requirement (#216266)
|
|
2435 |
- Removed SUSE searchplugin (Portal not available anymore)
|
|
2436 |
(#216054)
|
|
2437 |
- Removed obsolete xul-picker.patch and system-nspr.patch
|
|
2438 |
- Fixed building on 10.1 and 10.0 (dbus)
|
|
2439 |
- Removed obsolete throbber preference
|
|
2440 |
|
|
2441 |
-------------------------------------------------------------------
|
|
2442 |
Thu Nov 9 19:09:46 CET 2006 - jhargadon@suse.de
|
|
2443 |
|
|
2444 |
- updated tango theme
|
|
2445 |
|
|
2446 |
-------------------------------------------------------------------
|
|
2447 |
Sun Oct 29 12:05:46 CET 2006 - aj@suse.de
|
|
2448 |
|
|
2449 |
- Another fix for 214125, patch by Wolfgang Rosenauer.
|
|
2450 |
|
|
2451 |
-------------------------------------------------------------------
|
|
2452 |
Thu Oct 26 06:58:59 CEST 2006 - aj@suse.de
|
|
2453 |
|
|
2454 |
- Fix gcc warnings about undefined operations, patch by
|
|
2455 |
Robert O'Callahan.
|
|
2456 |
- Update system-proxies.patch to fix error box (214125), patch by
|
|
2457 |
Robert O'Callahan.
|
|
2458 |
|
|
2459 |
-------------------------------------------------------------------
|
|
2460 |
Mon Oct 23 21:54:54 CEST 2006 - aj@suse.de
|
|
2461 |
|
|
2462 |
- Update to current CVS version of 2.0.
|
|
2463 |
- Use www.opensuse.org as default home page for now (#203547).
|
|
2464 |
|
|
2465 |
-------------------------------------------------------------------
|
|
2466 |
Sat Oct 21 08:53:50 CEST 2006 - aj@suse.de
|
|
2467 |
|
|
2468 |
- Disable non-working plasticfox and tango themes.
|
|
2469 |
|
|
2470 |
-------------------------------------------------------------------
|
|
2471 |
Fri Oct 20 20:16:29 CEST 2006 - aj@suse.de
|
|
2472 |
|
|
2473 |
- Fix building of locales.
|
|
2474 |
|
|
2475 |
-------------------------------------------------------------------
|
|
2476 |
Fri Oct 20 11:27:23 CEST 2006 - mkoenig@suse.de
|
|
2477 |
|
|
2478 |
- update to version 2.0rc3:
|
|
2479 |
* New features: Visual Refresh, Built-in phishing protection,
|
|
2480 |
Enhanced search capabilities, Improved tabbed browsing,
|
|
2481 |
Resuming your browsing session, Previewing and subscribing
|
|
2482 |
to Web feeds, Inline spell checking, Live Titles,
|
|
2483 |
Improved Add-ons manager, JavaScript 1.7, Extended search
|
|
2484 |
plugin format, Updates to the extension system,
|
|
2485 |
Client-side session and persistent storage, SVG text
|
|
2486 |
|
|
2487 |
-------------------------------------------------------------------
|
|
2488 |
Tue Oct 17 11:26:44 CEST 2006 - meissner@suse.de
|
|
2489 |
|
|
2490 |
- disabled debugging.
|
|
2491 |
|
|
2492 |
-------------------------------------------------------------------
|
|
2493 |
Tue Sep 12 20:27:02 CEST 2006 - stark@suse.de
|
|
2494 |
|
|
2495 |
- security update to version 1.5.0.7
|
|
2496 |
|
|
2497 |
-------------------------------------------------------------------
|
|
2498 |
Mon Aug 21 12:53:50 CEST 2006 - stark@suse.de
|
|
2499 |
|
|
2500 |
- added greasemonkey helper change (#199920)
|
|
2501 |
- fixed packager.mk for new make version
|
|
2502 |
|
|
2503 |
-------------------------------------------------------------------
|
|
2504 |
Fri Aug 11 20:51:48 CEST 2006 - stark@suse.de
|
|
2505 |
|
|
2506 |
- fixed crash in dbus component (patch by thoenig #197928)
|
|
2507 |
- use external adresses for PAC configuration (#196506)
|
|
2508 |
|
|
2509 |
-------------------------------------------------------------------
|
|
2510 |
Mon Aug 7 09:26:58 CEST 2006 - stark@suse.de
|
|
2511 |
|
|
2512 |
- added symlink for Firefox 1.0.x compatibility
|
|
2513 |
|
|
2514 |
-------------------------------------------------------------------
|
|
2515 |
Sat Jul 29 08:48:53 CEST 2006 - stark@suse.de
|
|
2516 |
|
|
2517 |
- update to regression release 1.5.0.6 (#195043)
|
|
2518 |
|
|
2519 |
-------------------------------------------------------------------
|
|
2520 |
Thu Jul 27 06:20:36 CEST 2006 - stark@suse.de
|
|
2521 |
|
|
2522 |
- security update to version 1.5.0.5 (#195043)
|
|
2523 |
* observer-lock.patch integrated now
|
|
2524 |
- fixed leak in JS' liveconnect (#186066)
|
|
2525 |
- fixed desktop file for old distributions
|
|
2526 |
(StartupNotify=false)
|
|
2527 |
|
|
2528 |
-------------------------------------------------------------------
|
|
2529 |
Thu Jun 29 20:13:28 CEST 2006 - stark@suse.de
|
|
2530 |
|
|
2531 |
- fixed printing crash if the last used printer is not available
|
|
2532 |
anymore (#187013)
|
|
2533 |
|
|
2534 |
-------------------------------------------------------------------
|
|
2535 |
Fri Jun 16 22:11:22 CEST 2006 - stark@suse.de
|
|
2536 |
|
|
2537 |
- added 48x48 icon (#185777)
|
|
2538 |
|
|
2539 |
-------------------------------------------------------------------
|
|
2540 |
Mon Jun 12 20:20:02 CEST 2006 - stark@suse.de
|
|
2541 |
|
|
2542 |
- fix overwrite confirmation for GTK filesaver (#179531)
|
|
2543 |
- get network.negotiate-auth.trusted-uris and
|
|
2544 |
network.negotiate-auth.delegation-uris from gconf if
|
|
2545 |
system-settings are enabled (#184489)
|
|
2546 |
|
|
2547 |
-------------------------------------------------------------------
|
|
2548 |
Thu Jun 1 20:34:43 CEST 2006 - stark@suse.de
|
|
2549 |
|
|
2550 |
- update to security/stability release 1.5.0.4 (#179011)
|
|
2551 |
- moved locale-global prefs to browserconfig.properties (#177881)
|
|
2552 |
|
|
2553 |
-------------------------------------------------------------------
|
|
2554 |
Tue May 23 21:11:11 CEST 2006 - stark@suse.de
|
|
2555 |
|
|
2556 |
- complete implementation of startup-notification (#115417)
|
|
2557 |
(including autoconf and remote support)
|
|
2558 |
- different home-pages for SLE10 and SL (#177881)
|
|
2559 |
|
|
2560 |
-------------------------------------------------------------------
|
|
2561 |
Tue May 16 06:27:26 CEST 2006 - stark@suse.de
|
|
2562 |
|
|
2563 |
- fixed potential deadlock in nsObserverList::RemoveObserver
|
|
2564 |
(#173986, bmo #338069)
|
|
2565 |
- base startup notification on libstartup-notification (#115417)
|
|
2566 |
|
|
2567 |
-------------------------------------------------------------------
|
|
2568 |
Thu May 11 09:39:27 CEST 2006 - stark@suse.de
|
|
2569 |
|
|
2570 |
- save printer settings properly (#174082, bmo #324072)
|
|
2571 |
- added startup notification support for showing load activity
|
|
2572 |
in Gnome and to avoid focus stealing prevention (#115417)
|
|
2573 |
- added StartupNotify=true to desktop file (#115417)
|
|
2574 |
- provide legacy symlink for NLD9 update compatibility (#173138)
|
|
2575 |
- fixed system-proxies patch to avoid unwanted wpad requests
|
|
2576 |
(#171743, #167613)
|
|
2577 |
|
|
2578 |
-------------------------------------------------------------------
|
|
2579 |
Mon May 8 14:55:52 CEST 2006 - stark@suse.de
|
|
2580 |
|
|
2581 |
- preconfigure the theme according to the used desktop (#151163)
|
|
2582 |
|
|
2583 |
-------------------------------------------------------------------
|
|
2584 |
Thu Apr 27 10:24:07 CEST 2006 - stark@suse.de
|
|
2585 |
|
|
2586 |
- last minute change for 1.5.0.3
|
|
2587 |
|
|
2588 |
-------------------------------------------------------------------
|
|
2589 |
Wed Apr 26 14:23:33 CEST 2006 - stark@suse.de
|
|
2590 |
|
|
2591 |
- security update to 1.5.0.3
|
|
2592 |
- fix for typo in postscript.patch
|
|
2593 |
|
|
2594 |
-------------------------------------------------------------------
|
|
2595 |
Tue Apr 25 14:14:51 CEST 2006 - stark@suse.de
|
|
2596 |
|
|
2597 |
- fixed iframe crash (#169039, bmo #334515)
|
|
2598 |
- fixed img tag misuse (#168710, bmo #334341)
|
|
2599 |
|
|
2600 |
-------------------------------------------------------------------
|
|
2601 |
Mon Apr 24 08:04:16 CEST 2006 - stark@suse.de
|
|
2602 |
|
|
2603 |
- improved postscript output (bmo #334485)
|
|
2604 |
- changed defaults for printer properties (#6534)
|
|
2605 |
- overwrite gnome-vfs' file protocol by providing "desktop-launch"
|
|
2606 |
(#131501)
|
|
2607 |
- get available paper sizes from CUPS (#65482)
|
|
2608 |
- replaced/removed complicated gconfd reload in %post (#167989)
|
|
2609 |
- fixed memory leak in clipboard caching (bmo #289897)
|
|
2610 |
|
|
2611 |
-------------------------------------------------------------------
|
|
2612 |
Tue Apr 11 08:35:53 CEST 2006 - stark@suse.de
|
|
2613 |
|
|
2614 |
- added (optional) plastikfox theme (#151163)
|
|
2615 |
- get some more security related patches (#148876)
|
|
2616 |
- finally fixed the default proxy configuration by adding a new
|
|
2617 |
UI option (#132398)
|
|
2618 |
|
|
2619 |
-------------------------------------------------------------------
|
|
2620 |
Mon Apr 3 11:41:13 CEST 2006 - stark@suse.de
|
|
2621 |
|
|
2622 |
- fixed keyword fixup patch (#162532)
|
|
2623 |
|
|
2624 |
-------------------------------------------------------------------
|
|
2625 |
Tue Mar 28 07:17:04 CEST 2006 - stark@suse.de
|
|
2626 |
|
|
2627 |
- don't use keyword fixup for pasted text (#160034, bmo #331522)
|
|
2628 |
|
|
2629 |
-------------------------------------------------------------------
|
|
2630 |
Mon Mar 20 09:28:58 CET 2006 - stark@suse.de
|
|
2631 |
|
|
2632 |
- added Tango theme
|
|
2633 |
- fixed reading proxies from gconf (#132398)
|
|
2634 |
|
|
2635 |
-------------------------------------------------------------------
|
|
2636 |
Sun Mar 12 09:04:05 CET 2006 - stark@suse.de
|
|
2637 |
|
|
2638 |
- tweaked bookmarks (fixed URLs)
|
|
2639 |
- added Khmer (km-*) to pango locales (#157397)
|
|
2640 |
|
|
2641 |
-------------------------------------------------------------------
|
|
2642 |
Sat Mar 4 21:08:45 CET 2006 - stark@suse.de
|
|
2643 |
|
|
2644 |
- fixed crash with multipart JPEGs (bmo #328684) (#140416)
|
|
2645 |
- got latest security fixes from upstream (#148876)
|
|
2646 |
|
|
2647 |
-------------------------------------------------------------------
|
|
2648 |
Wed Feb 22 13:24:58 CET 2006 - stark@suse.de
|
|
2649 |
|
|
2650 |
- fixed plugin loading when launched from Thunderbird (#151614)
|
|
2651 |
- merged dbus reconnection patch (#150042)
|
|
2652 |
- default to autodetect proxy (network.proxy.type=4) (#151811)
|
|
2653 |
- added GTK category to desktop file
|
|
2654 |
|
|
2655 |
-------------------------------------------------------------------
|
|
2656 |
Tue Feb 14 06:45:24 CET 2006 - stark@suse.de
|
|
2657 |
|
|
2658 |
- modified lockdown patches (#67281, #67282)
|
|
2659 |
- applied set of security patches (#148876)
|
|
2660 |
bmo bugs: 282105, 307989, 315625, 320459, 323634, 325403, 325947
|
|
2661 |
|
|
2662 |
-------------------------------------------------------------------
|
|
2663 |
Tue Feb 7 20:09:43 CET 2006 - stark@suse.de
|
|
2664 |
|
|
2665 |
- fixed disabling of Pango (#148788)
|
|
2666 |
|
|
2667 |
-------------------------------------------------------------------
|
|
2668 |
Thu Feb 2 21:51:30 CET 2006 - stark@suse.de
|
|
2669 |
|
|
2670 |
- define gssapi lib explicitely (#147670)
|
|
2671 |
- use only official Firefox-Icon
|
|
2672 |
- changed home-download patch
|
|
2673 |
|
|
2674 |
-------------------------------------------------------------------
|
|
2675 |
Sun Jan 29 09:54:49 CET 2006 - stark@suse.de
|
|
2676 |
|
|
2677 |
- throbber URL is default again
|
|
2678 |
- removed firefox-showpass patch
|
|
2679 |
- removed additional CA certs from builtin NSS
|
|
2680 |
|
|
2681 |
-------------------------------------------------------------------
|
|
2682 |
Fri Jan 27 17:55:21 CET 2006 - stark@suse.de
|
|
2683 |
|
|
2684 |
- got some l10n changes from 1.8.0 branch
|
|
2685 |
|
|
2686 |
-------------------------------------------------------------------
|
|
2687 |
Fri Jan 27 08:15:09 CET 2006 - stark@suse.de
|
|
2688 |
|
|
2689 |
- final 1.5.0.1 version
|
|
2690 |
- make it possible to choose $HOME as download directory
|
|
2691 |
(#144894, bmo #300856)
|
|
2692 |
|
|
2693 |
-------------------------------------------------------------------
|
|
2694 |
Wed Jan 25 21:33:43 CET 2006 - mls@suse.de
|
|
2695 |
|
|
2696 |
- converted neededforbuild to BuildRequires
|
|
2697 |
|
|
2698 |
-------------------------------------------------------------------
|
|
2699 |
Sun Jan 22 17:06:57 CET 2006 - stark@suse.de
|
|
2700 |
|
|
2701 |
- disable Pango if MOZ_ENABLE_PANGO is not set
|
|
2702 |
and no typical language which needs Pango is used (#143428)
|
|
2703 |
|
|
2704 |
-------------------------------------------------------------------
|
|
2705 |
Wed Jan 18 10:27:30 CET 2006 - stark@suse.de
|
|
2706 |
|
|
2707 |
- fixed DumpStackToFile() for glibc 2.4
|
|
2708 |
- added default (font) settings
|
|
2709 |
|
|
2710 |
-------------------------------------------------------------------
|
|
2711 |
Thu Jan 12 10:23:58 CET 2006 - stark@suse.de
|
|
2712 |
|
|
2713 |
- update to 1.5.0.1pre (20060111)
|
|
2714 |
- updated man-page
|
|
2715 |
- fixed hovered tab close button
|
|
2716 |
- only Requires mozilla-nspr instead of PreReq since
|
|
2717 |
there is no postinstall registration necessary anymore
|
|
2718 |
- use system NSS from CODE10 on
|
|
2719 |
- use -fstack-protector where available
|
|
2720 |
- changed unixproxy component to work on older distributions
|
|
2721 |
|
|
2722 |
-------------------------------------------------------------------
|
|
2723 |
Mon Jan 2 13:39:09 CET 2006 - stark@suse.de
|
|
2724 |
|
|
2725 |
- added unixproxy component written by Robert O'Callahan (#132398)
|
|
2726 |
(bmo #66057)
|
|
2727 |
- added official translations
|
|
2728 |
- preload libaoss for plugin sound (#117079)
|
|
2729 |
|
|
2730 |
-------------------------------------------------------------------
|
|
2731 |
Wed Dec 28 08:16:03 CET 2005 - stark@suse.de
|
|
2732 |
|
|
2733 |
- get some patches from 1.8.0 branch
|
|
2734 |
- readded modification to gconf-backend (bmo #321315)
|
|
2735 |
- readded lockdown stuff
|
|
2736 |
- enable additional extension install directory (#120329)
|
|
2737 |
(/usr/lib/browser-extensions/firefox)
|
|
2738 |
- added patch to make the XUL filechooser optional
|
|
2739 |
(MOZ_XUL_PICKER)
|
|
2740 |
|
|
2741 |
-------------------------------------------------------------------
|
|
2742 |
Wed Dec 14 16:08:12 CET 2005 - stark@suse.de
|
|
2743 |
|
|
2744 |
- fixed patch for parsing -remote parameter
|
|
2745 |
- removed default-plugin patch (not needed anymore)
|
|
2746 |
|
|
2747 |
-------------------------------------------------------------------
|
|
2748 |
Fri Dec 9 17:21:29 CET 2005 - stark@suse.de
|
|
2749 |
|
|
2750 |
- fix to ignore X composite extension (#135373)
|
|
2751 |
- fixed parsing of -remote parameters (#134396)
|
|
2752 |
- activated locales as released
|
|
2753 |
|
|
2754 |
-------------------------------------------------------------------
|
|
2755 |
Tue Nov 29 21:33:13 CET 2005 - stark@suse.de
|
|
2756 |
|
|
2757 |
- update to 1.5 (20051128)
|
|
2758 |
- don't override startup URL when changing Gecko versions (#135314)
|
|
2759 |
- added patch for GTK2 handling (#134831)
|
|
2760 |
- readded add-plugins stuff for compatibility
|
|
2761 |
|
|
2762 |
-------------------------------------------------------------------
|
|
2763 |
Fri Nov 18 07:41:41 CET 2005 - stark@suse.de
|
|
2764 |
|
|
2765 |
- update to 1.5rc3 (20051117)
|
|
2766 |
|
|
2767 |
-------------------------------------------------------------------
|
|
2768 |
Mon Oct 31 08:58:14 CET 2005 - stark@suse.de
|
|
2769 |
|
|
2770 |
- updated l10n archive (20051030)
|
|
2771 |
- fixed postinstall script to copy plugin links instead of files
|
|
2772 |
|
|
2773 |
-------------------------------------------------------------------
|
|
2774 |
Fri Oct 28 06:43:27 CEST 2005 - stark@suse.de
|
|
2775 |
|
|
2776 |
- update to 1.5rc1 (20051027)
|
|
2777 |
- fixed profile locking on FAT partitions (bmo #313360)
|
|
2778 |
- introduced an rpath again
|
|
2779 |
|
|
2780 |
-------------------------------------------------------------------
|
|
2781 |
Wed Oct 19 20:03:48 CEST 2005 - stark@suse.de
|
|
2782 |
|
|
2783 |
- update to snapshot 1.5 (20051019)
|
|
2784 |
- moved installation to /usr/%{_lib}/firefox
|
|
2785 |
- added dbus component to be able to get network status from
|
|
2786 |
NetworkManager (bmo #312793)
|
|
2787 |
- remove all update UI for application
|
|
2788 |
- removed diable-gconf (no registration at build time anymore)
|
|
2789 |
- removed rebuild-databases.sh (no system registration anymore)
|
|
2790 |
- open links in new windows (#128087)
|
|
2791 |
|
|
2792 |
-------------------------------------------------------------------
|
|
2793 |
Thu Oct 6 20:44:53 CEST 2005 - stark@suse.de
|
|
2794 |
|
|
2795 |
- update to Firefox 1.5b2 (20051005)
|
|
2796 |
- added supported translations
|
|
2797 |
|
|
2798 |
-------------------------------------------------------------------
|
|
2799 |
Sat Oct 1 15:09:18 CEST 2005 - stark@suse.de
|
|
2800 |
|
|
2801 |
- update to Firefox 1.5b1 (20050930) RPM version 1.4.1
|
|
2802 |
- removed rebuild-databases.sh calls
|
|
2803 |
- removed add-plugins.sh calls and corresponding triggers
|
|
2804 |
- enabled SVG and Canvas support
|
|
2805 |
- fixed gconf urlhandler registration
|
|
2806 |
|
|
2807 |
-------------------------------------------------------------------
|
|
2808 |
Tue Sep 20 10:24:16 CEST 2005 - stark@suse.de
|
|
2809 |
|
|
2810 |
- security update to 1.0.7 (#117619)
|
|
2811 |
* MFSA 2005-57: IDN heap overrun using soft-hyphens (bmo #307259)
|
|
2812 |
(enabled IDN pref again)
|
|
2813 |
* MFSA 2005-58:
|
|
2814 |
CAN-2005-2701 Heap overrun in XBM image processing
|
|
2815 |
CAN-2005-2702 Crash on "zero-width non-joiner" sequence
|
|
2816 |
CAN-2005-2703 XMLHttpRequest header spoofing
|
|
2817 |
CAN-2005-2704 Object spoofing using XBL <implements>
|
|
2818 |
CAN-2005-2705 JavaScript integer overflow
|
|
2819 |
CAN-2005-2706 Privilege escalation using about: scheme
|
|
2820 |
CAN-2005-2707 Chrome window spoofing
|
|
2821 |
Regression fixes
|
|
2822 |
- register beagle extension if it gets installed (#116787)
|
|
2823 |
|
|
2824 |
-------------------------------------------------------------------
|
|
2825 |
Tue Sep 13 15:41:37 CEST 2005 - aj@suse.de
|
|
2826 |
|
|
2827 |
- Change SUSE bookmarks.
|
|
2828 |
|
|
2829 |
-------------------------------------------------------------------
|
|
2830 |
Sun Sep 11 17:05:07 CEST 2005 - stark@suse.de
|
|
2831 |
|
|
2832 |
- disable IDN per default (#116070)
|
|
2833 |
- unlocalize bookmarks (#114279)
|
|
2834 |
|
|
2835 |
-------------------------------------------------------------------
|
|
2836 |
Thu Sep 8 08:52:13 CEST 2005 - stark@suse.de
|
|
2837 |
|
|
2838 |
- fixed some filemodes (#114849)
|
|
2839 |
|
|
2840 |
-------------------------------------------------------------------
|
|
2841 |
Sun Sep 4 00:03:53 CEST 2005 - stark@suse.de
|
|
2842 |
|
|
2843 |
- fixed gconf-backend patch to be able to use
|
|
2844 |
system prefs (#114054)
|
|
2845 |
|
|
2846 |
-------------------------------------------------------------------
|
|
2847 |
Thu Sep 1 13:22:17 CEST 2005 - stark@suse.de
|
|
2848 |
|
|
2849 |
- changed default font to sans-serif (#114464)
|
|
2850 |
- removed de-de parts of the bookmark-links (#114279)
|
|
2851 |
|
|
2852 |
-------------------------------------------------------------------
|
|
2853 |
Mon Aug 22 06:10:12 CEST 2005 - stark@suse.de
|
|
2854 |
|
|
2855 |
- install gconf schema for lockdown also on non-NLD
|
|
2856 |
- added backports (firefox-backports.patch)
|
|
2857 |
* gtk_im_context_set_cursor_location() is not used (bmo #281339)
|
|
2858 |
* fixed crash in imgCacheValidator::OnStartRequest()
|
|
2859 |
(bmo #293307)
|
|
2860 |
- workaround for linking with pangoxft and pangox
|
|
2861 |
(broken by gtk 2.8 update) (#105764)
|
|
2862 |
- remove extensions on deinstallation
|
|
2863 |
- include dragonegg (kparts) plugin (#105468)
|
|
2864 |
|
|
2865 |
-------------------------------------------------------------------
|
|
2866 |
Thu Aug 18 13:08:55 CEST 2005 - stark@suse.de
|
|
2867 |
|
|
2868 |
- fixed regression in profile locking change (bmo #303633)
|
|
2869 |
- added rtsp handler to global config (#104434)
|
|
2870 |
- don't blacklist help: protocol (bmo #304833)
|
|
2871 |
- fixed Gdk-WARNING at startup (gtk.patch)
|
|
2872 |
- fixed crash with gtk 2.7 (bmo #300226, bnc #104586)
|
|
2873 |
- fixed installation of the beagle plugin
|
|
2874 |
- update industrial theme to 1.0.11 (#104564)
|
|
2875 |
- included lockdownV2 (removed obsolete gconf.diff)
|
|
2876 |
- linked firefox-bin with rpath to progdir
|
|
2877 |
|
|
2878 |
-------------------------------------------------------------------
|
|
2879 |
Fri Aug 5 09:51:26 CEST 2005 - stark@suse.de
|
|
2880 |
|
|
2881 |
- fixed profile locking (bmo #151188)
|
|
2882 |
- install beagle extension globally
|
|
2883 |
|
|
2884 |
-------------------------------------------------------------------
|
|
2885 |
Fri Jul 29 06:58:24 CEST 2005 - stark@suse.de
|
|
2886 |
|
|
2887 |
- don't require and provide NSS libs (#98002)
|
|
2888 |
- fixed printing error 'You cannot print while in print preview'
|
|
2889 |
(#96991, bmo #302445)
|
|
2890 |
|
|
2891 |
-------------------------------------------------------------------
|
|
2892 |
Wed Jul 27 09:34:12 CEST 2005 - stark@suse.de
|
|
2893 |
|
|
2894 |
- fixed Firefox on ppc (stack-direction.patch) (#97359)
|
|
2895 |
- removed open-pref from startscript as it is done
|
|
2896 |
automatically now (#73042)
|
|
2897 |
- updated Novell searchplugins
|
|
2898 |
|
|
2899 |
-------------------------------------------------------------------
|
|
2900 |
Mon Jul 25 12:32:13 CEST 2005 - stark@suse.de
|
|
2901 |
|
|
2902 |
- GTK filechooser is now modal (#8533)
|
|
2903 |
- backed out patch to add tooltips to print-preview
|
|
2904 |
because it breaks localization
|
|
2905 |
|
|
2906 |
-------------------------------------------------------------------
|
|
2907 |
Fri Jul 22 10:54:39 CEST 2005 - stark@suse.de
|
|
2908 |
|
|
2909 |
- fixed another problem in printing patch
|
|
2910 |
|
|
2911 |
-------------------------------------------------------------------
|
|
2912 |
Tue Jul 19 10:44:59 CEST 2005 - stark@suse.de
|
|
2913 |
|
|
2914 |
- fixed error in ft-xft-ps2.patch
|
|
2915 |
- disabled stripping in spec instead of patch
|
|
2916 |
- added NSPR to PreReq
|
|
2917 |
|
|
2918 |
-------------------------------------------------------------------
|
|
2919 |
Mon Jul 18 08:43:24 CEST 2005 - stark@suse.de
|
|
2920 |
|
|
2921 |
- fixed some more regressions with final 1.0.6
|
|
2922 |
- fixed width calculation in Postscript module (bmo #290292)
|
|
2923 |
- fixed plugin event starvation (bnc #94749, #94751, bmo #301161)
|
|
2924 |
|
|
2925 |
-------------------------------------------------------------------
|
|
2926 |
Fri Jul 15 11:24:47 CEST 2005 - stark@suse.de
|
|
2927 |
|
|
2928 |
- searchplugins can now be installed per profile (#8176)
|
|
2929 |
|
|
2930 |
-------------------------------------------------------------------
|
|
2931 |
Fri Jul 15 06:54:02 CEST 2005 - stark@suse.de
|
|
2932 |
|
|
2933 |
- update to 1.0.6 which restores API compatibility
|
|
2934 |
|
|
2935 |
-------------------------------------------------------------------
|
|
2936 |
Tue Jul 12 06:20:37 CEST 2005 - stark@suse.de
|
|
2937 |
|
|
2938 |
- update to 1.0.5 final (#88509)
|
|
2939 |
- don't strip explicitely
|
|
2940 |
- don't ship beagle.xpi
|
|
2941 |
|
|
2942 |
-------------------------------------------------------------------
|
|
2943 |
Wed Jul 6 14:13:09 CEST 2005 - stark@suse.de
|
|
2944 |
|
|
2945 |
- update to 1.0.5-pre (20050705)
|
|
2946 |
- use RPM_OPT_FLAGS for NSS component
|
|
2947 |
- fixed implicit declarations and uninitialized used variables
|
|
2948 |
- added patch for bmo #87969
|
|
2949 |
|
|
2950 |
-------------------------------------------------------------------
|
|
2951 |
Tue Jul 5 10:17:16 CEST 2005 - stark@suse.de
|
|
2952 |
|
|
2953 |
- fixed regression from security update (#95069, bmo #298478)
|
|
2954 |
|
|
2955 |
-------------------------------------------------------------------
|
|
2956 |
Mon Jun 27 21:46:58 CEST 2005 - stark@suse.de
|
|
2957 |
|
|
2958 |
- don't use system-prefs by default on NLD
|
|
2959 |
- removed basic lockdown stuff for SUSE Linux
|
|
2960 |
(it's not needed and caused problems: bnc #75418)
|
|
2961 |
- fixed NLD lockdown patch (bnc #75418)
|
|
2962 |
- don't write prefs back to gconf for now
|
|
2963 |
|
|
2964 |
-------------------------------------------------------------------
|
|
2965 |
Wed Jun 22 07:32:42 CEST 2005 - stark@suse.de
|
|
2966 |
|
|
2967 |
- new NLD lockdown patch which is syncing user prefs to gconf
|
|
2968 |
- update to 1.0.5pre security-release
|
|
2969 |
|
|
2970 |
-------------------------------------------------------------------
|
|
2971 |
Thu Jun 9 06:56:02 CEST 2005 - stark@suse.de
|
|
2972 |
|
|
2973 |
- new revision of NLD lockdown patch
|
|
2974 |
- fixed remote usage behaviour in start script (bnc #41903)
|
|
2975 |
- got more bugfixes from the branch
|
|
2976 |
|
|
2977 |
-------------------------------------------------------------------
|
|
2978 |
Thu Jun 2 10:31:48 CEST 2005 - stark@suse.de
|
|
2979 |
|
|
2980 |
- fixed neededforbuild
|
|
2981 |
|
|
2982 |
-------------------------------------------------------------------
|
|
2983 |
Wed Jun 1 20:15:25 CEST 2005 - stark@suse.de
|
|
2984 |
|
|
2985 |
- fixed IDN for 64bit platforms (bmo #236425, bnc #46268)
|
|
2986 |
|
|
2987 |
-------------------------------------------------------------------
|
|
2988 |
Fri May 20 15:12:06 CEST 2005 - stark@suse.de
|
|
2989 |
|
|
2990 |
- fixed keybinding for KP separator (bnc #84147)
|
|
2991 |
- pulled security related patch from upstream branch
|
|
2992 |
- update plastikfox theme to version 1.6
|
|
2993 |
|
|
2994 |
-------------------------------------------------------------------
|
|
2995 |
Thu May 12 06:16:25 CEST 2005 - stark@suse.de
|
|
2996 |
|
|
2997 |
- update to final 1.0.4 release
|
|
2998 |
|
|
2999 |
-------------------------------------------------------------------
|
|
3000 |
Tue May 10 06:38:05 CEST 2005 - stark@suse.de
|
|
3001 |
|
|
3002 |
- update to 1.0.4 security release
|
|
3003 |
- removed s390(x) patches (upstream)
|
|
3004 |
- made two more files %verify (81692)
|
|
3005 |
- updated NLD lockdown patch (81304)
|
|
3006 |
|
|
3007 |
-------------------------------------------------------------------
|
|
3008 |
Thu Apr 28 09:45:53 CEST 2005 - stark@suse.de
|
|
3009 |
|
|
3010 |
- use static NSPR libs from new location
|
|
3011 |
|
|
3012 |
-------------------------------------------------------------------
|
|
3013 |
Sat Apr 23 15:56:08 CEST 2005 - stark@suse.de
|
|
3014 |
|
|
3015 |
- activate usage of system NSPR for distributions after 9.3
|
|
3016 |
- add patch to be able to use systen NSPR at all
|
|
3017 |
|
|
3018 |
-------------------------------------------------------------------
|
|
3019 |
Fri Apr 22 02:06:06 CEST 2005 - ro@suse.de
|
|
3020 |
|
|
3021 |
- use mozilla-gcc4.patch
|
|
3022 |
|
|
3023 |
-------------------------------------------------------------------
|
|
3024 |
Thu Apr 21 12:51:19 CEST 2005 - stark@suse.de
|
|
3025 |
|
|
3026 |
- don't execute gconf magic within build environment
|
|
3027 |
|
|
3028 |
-------------------------------------------------------------------
|
|
3029 |
Sat Apr 16 13:05:37 CEST 2005 - stark@suse.de
|
|
3030 |
|
|
3031 |
- update to final 1.0.3 release
|
|
3032 |
|
|
3033 |
-------------------------------------------------------------------
|
|
3034 |
Fri Apr 15 00:10:54 CEST 2005 - ro@suse.de
|
|
3035 |
|
|
3036 |
- fix problem in postinstall script
|
|
3037 |
|
|
3038 |
-------------------------------------------------------------------
|
|
3039 |
Wed Apr 14 09:20:02 CEST 2005 - stark@suse.de
|
|
3040 |
|
|
3041 |
- included fixed lockdown patch for NLD
|
|
3042 |
- linked proxies within Firefox with gnome settings (NLD)
|
|
3043 |
- added gconfd restart procedure to install script
|
|
3044 |
(only needed if gconf changes are done) (#76852)
|
|
3045 |
|
|
3046 |
-------------------------------------------------------------------
|
|
3047 |
Sat Apr 2 21:03:11 CEST 2005 - stark@suse.de
|
|
3048 |
|
|
3049 |
- update to security pre-release 1.0.3 (#75692)
|
|
3050 |
* Manual plug-in install, javascript vulnerability (bmo #288556)
|
|
3051 |
* Access memory vulnerability (bmo #288688)
|
|
3052 |
|
|
3053 |
-------------------------------------------------------------------
|
|
3054 |
Fri Apr 1 11:32:44 CEST 2005 - stark@suse.de
|
|
3055 |
|
|
3056 |
- added advanced lockdown features for ZLM integration (NLD-only)
|
|
3057 |
|
|
3058 |
-------------------------------------------------------------------
|
|
3059 |
Tue Mar 22 12:33:15 CET 2005 - stark@suse.de
|
|
3060 |
|
|
3061 |
- update to final 1.0.2
|
|
3062 |
- use new theme handling on NLD
|
|
3063 |
- added default-plugin-less-annoying from mozilla
|
|
3064 |
- use GTK2 for Flash
|
|
3065 |
- use system NSPR on SUSE releases after 9.3
|
|
3066 |
- made startscript PIS aware
|
|
3067 |
- set g-application-name correctly (bmo #281979)
|
|
3068 |
- added man-page
|
|
3069 |
- use GTK system colors
|
|
3070 |
- modify useragent string and add vendor id
|
|
3071 |
- activate smooth-scrolling by default (#74310)
|
|
3072 |
|
|
3073 |
-------------------------------------------------------------------
|
|
3074 |
Tue Mar 22 08:59:06 CET 2005 - stark@suse.de
|
|
3075 |
|
|
3076 |
- don't register beagle automatically (#74062)
|
|
3077 |
- added default bookmarks for SUSE LINUX
|
|
3078 |
|
|
3079 |
-------------------------------------------------------------------
|
|
3080 |
Mon Mar 21 18:20:39 CET 2005 - max@suse.de
|
|
3081 |
|
|
3082 |
- Fixed a typo in the shell code that handles inclusion of the
|
|
3083 |
Acrobat Reader plugin (#70861).
|
|
3084 |
|
|
3085 |
-------------------------------------------------------------------
|
|
3086 |
Thu Mar 17 21:01:11 CET 2005 - stark@suse.de
|
|
3087 |
|
|
3088 |
- updates from upcoming 1.0.2
|
|
3089 |
- added again logic to use Adobe Reader 7 (#70861)
|
|
3090 |
- fixed crash in ICO decoding (#67142, bmo #245631)
|
|
3091 |
- preinstall beagle extension (#72920)
|
|
3092 |
- bugfixes in trigger scripts
|
|
3093 |
- fixed industrial theming for Gnome (#72918)
|
|
3094 |
|
|
3095 |
-------------------------------------------------------------------
|
|
3096 |
Sat Mar 12 12:42:16 CET 2005 - stark@suse.de
|
|
3097 |
|
|
3098 |
- fixed more security related bugs
|
|
3099 |
(bmo #284551, #284627, #285595)
|
|
3100 |
|
|
3101 |
-------------------------------------------------------------------
|
|
3102 |
Wed Mar 9 21:42:05 CET 2005 - stark@suse.de
|
|
3103 |
|
|
3104 |
- update also GNOME desktop file (#71810)
|
|
3105 |
- added firefox-gnome.png to filelist
|
|
3106 |
- use correct Firefox icon
|
|
3107 |
|
|
3108 |
-------------------------------------------------------------------
|
|
3109 |
Mon Mar 7 20:47:00 CET 2005 - stark@suse.de
|
|
3110 |
|
|
3111 |
- disable inclusion of acrobat plugin again (#70861)
|
|
3112 |
- don't use gconfd in registration phase (#66381)
|
|
3113 |
|
|
3114 |
-------------------------------------------------------------------
|
|
3115 |
Mon Mar 7 16:13:29 CET 2005 - adrian@suse.de
|
|
3116 |
|
|
3117 |
- use standard icon again for the default desktop file and
|
|
3118 |
add a Gnome-only desktop file for the Gnome icon
|
|
3119 |
- add plastikfox chrome theme to fix button order within KDE
|
|
3120 |
- add patch for automatic theme selection for KDE and Gnome
|
|
3121 |
- do register extensions in rebuild-databases.sh instead of %install,
|
|
3122 |
to fix needed timestamps
|
|
3123 |
|
|
3124 |
-------------------------------------------------------------------
|
|
3125 |
Fri Mar 4 07:54:47 CET 2005 - stark@suse.de
|
|
3126 |
|
|
3127 |
- extend add-plugins to recognize Java 1.5 (#66909)
|
|
3128 |
- changed comment in desktop-file (#66867)
|
|
3129 |
|
|
3130 |
-------------------------------------------------------------------
|
|
3131 |
Tue Feb 22 09:33:44 CET 2005 - stark@suse.de
|
|
3132 |
|
|
3133 |
- make --display parameter working in all cases (bnc #66043)
|
|
3134 |
- revised postscript patch
|
|
3135 |
- final 1.0.1 codebase
|
|
3136 |
|
|
3137 |
-------------------------------------------------------------------
|
|
3138 |
Mon Feb 21 13:09:30 CET 2005 - stark@suse.de
|
|
3139 |
|
|
3140 |
- added patch to create Postscript level 2 (instead of 3)
|
|
3141 |
(special thanks to Jungshik Shin)
|
|
3142 |
- disabled freetype explicitly to be able to use the above patch
|
|
3143 |
(freetype wasn't used anymore since some time anyway)
|
|
3144 |
|
|
3145 |
-------------------------------------------------------------------
|
|
3146 |
Fri Feb 18 09:10:10 CET 2005 - stark@suse.de
|
|
3147 |
|
|
3148 |
- got more patches from branch to get another IDN fix and to
|
|
3149 |
fix bug #51019
|
|
3150 |
- enabled IDN again
|
|
3151 |
|
|
3152 |
-------------------------------------------------------------------
|
|
3153 |
Wed Feb 16 09:20:39 CET 2005 - stark@suse.de
|
|
3154 |
|
|
3155 |
- bumped version number to 1.0.1
|
|
3156 |
|
|
3157 |
-------------------------------------------------------------------
|
|
3158 |
Tue Feb 15 10:26:04 CET 2005 - stark@suse.de
|
|
3159 |
|
|
3160 |
- got updates from 1.0.1 branch
|
|
3161 |
|
|
3162 |
-------------------------------------------------------------------
|
|
3163 |
Thu Feb 10 06:57:33 CET 2005 - stark@suse.de
|
|
3164 |
|
|
3165 |
- additional fireflashing fix (#50635, bmo #280664)
|
|
3166 |
- some more security related fixes
|
|
3167 |
(bmo #268483, #273498, #277322)
|
|
3168 |
- fire up GTK2 filepicker if GNOME is running
|
|
3169 |
|
|
3170 |
-------------------------------------------------------------------
|
|
3171 |
Tue Feb 8 07:51:13 CET 2005 - stark@suse.de
|
|
3172 |
|
|
3173 |
- some prefs are ignored (bmo #261934)
|
|
3174 |
- disabled default IDN (#50566)
|
|
3175 |
- fixed some more bugzilla.mozilla.org bugs:
|
|
3176 |
#276482, #280056, #280603
|
|
3177 |
|
|
3178 |
-------------------------------------------------------------------
|
|
3179 |
Sun Feb 6 13:10:12 CET 2005 - stark@suse.de
|
|
3180 |
|
|
3181 |
- use same desktop categories for Professional and NLD
|
|
3182 |
- added some lockdown stuff for printing and page saving
|
|
3183 |
(bmo #280488)
|
|
3184 |
|
|
3185 |
-------------------------------------------------------------------
|
|
3186 |
Wed Feb 2 13:58:53 CET 2005 - stark@suse.de
|
|
3187 |
|
|
3188 |
- modified gconf.diff to honor ignore_hosts (bmo #280742)
|
|
3189 |
- added a JS crasher fix (bmo #268535)
|
|
3190 |
- added more fixes (bmo #255441, #273024, #275405, #275634)
|
|
3191 |
|
|
3192 |
-------------------------------------------------------------------
|
|
3193 |
Fri Jan 28 12:39:37 CET 2005 - stark@suse.de
|
|
3194 |
|
|
3195 |
- added gplflash inclusion
|
|
3196 |
- improved JRE inclusion
|
|
3197 |
- reactivated usage of Acrobat Reader plugin
|
|
3198 |
(ready for acroread 7)
|
|
3199 |
|
|
3200 |
-------------------------------------------------------------------
|
|
3201 |
Sat Jan 22 13:16:47 CET 2005 - stark@suse.de
|
|
3202 |
|
|
3203 |
- added some backported bugfixes
|
|
3204 |
|
|
3205 |
-------------------------------------------------------------------
|
|
3206 |
Sat Dec 18 10:30:11 CET 2004 - stark@suse.de
|
|
3207 |
|
|
3208 |
- updated industrial theme to 1.0.9
|
|
3209 |
- use slightly changed icon for menu-entry (bnc #275)
|
|
3210 |
- use original desktop file for NLD again
|
|
3211 |
|
|
3212 |
-------------------------------------------------------------------
|
|
3213 |
Thu Dec 16 19:37:48 CET 2004 - stark@suse.de
|
|
3214 |
|
|
3215 |
- newer patch for GNOME associations (bnc #362)
|
|
3216 |
- fix overwriting of files with GTK picker (Ximian #65068)
|
|
3217 |
- readded the industrial default theme patch for NLD
|
|
3218 |
|
|
3219 |
-------------------------------------------------------------------
|
|
3220 |
Wed Dec 15 11:50:56 CET 2004 - stark@suse.de
|
|
3221 |
|
|
3222 |
- activate GTK filepicker for NLD again
|
|
3223 |
- fix for GNOME helper applications with parameters
|
|
3224 |
- make GNOME associations the default on NLD
|
|
3225 |
|
|
3226 |
-------------------------------------------------------------------
|
|
3227 |
Sat Dec 4 16:11:01 CET 2004 - stark@suse.de
|
|
3228 |
|
|
3229 |
- fixed build on s390/s390x
|
|
3230 |
- added patch to be able to install-global without running X
|
|
3231 |
(bmo #265859)
|
|
3232 |
|
|
3233 |
-------------------------------------------------------------------
|
|
3234 |
Thu Nov 18 21:48:05 CET 2004 - stark@suse.de
|
|
3235 |
|
|
3236 |
- update industrial theme to 1.0.8 (still not activated)
|
|
3237 |
- added patch to make home-directory the default download dir
|
|
3238 |
(on NLD is still used Desktop)
|
|
3239 |
|
|
3240 |
-------------------------------------------------------------------
|
|
3241 |
Thu Nov 11 09:01:58 CET 2004 - stark@suse.de
|
|
3242 |
|
|
3243 |
- made initial window height smaller again
|
|
3244 |
|
|
3245 |
-------------------------------------------------------------------
|
|
3246 |
Tue Nov 9 09:09:06 CET 2004 - stark@suse.de
|
|
3247 |
|
|
3248 |
- update to final 1.0 release (20041109)
|
|
3249 |
|
|
3250 |
-------------------------------------------------------------------
|
|
3251 |
Thu Nov 4 08:22:36 CET 2004 - stark@suse.de
|
|
3252 |
|
|
3253 |
- update to 1.0rc2
|
|
3254 |
|
|
3255 |
-------------------------------------------------------------------
|
|
3256 |
Sat Oct 30 21:27:29 CEST 2004 - stark@suse.de
|
|
3257 |
|
|
3258 |
- added missing s390(x) patch
|
|
3259 |
|
|
3260 |
-------------------------------------------------------------------
|
|
3261 |
Wed Oct 27 07:26:25 CEST 2004 - stark@suse.de
|
|
3262 |
|
|
3263 |
- update to 1.0rc1 codebase
|
|
3264 |
- printing via XFT/fontconfig
|
|
3265 |
- freetype changes to avoid API conflicts with newer freetype2
|
|
3266 |
- fixed build for s390/s390x
|
|
3267 |
- removed AMD64 patch (included upstream)
|
|
3268 |
- added translations sub-package
|
|
3269 |
- removed "Show folder" patch for NLD (resolved upstream)
|
|
3270 |
- don't use gnome-filepicker patch for NLD for now
|
|
3271 |
- removed hppa buildfix (included upstream)
|
|
3272 |
- removed untitled.patch (bmo #24068) resolved by (bmo #262478)
|
|
3273 |
- use make -C browser/installer now to prepare installation
|
|
3274 |
- don't check for default browser at startup (#47587)
|
|
3275 |
- updated industrial.jar (0.99.13) (disabled)
|
|
3276 |
|
|
3277 |
-------------------------------------------------------------------
|
|
3278 |
Fri Oct 15 13:51:54 CEST 2004 - stark@suse.de
|
|
3279 |
|
|
3280 |
- inherit locale from system
|
|
3281 |
- fixed chrome registration
|
|
3282 |
|
|
3283 |
-------------------------------------------------------------------
|
|
3284 |
Wed Oct 6 23:11:01 CEST 2004 - joeshaw@suse.de
|
|
3285 |
|
|
3286 |
- disable gconf settings as default (Ximian #67718)
|
|
3287 |
|
|
3288 |
-------------------------------------------------------------------
|
|
3289 |
Wed Oct 6 07:04:05 CEST 2004 - stark@suse.de
|
|
3290 |
|
|
3291 |
- fixed inclusion of RealPlayer plugin again
|
|
3292 |
|
|
3293 |
-------------------------------------------------------------------
|
|
3294 |
Tue Oct 5 10:09:04 CEST 2004 - stark@suse.de
|
|
3295 |
|
|
3296 |
- small important fix in firefox-download.patch (Ximian #65472)
|
|
3297 |
|
|
3298 |
-------------------------------------------------------------------
|
|
3299 |
Sun Oct 3 00:02:09 CEST 2004 - stark@suse.de
|
|
3300 |
|
|
3301 |
- added security-fix from 0.10.1 (mozilla.org #259708) (#46687)
|
|
3302 |
|
|
3303 |
-------------------------------------------------------------------
|
|
3304 |
Fri Oct 1 12:49:38 CEST 2004 - stark@suse.de
|
|
3305 |
|
|
3306 |
- final fix for downloading to Desktop folder (Ximian #65756)
|
|
3307 |
- remove Postscript from printer names (Ximian #65560)
|
|
3308 |
|
|
3309 |
-------------------------------------------------------------------
|
|
3310 |
Thu Sep 30 16:14:10 CEST 2004 - shprasad@suse.de
|
|
3311 |
|
|
3312 |
- Modified the MozillaFirefox.desktop file.
|
|
3313 |
Changed the name 'Firefox' to 'Firefox Web Browser'.
|
|
3314 |
Also changed it for all languages.
|
|
3315 |
|
|
3316 |
-------------------------------------------------------------------
|
|
3317 |
Wed Sep 29 15:54:46 CEST 2004 - stark@suse.de
|
|
3318 |
|
|
3319 |
- fix inclusion of RealPlayer plugin (Ximian #65711)
|
|
3320 |
|
|
3321 |
-------------------------------------------------------------------
|
|
3322 |
Mon Sep 27 17:51:24 CEST 2004 - joeshaw@suse.de
|
|
3323 |
|
|
3324 |
- Update the industrial default patch, for some reason it didn't
|
|
3325 |
take before.
|
|
3326 |
|
|
3327 |
-------------------------------------------------------------------
|
|
3328 |
Fri Sep 24 07:34:48 CEST 2004 - stark@suse.de
|
|
3329 |
|
|
3330 |
- fix for Ximian #65176 (mozilla.org #240068)
|
|
3331 |
- revised patch for update function (Ximian #65615)
|
|
3332 |
|
|
3333 |
-------------------------------------------------------------------
|
|
3334 |
Thu Sep 23 20:21:39 CEST 2004 - joeshaw@suse.de
|
|
3335 |
|
|
3336 |
- Uncomment the patch which tells the UI that industrial is the
|
|
3337 |
default.
|
|
3338 |
|
|
3339 |
-------------------------------------------------------------------
|
|
3340 |
Thu Sep 23 12:38:06 CEST 2004 - stark@suse.de
|
|
3341 |
|
|
3342 |
- open Nautilus on NLD for 'Show folder' in download settings
|
|
3343 |
(Ximian #65472) by sragavan@novell.com
|
|
3344 |
- save to Desktop folder if selected (Ximian #65756)
|
|
3345 |
by sragavan@novell.com
|
|
3346 |
|
|
3347 |
-------------------------------------------------------------------
|
|
3348 |
Wed Sep 22 10:23:01 CEST 2004 - stark@suse.de
|
|
3349 |
|
|
3350 |
- synced NLD package with 9.2 version
|
|
3351 |
- GTK2 filepicker does now ask for confirmation when overwriting
|
|
3352 |
files (Ximian #65068) by sagarwala@novell.com
|
|
3353 |
- no direct update function (Ximian #65615) by rganesan@novell.com
|
|
3354 |
- throbber linked to Novell (Ximian #66283) by rganesan@novell.com
|
|
3355 |
- make industrial the default theme for NLD
|
|
3356 |
(Ximian #65542) by joeshaw@suse.de
|
|
3357 |
|
|
3358 |
-------------------------------------------------------------------
|
|
3359 |
Mon Sep 20 22:00:55 CEST 2004 - joeshaw@suse.de
|
|
3360 |
|
|
3361 |
- Add default bookmarks. Ximian #65546.
|
|
3362 |
- Add the industrial theme, but it's not the default yet.
|
|
3363 |
- Remove acroread from add-plugins because it's badly behaved.
|
|
3364 |
Ximian #65499.
|
|
3365 |
|
|
3366 |
-------------------------------------------------------------------
|
|
3367 |
Mon Sep 20 17:57:38 CEST 2004 - federico@ximian.com
|
|
3368 |
|
|
3369 |
- Added MozillaFirefox-toplevel-window-height.diff for
|
|
3370 |
http://bugzilla.ximian.com/show_bug.cgi?id=65543
|
|
3371 |
|
|
3372 |
-------------------------------------------------------------------
|
|
3373 |
Sun Sep 19 15:42:30 CEST 2004 - stark@suse.de
|
|
3374 |
|
|
3375 |
- use GNOME system prefs only for NLD by default
|
|
3376 |
(fixes bug #45575)
|
|
3377 |
|
|
3378 |
-------------------------------------------------------------------
|
|
3379 |
Fri Sep 17 08:59:32 CEST 2004 - stark@suse.de
|
|
3380 |
|
|
3381 |
- joeshaw@suse.de: Update GConf patch so that proxy settings work
|
|
3382 |
correctly (Ximian #64461)
|
|
3383 |
- don't search Java on every path (Ximian #65383)
|
|
3384 |
- added some missing fixes for official release
|
|
3385 |
- added new java package name for triggers (#45257)
|
|
3386 |
|
|
3387 |
-------------------------------------------------------------------
|
|
3388 |
Sat Sep 11 13:25:41 CEST 2004 - stark@suse.de
|
|
3389 |
|
|
3390 |
- update to official 1.0PR (0.10)
|
|
3391 |
- adopted gnome-filepicker patch
|
|
3392 |
- removed obsolete CUPS hack from start-script
|
|
3393 |
(Ximian #65635, #65560)
|
|
3394 |
|
|
3395 |
-------------------------------------------------------------------
|
|
3396 |
Thu Sep 9 21:35:42 CEST 2004 - stark@suse.de
|
|
3397 |
|
|
3398 |
- fixed endianess on AMD64 in JS component (#34743)
|
|
3399 |
|
|
3400 |
-------------------------------------------------------------------
|
|
3401 |
Mon Sep 6 17:33:07 CEST 2004 - stark@suse.de
|
|
3402 |
|
|
3403 |
- fixed filelist
|
|
3404 |
|
|
3405 |
-------------------------------------------------------------------
|
|
3406 |
Mon Sep 6 13:48:03 CEST 2004 - stark@suse.de
|
|
3407 |
|
|
3408 |
- update to 1.0PR (aka 0.10)
|
|
3409 |
|
|
3410 |
-------------------------------------------------------------------
|
|
3411 |
Fri Sep 3 21:35:47 CEST 2004 - stark@suse.de
|
|
3412 |
|
|
3413 |
- added ppc64 patch
|
|
3414 |
|
|
3415 |
-------------------------------------------------------------------
|
|
3416 |
Thu Sep 2 03:08:59 CEST 2004 - dave@suse.de
|
|
3417 |
|
|
3418 |
- Fixed up the .desktop installation on nld
|
|
3419 |
|
|
3420 |
-------------------------------------------------------------------
|
|
3421 |
Wed Sep 1 15:05:48 CEST 2004 - shprasad@suse.de
|
|
3422 |
|
|
3423 |
- Doesn't ask to set Firefox as default web-browser.
|
|
3424 |
|
|
3425 |
-------------------------------------------------------------------
|
|
3426 |
Tue Aug 31 14:01:18 CEST 2004 - stark@suse.de
|
|
3427 |
|
|
3428 |
- next new version for filepicker stuff
|
|
3429 |
- deactivated native filepicker for NLD
|
|
3430 |
- update to snapshot (20040831)
|
|
3431 |
|
|
3432 |
-------------------------------------------------------------------
|
|
3433 |
Tue Aug 24 17:35:52 CEST 2004 - stark@suse.de
|
|
3434 |
|
|
3435 |
- new version of gnome-filepicker patch
|
|
3436 |
- added patch for config
|
|
3437 |
|
|
3438 |
-------------------------------------------------------------------
|
|
3439 |
Fri Aug 20 17:12:48 CEST 2004 - stark@suse.de
|
|
3440 |
|
|
3441 |
- update to snapshot (20040820)
|
|
3442 |
|
|
3443 |
-------------------------------------------------------------------
|
|
3444 |
Thu Aug 19 08:46:42 CEST 2004 - stark@suse.de
|
|
3445 |
|
|
3446 |
- added workaround for mozilla bug #246313
|
|
3447 |
(Firefox does not start: getting "cannot open display" error)
|
|
3448 |
|
|
3449 |
-------------------------------------------------------------------
|
|
3450 |
Wed Aug 18 15:07:22 CEST 2004 - stark@suse.de
|
|
3451 |
|
|
3452 |
- added some patches from Ximian
|
|
3453 |
- use GNOME filepicker
|
|
3454 |
- use more gconf settings
|
|
3455 |
- set startup homepage to Novell
|
|
3456 |
|
|
3457 |
-------------------------------------------------------------------
|
|
3458 |
Tue Aug 17 13:12:35 CEST 2004 - stark@suse.de
|
|
3459 |
|
|
3460 |
- update to pre-1.0.0 (20040817)
|
|
3461 |
|
|
3462 |
-------------------------------------------------------------------
|
|
3463 |
Thu Aug 5 06:27:41 CEST 2004 - stark@suse.de
|
|
3464 |
|
|
3465 |
- security update to 0.9.3
|
|
3466 |
(including #43312 and others)
|
|
3467 |
- handle RealPlayer 9 plugin
|
|
3468 |
|
|
3469 |
-------------------------------------------------------------------
|
|
3470 |
Mon Aug 2 15:11:51 CEST 2004 - ro@suse.de
|
|
3471 |
|
|
3472 |
- recode desktop file to utf-8
|
|
3473 |
|
|
3474 |
-------------------------------------------------------------------
|
|
3475 |
Wed Jul 28 08:46:31 CEST 2004 - stark@suse.de
|
|
3476 |
|
|
3477 |
- added fix against certificate spoofing (#43312)
|
|
3478 |
|
|
3479 |
-------------------------------------------------------------------
|
|
3480 |
Fri Jul 23 06:31:41 CEST 2004 - stark@suse.de
|
|
3481 |
|
|
3482 |
- update to 0.9.2
|
|
3483 |
- added workaround for extension registry
|
|
3484 |
- removed old (incompatible) mozex extension
|
|
3485 |
|
|
3486 |
-------------------------------------------------------------------
|
|
3487 |
Tue Jun 29 06:27:59 CEST 2004 - stark@suse.de
|
|
3488 |
|
|
3489 |
- update to 0.9.1
|
|
3490 |
- added hint to run as root first
|
|
3491 |
|
|
3492 |
-------------------------------------------------------------------
|
|
3493 |
Tue Jun 15 12:42:28 CEST 2004 - stark@suse.de
|
|
3494 |
|
|
3495 |
- update to 0.9
|
|
3496 |
- added patch for newer freetype
|
|
3497 |
|
|
3498 |
-------------------------------------------------------------------
|
|
3499 |
Fri Apr 2 10:31:45 CEST 2004 - stark@suse.de
|
|
3500 |
|
|
3501 |
- removing relocation of TEMP directory (#34391)
|
|
3502 |
|
|
3503 |
-------------------------------------------------------------------
|
|
3504 |
Mon Mar 29 11:43:51 CEST 2004 - stark@suse.de
|
|
3505 |
|
|
3506 |
- update to 0.8.0+ (20040503)
|
|
3507 |
- removed firefox logos and activate official branding for
|
|
3508 |
milestone builds
|
|
3509 |
- changed profile-dir to .firefox
|
|
3510 |
- added some needed files
|
|
3511 |
- enabled gnomevfs extension
|
|
3512 |
|
|
3513 |
-------------------------------------------------------------------
|
|
3514 |
Fri Mar 26 18:09:34 CET 2004 - uli@suse.de
|
|
3515 |
|
|
3516 |
- fixed hang during build on s390* (bug #35440)
|
|
3517 |
|
|
3518 |
-------------------------------------------------------------------
|
|
3519 |
Wed Mar 3 06:52:00 CET 2004 - stark@suse.de
|
|
3520 |
|
|
3521 |
- removed unused patches for GTK2 build
|
|
3522 |
- more fixes for (#35179)
|
|
3523 |
|
|
3524 |
-------------------------------------------------------------------
|
|
3525 |
Mon Mar 1 07:32:52 CET 2004 - stark@suse.de
|
|
3526 |
|
|
3527 |
- improved start-script to interact with thunderbird (#35179)
|
|
3528 |
|
|
3529 |
-------------------------------------------------------------------
|
|
3530 |
Thu Feb 26 06:57:05 CET 2004 - stark@suse.de
|
|
3531 |
|
|
3532 |
- use official releasedate
|
|
3533 |
- added official (trademarked) artwork
|
|
3534 |
- added firefox icon to /usr/share/pixmaps
|
|
3535 |
- cleaned up spec-file (there will be no GTK1 version)
|
|
3536 |
|
|
3537 |
-------------------------------------------------------------------
|
|
3538 |
Tue Feb 24 16:43:17 CET 2004 - stark@suse.de
|
|
3539 |
|
|
3540 |
- fixed optimization for non-x86 archs
|
|
3541 |
|
|
3542 |
-------------------------------------------------------------------
|
|
3543 |
Tue Feb 24 07:43:35 CET 2004 - stark@suse.de
|
|
3544 |
|
|
3545 |
- adopted file-list and build options to original distribution
|
|
3546 |
- added prdtoa fix (#32963)
|
|
3547 |
- added hook for static firefox build to rebuild-databases.sh
|
|
3548 |
- added compiler flags for security/ (nss-opt.patch)
|
|
3549 |
- included mozex (mozex.mozdev.org)
|
|
3550 |
- added -Os as optimization flag
|
|
3551 |
|
|
3552 |
-------------------------------------------------------------------
|
|
3553 |
Mon Feb 9 21:59:37 CET 2004 - stark@suse.de
|
|
3554 |
|
|
3555 |
- renamed to MozillaFirefox
|
|
3556 |
- update to final version 0.8
|
|
3557 |
|
|
3558 |
-------------------------------------------------------------------
|
|
3559 |
Fri Feb 6 08:39:15 CET 2004 - stark@suse.de
|
|
3560 |
|
|
3561 |
- update to Firebird 0.8 (20040205)
|
|
3562 |
- added mips build fix
|
|
3563 |
- set PS printer list in MozillaFirebird.sh
|
|
3564 |
- use lib64 again for biarch platforms
|
|
3565 |
|
|
3566 |
-------------------------------------------------------------------
|
|
3567 |
Sat Jan 10 10:33:54 CET 2004 - adrian@suse.de
|
|
3568 |
|
|
3569 |
- build as user
|
|
3570 |
|
|
3571 |
-------------------------------------------------------------------
|
|
3572 |
Fri Aug 22 11:32:07 CEST 2003 - stark@suse.de
|
|
3573 |
|
|
3574 |
- upstream sync for 0.6.1post
|
|
3575 |
|
|
3576 |
-------------------------------------------------------------------
|
|
3577 |
Sun Aug 10 22:01:12 CEST 2003 - stark@suse.de
|
|
3578 |
|
|
3579 |
- removed dmoz from searchplugins-filelist
|
|
3580 |
|
|
3581 |
-------------------------------------------------------------------
|
|
3582 |
Fri Aug 8 10:30:50 CEST 2003 - stark@suse.de
|
|
3583 |
|
|
3584 |
- update to 0.6.1post (TRUNK)
|
|
3585 |
- use -fno-strict-aliasing
|
|
3586 |
|
|
3587 |
-------------------------------------------------------------------
|
|
3588 |
Thu Jul 31 11:25:39 CEST 2003 - stark@suse.de
|
|
3589 |
|
|
3590 |
- update to 0.6.1 (MOZILLA_1_4_BRANCH)
|
|
3591 |
- synchronized with mozilla-source
|
|
3592 |
- created file-list
|
|
3593 |
|
|
3594 |
-------------------------------------------------------------------
|
|
3595 |
Thu Jul 10 09:45:49 CEST 2003 - stark@suse.de
|
|
3596 |
|
|
3597 |
- update to snapshot 20030709
|
|
3598 |
- fixed generation of symlink MozillaFirebird-xremote-client
|
|
3599 |
|
|
3600 |
-------------------------------------------------------------------
|
|
3601 |
Fri Jun 20 06:53:08 CEST 2003 - stark@suse.de
|
|
3602 |
|
|
3603 |
- update to snapshot 20030622 (0.7pre)
|
|
3604 |
|
|
3605 |
-------------------------------------------------------------------
|
|
3606 |
Mon May 19 08:54:46 CEST 2003 - stark@suse.de
|
|
3607 |
|
|
3608 |
- update to snapshot 20030518 (0.6)
|
|
3609 |
|
|
3610 |
-------------------------------------------------------------------
|
|
3611 |
Sun May 7 10:11:16 CEST 2003 - stark@suse.de
|
|
3612 |
|
|
3613 |
- update to snapshot 20030507
|
|
3614 |
|
|
3615 |
-------------------------------------------------------------------
|
|
3616 |
Wed Apr 30 13:26:43 CEST 2003 - stark@suse.de
|
|
3617 |
|
|
3618 |
- initial SuSE package
|
|
3619 |
|