|
1 ------------------------------------------------------------------- |
|
2 Mon Jun 8 21:20:43 UTC 2015 - wr@rosenauer.org |
|
3 |
|
4 - renamed package to firefox-esr for ESR 38 cycle |
|
5 |
|
6 ------------------------------------------------------------------- |
|
7 Sun Jun 7 07:09:12 UTC 2015 - wr@rosenauer.org |
|
8 |
|
9 - update to Firefox 38.0.6 |
|
10 * fixes bmo#1171730 which is not really relevant to oS builds |
|
11 - fix KDE regression from 38.0.5 builds (bsc#933439) |
|
12 |
|
13 ------------------------------------------------------------------- |
|
14 Sat May 23 21:13:49 UTC 2015 - wr@rosenauer.org |
|
15 |
|
16 - update to Firefox 38.0.5 |
|
17 * Keep track of articles and videos with Pocket |
|
18 * Clean formatting for articles and blog posts with Reader View |
|
19 * Share the active tab or window in a Hello conversation |
|
20 - add changes file as source for SRPM (bsc#932142) |
|
21 |
|
22 ------------------------------------------------------------------- |
|
23 Fri May 15 10:40:19 UTC 2015 - normand@linux.vnet.ibm.com |
|
24 |
|
25 - add mozilla-add-glibcxx_use_cxx11_abi.patch grabbed from |
|
26 https://bugzilla.mozilla.org/show_bug.cgi?id=1153109 |
|
27 |
|
28 ------------------------------------------------------------------- |
|
29 Fri May 15 07:37:46 UTC 2015 - wr@rosenauer.org |
|
30 |
|
31 - update to Firefox 38.0.1 |
|
32 stability and regression fixes |
|
33 * Systems with first generation NVidia Optimus graphics cards |
|
34 may crash on start-up |
|
35 * Users who import cookies from Google Chrome can end up with |
|
36 broken websites |
|
37 * Large animated images may fail to play and may stop other |
|
38 images from loading |
|
39 |
|
40 ------------------------------------------------------------------- |
|
41 Sun May 10 07:07:49 UTC 2015 - wr@rosenauer.org |
|
42 |
|
43 - update to Firefox 38.0 (bnc#930622) |
|
44 * New tab-based preferences |
|
45 * Ruby annotation support |
|
46 * more info: https://www.mozilla.org/en-US/firefox/38.0/releasenotes/ |
|
47 security fixes: |
|
48 * MFSA 2015-46/CVE-2015-2708/CVE-2015-2709 |
|
49 Miscellaneous memory safety hazards |
|
50 * MFSA 2015-47/VE-2015-0797 (bmo#1080995) |
|
51 Buffer overflow parsing H.264 video with Linux Gstreamer |
|
52 * MFSA 2015-48/CVE-2015-2710 (bmo#1149542) |
|
53 Buffer overflow with SVG content and CSS |
|
54 * MFSA 2015-49/CVE-2015-2711 (bmo#1113431) |
|
55 Referrer policy ignored when links opened by middle-click and |
|
56 context menu |
|
57 * MFSA 2015-50/CVE-2015-2712 (bmo#1152280) |
|
58 Out-of-bounds read and write in asm.js validation |
|
59 * MFSA 2015-51/CVE-2015-2713 (bmo#1153478) |
|
60 Use-after-free during text processing with vertical text enabled |
|
61 * MFSA 2015-53/CVE-2015-2715 (bmo#988698) |
|
62 Use-after-free due to Media Decoder Thread creation during shutdown |
|
63 * MFSA 2015-54/CVE-2015-2716 (bmo#1140537) |
|
64 Buffer overflow when parsing compressed XML |
|
65 * MFSA 2015-55/CVE-2015-2717 (bmo#1154683) |
|
66 Buffer overflow and out-of-bounds read while parsing MP4 video |
|
67 metadata |
|
68 * MFSA 2015-56/CVE-2015-2718 (bmo#1146724) |
|
69 Untrusted site hosting trusted page can intercept webchannel |
|
70 responses |
|
71 * MFSA 2015-57/CVE-2011-3079 (bmo#1087565) |
|
72 Privilege escalation through IPC channel messages |
|
73 - requires NSS 3.18.1 |
|
74 - removed obsolete patches: |
|
75 * mozilla-skia-bmo1136958.patch |
|
76 - remove gnomevfs build options as it is removed from sources |
|
77 - rebased patches |
|
78 |
|
79 ------------------------------------------------------------------- |
|
80 Fri Apr 17 16:39:20 UTC 2015 - wr@rosenauer.org |
|
81 |
|
82 - update to Firefox 37.0.2 (bnc#928116) |
|
83 * MFSA 2015-45/CVE-2015-2706 (bmo#1141081) |
|
84 Memory corruption during failed plugin initialization |
|
85 |
|
86 ------------------------------------------------------------------- |
|
87 Fri Apr 3 08:27:24 UTC 2015 - wr@rosenauer.org |
|
88 |
|
89 - update to Firefox 37.0.1 (bnc#926166) |
|
90 * MFSA 2015-43/CVE-2015-0798 (bmo#1147597) (Android only) |
|
91 Loading privileged content through Reader mode |
|
92 * MFSA 2015-44/CVE-2015-0799 (bmo#1148328) |
|
93 Certificate verification bypass through the HTTP/2 Alt-Svc header |
|
94 |
|
95 ------------------------------------------------------------------- |
|
96 Sat Mar 28 09:46:48 UTC 2015 - wr@rosenauer.org |
|
97 |
|
98 - update to Firefox 37.0 (bnc#925368) |
|
99 * Heartbeat user rating system |
|
100 * Yandex set as default search provider for the Turkish locale |
|
101 * Bing search now uses HTTPS for secure searching |
|
102 * Improved protection against site impersonation via OneCRL |
|
103 centralized certificate revocation |
|
104 * Opportunistically encrypt HTTP traffic where the server supports |
|
105 HTTP/2 AltSvc |
|
106 * some more behaviour changes for TLS |
|
107 security fixes: |
|
108 * MFSA 2015-30/CVE-2015-0814/CVE-2015-0815 |
|
109 Miscellaneous memory safety hazards |
|
110 * MFSA 2015-31/CVE-2015-0813 (bmo#1106596)) |
|
111 Use-after-free when using the Fluendo MP3 GStreamer plugin |
|
112 * MFSA 2015-32/CVE-2015-0812 (bmo#1128126) |
|
113 Add-on lightweight theme installation approval bypassed through |
|
114 MITM attack |
|
115 * MFSA 2015-33/CVE-2015-0816 (bmo#1144991) |
|
116 resource:// documents can load privileged pages |
|
117 * MFSA-2015-34/CVE-2015-0811 (bmo#1132468) |
|
118 Out of bounds read in QCMS library |
|
119 * MFSA-2015-35/CVE-2015-0810 (bmo#1125013) |
|
120 Cursor clickjacking with flash and images (OS X only) |
|
121 * MFSA-2015-36/CVE-2015-0808 (bmo#1109552) |
|
122 Incorrect memory management for simple-type arrays in WebRTC |
|
123 * MFSA-2015-37/CVE-2015-0807 (bmo#1111834) |
|
124 CORS requests should not follow 30x redirections after preflight |
|
125 * MFSA-2015-38/CVE-2015-0805/CVE-2015-0806 (bmo#1135511, bmo#1099437) |
|
126 Memory corruption crashes in Off Main Thread Compositing |
|
127 * MFSA-2015-39/CVE-2015-0803/CVE-2015-0804 (bmo#1134560) |
|
128 Use-after-free due to type confusion flaws |
|
129 * MFSA-2015-40/CVE-2015-0801 (bmo#1146339) |
|
130 Same-origin bypass through anchor navigation |
|
131 * MFSA-2015-41/CVE-2015-0800/CVE-2012-2808 |
|
132 PRNG weakness allows for DNS poisoning on Android (only) |
|
133 * MFSA-2015-42/CVE-2015-0802 (bmo#1124898) |
|
134 Windows can retain access to privileged content on navigation |
|
135 to unprivileged pages |
|
136 - removed obsolete patches |
|
137 * mozilla-bmo1088588.patch |
|
138 * mozilla-bmo1108834.patch |
|
139 - requires NSPR 4.10.8 |
|
140 |
|
141 ------------------------------------------------------------------- |
|
142 Tue Mar 24 15:35:24 UTC 2015 - dvaleev@suse.com |
|
143 |
|
144 - Fix builds with skia on Power |
|
145 mozilla-skia-be-le.patch (patch from #bmo1136958) |
|
146 mozilla-bmo1108834.patch |
|
147 mozilla-bmo1005535.patch |
|
148 |
|
149 ------------------------------------------------------------------- |
|
150 Sat Mar 21 09:03:12 UTC 2015 - wr@rosenauer.org |
|
151 |
|
152 - update to Firefox 36.0.4 (bnc#923534) |
|
153 * MFSA 2015-28/CVE-2015-0818 (bmo#1144988) |
|
154 Privilege escalation through SVG navigation |
|
155 * MFSA 2015-29/CVE-2015-0817 (bmo#1145255) |
|
156 Code execution through incorrect JavaScript bounds checking |
|
157 elimination |
|
158 |
|
159 ------------------------------------------------------------------- |
|
160 Fri Mar 20 15:02:33 UTC 2015 - dimstar@opensuse.org |
|
161 |
|
162 - Copy the icons to /usr/share/icons instead of symlinking them: |
|
163 in preparation for containerized apps (e.g. xdg-app) as well as |
|
164 AppStream metadata extraction, there are a couple locations that |
|
165 need to be real files for system integration (.desktop files, |
|
166 icons, mime-type info). |
|
167 |
|
168 ------------------------------------------------------------------- |
|
169 Sat Mar 7 07:40:56 UTC 2015 - wr@rosenauer.org |
|
170 |
|
171 - update to Firefox 36.0.1 |
|
172 Bugfixes: |
|
173 * Disable the usage of the ANY DNS query type (bmo#1093983) |
|
174 * Hello may become inactive until restart (bmo#1137469) |
|
175 * Print preferences may not be preserved (bmo#1136855) |
|
176 * Hello contact tabs may not be visible (bmo#1137141) |
|
177 * Accept hostnames that include an underscore character ("_") |
|
178 (bmo#1136616) |
|
179 * WebGL may use significant memory with Canvas2d (bmo#1137251) |
|
180 * Option -remote has been restored (bmo#1080319) |
|
181 - added mozilla-skia-bmo1136958.patch to fix build issues for |
|
182 ARM and PPC |
|
183 |
|
184 ------------------------------------------------------------------- |
|
185 Fri Feb 20 22:53:39 UTC 2015 - wr@rosenauer.org |
|
186 |
|
187 - update to Firefox 36.0 (bnc#917597) |
|
188 * mozilla-xremote-client was removed |
|
189 * added libclearkey.so media plugin |
|
190 * Pinned tiles on the new tab page can be synced |
|
191 * Support for the full HTTP/2 protocol. HTTP/2 enables a faster, |
|
192 more scalable, and more responsive web. |
|
193 * Locale added: Uzbek (uz) |
|
194 security fixes: |
|
195 * MFSA 2015-11/CVE-2015-0835/CVE-2015-0836 |
|
196 Miscellaneous memory safety hazards |
|
197 * MFSA 2015-12/CVE-2015-0833 (bmo#945192) |
|
198 Invoking Mozilla updater will load locally stored DLL files |
|
199 (Windows only) |
|
200 * MFSA 2015-13/CVE-2015-0832 (bmo#1065909) |
|
201 Appended period to hostnames can bypass HPKP and HSTS protections |
|
202 * MFSA 2015-14/CVE-2015-0830 (bmo#1110488) |
|
203 Malicious WebGL content crash when writing strings |
|
204 * MFSA 2015-15/CVE-2015-0834 (bmo#1098314) |
|
205 TLS TURN and STUN connections silently fail to simple TCP connections |
|
206 * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) |
|
207 Use-after-free in IndexedDB |
|
208 * MFSA 2015-17/CVE-2015-0829 (bmo#1128939) |
|
209 Buffer overflow in libstagefright during MP4 video playback |
|
210 * MFSA 2015-18/CVE-2015-0828 (bmo#1030667, bmo#988675) |
|
211 Double-free when using non-default memory allocators with a |
|
212 zero-length XHR |
|
213 * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) |
|
214 Out-of-bounds read and write while rendering SVG content |
|
215 * MFSA 2015-20/CVE-2015-0826 (bmo#1092363) |
|
216 Buffer overflow during CSS restyling |
|
217 * MFSA 2015-21/CVE-2015-0825 (bmo#1092370) |
|
218 Buffer underflow during MP3 playback |
|
219 * MFSA 2015-22/CVE-2015-0824 (bmo#1095925) |
|
220 Crash using DrawTarget in Cairo graphics library |
|
221 * MFSA 2015-23/CVE-2015-0823 (bmo#1098497) |
|
222 Use-after-free in Developer Console date with OpenType Sanitiser |
|
223 * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) |
|
224 Reading of local files through manipulation of form autocomplete |
|
225 * MFSA 2015-25/CVE-2015-0821 (bmo#1111960) |
|
226 Local files or privileged URLs in pages can be opened into new tabs |
|
227 * MFSA 2015-26/CVE-2015-0819 (bmo#1079554) |
|
228 UI Tour whitelisted sites in background tab can spoof foreground |
|
229 tabs |
|
230 * MFSA 2015-27CVE-2015-0820 (bmo#1125398) |
|
231 Caja Compiler JavaScript sandbox bypass |
|
232 - rebased patches |
|
233 - requires NSS 3.17.4 |
|
234 |
|
235 ------------------------------------------------------------------- |
|
236 Sat Jan 31 18:37:38 UTC 2015 - wr@rosenauer.org |
|
237 |
|
238 - update to Firefox 35.0.1 |
|
239 * With the Enhanced Steam extension, Firefox could crash (bmo#1123732) |
|
240 * Kerberos authentication did not work with alias (bmo#1108971) |
|
241 * SVG / CSS animation had a regression causing rendering issues on |
|
242 websites like openstreemap.org (bmo#1083079) |
|
243 * On Godaddy webmail, Firefox could crash (bmo#1113121) |
|
244 * document.baseURI did not get updated to document.location after |
|
245 base tag was removed from DOM for site with a CSP (bmo#1121857) |
|
246 * With a Right-to-left (RTL) version of Firefox, the text selection |
|
247 could be broken (bmo#1104036) |
|
248 * CSP had a change in behavior with regard to case sensitivity |
|
249 resources loading (bmo#1122445) |
|
250 |
|
251 ------------------------------------------------------------------- |
|
252 Sat Jan 10 18:36:37 UTC 2015 - wr@rosenauer.org |
|
253 |
|
254 - update to Firefox 35.0 (bnc#910669) |
|
255 notable features: |
|
256 * Firefox Hello with new rooms-based conversations model |
|
257 * Implemented HTTP Public Key Pinning Extension (for enhanced |
|
258 authentication of encrypted connections) |
|
259 security fixes: |
|
260 * MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 |
|
261 Miscellaneous memory safety hazards |
|
262 * MFSA 2015-02/CVE-2014-8637 (bmo#1094536) |
|
263 Uninitialized memory use during bitmap rendering |
|
264 * MFSA 2015-03/CVE-2014-8638 (bmo#1080987) |
|
265 sendBeacon requests lack an Origin header |
|
266 * MFSA 2015-04/CVE-2014-8639 (bmo#1095859) |
|
267 Cookie injection through Proxy Authenticate responses |
|
268 * MFSA 2015-05/CVE-2014-8640 (bmo#1100409) |
|
269 Read of uninitialized memory in Web Audio |
|
270 * MFSA 2015-06/CVE-2014-8641 (bmo#1108455) |
|
271 Read-after-free in WebRTC |
|
272 * MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only) |
|
273 Gecko Media Plugin sandbox escape |
|
274 * MFSA 2015-08/CVE-2014-8642 (bmo#1079658) |
|
275 Delegated OCSP responder certificates failure with |
|
276 id-pkix-ocsp-nocheck extension |
|
277 * MFSA 2015-09/CVE-2014-8636 (bmo#987794) |
|
278 XrayWrapper bypass through DOM objects |
|
279 - rebased patches |
|
280 - dropped explicit support for everything older than 12.3 |
|
281 (including SLES11) |
|
282 * merge firefox-kde.patch and firefox-kde-114.patch |
|
283 * dropped mozilla-sle11.patch |
|
284 - reworked specfile to build conditionally based on release channel |
|
285 either Firefox or Firefox Developer Edition |
|
286 - added mozilla-openaes-decl.patch to fix implicit declarations |
|
287 - obsolete tracker-miner-firefox < 0.15 because it leads to startup |
|
288 crashes (bnc#908892) |
|
289 |
|
290 ------------------------------------------------------------------- |
|
291 Sat Dec 13 22:13:00 UTC 2014 - Led <ledest@gmail.com> |
|
292 |
|
293 - fix bashism in mozilla.sh script |
|
294 |
|
295 ------------------------------------------------------------------- |
|
296 Sat Nov 29 21:23:03 UTC 2014 - wr@rosenauer.org |
|
297 |
|
298 - update to Firefox 34.0.5 (bnc#908009) |
|
299 * Default search engine changed to Yahoo! for North America |
|
300 * Default search engine changed to Yandex for Belarusian, Kazakh, |
|
301 and Russian locales |
|
302 * Improved search bar (en-US only) |
|
303 * Firefox Hello real-time communication client |
|
304 * Easily switch themes/personas directly in the Customizing mode |
|
305 * Implementation of HTTP/2 (draft14) and ALPN |
|
306 * Disabled SSLv3 |
|
307 * MFSA 2014-83/CVE-2014-1587/CVE-2014-1588 |
|
308 Miscellaneous memory safety hazards |
|
309 * MFSA 2014-84/CVE-2014-1589 (bmo#1043787) |
|
310 XBL bindings accessible via improper CSS declarations |
|
311 * MFSA 2014-85/CVE-2014-1590 (bmo#1087633) |
|
312 XMLHttpRequest crashes with some input streams |
|
313 * MFSA 2014-86/CVE-2014-1591 (bmo#1069762) |
|
314 CSP leaks redirect data via violation reports |
|
315 * MFSA 2014-87/CVE-2014-1592 (bmo#1088635) |
|
316 Use-after-free during HTML5 parsing |
|
317 * MFSA 2014-88/CVE-2014-1593 (bmo#1085175) |
|
318 Buffer overflow while parsing media content |
|
319 * MFSA 2014-89/CVE-2014-1594 (bmo#1074280) |
|
320 Bad casting from the BasicThebesLayer to BasicContainerLayer |
|
321 - rebased patches |
|
322 - limit linker memory usage for %ix86 |
|
323 - rebased patches |
|
324 |
|
325 ------------------------------------------------------------------- |
|
326 Fri Nov 7 20:14:32 UTC 2014 - wr@rosenauer.org |
|
327 |
|
328 - update to Firefox 33.1 |
|
329 * Adding DuckDuckGo as a search option (upstream) |
|
330 * Forget Button added |
|
331 * Enhanced Tiles |
|
332 * Privacy tour introduced |
|
333 - fix typo in GStreamer Recommends |
|
334 |
|
335 ------------------------------------------------------------------- |
|
336 Tue Nov 4 18:00:35 UTC 2014 - guillaume@opensuse.org |
|
337 |
|
338 - Disable elf-hack for aarch64 |
|
339 - Enable EGL for aarch64 |
|
340 - Limit RAM usage during link for %arm |
|
341 - Fix _constraints for ARM |
|
342 |
|
343 ------------------------------------------------------------------- |
|
344 Mon Nov 3 11:36:04 UTC 2014 - dmueller@suse.com |
|
345 |
|
346 - use proper macros for ARM |
|
347 |
|
348 ------------------------------------------------------------------- |
|
349 Mon Nov 3 11:26:23 UTC 2014 - josua.mayer97@gmail.com |
|
350 |
|
351 - use '--disable-optimize' not only on 32-bit x86, but on 32-bit arm too |
|
352 to fix compiling. |
|
353 - pass '-Wl,--no-keep-memory' to linker to reduce required memory during |
|
354 linking on arm. |
|
355 |
|
356 ------------------------------------------------------------------- |
|
357 Thu Oct 30 11:31:05 UTC 2014 - wr@rosenauer.org |
|
358 |
|
359 - update to Firefox 33.0.2 |
|
360 * Fix a startup crash with some combination of hardware and drivers |
|
361 33.0.1 |
|
362 * Firefox displays a black screen at start-up with certain |
|
363 graphics drivers |
|
364 - adjusted _constraints for ARM |
|
365 |
|
366 ------------------------------------------------------------------- |
|
367 Tue Oct 28 15:23:09 UTC 2014 - josua.mayer97@gmail.com |
|
368 |
|
369 - added mozilla-bmo1088588.patch to fix build with EGL (bmo#1088588) |
|
370 |
|
371 ------------------------------------------------------------------- |
|
372 Sat Oct 25 08:45:43 UTC 2014 - wr@rosenauer.org |
|
373 |
|
374 - define /usr/share/myspell as additional dictionary location |
|
375 and remove add-plugins.sh finally (bnc#900639) |
|
376 |
|
377 ------------------------------------------------------------------- |
|
378 Sun Oct 19 12:59:28 UTC 2014 - vindex17@outlook.it |
|
379 |
|
380 - use Firefox default optimization flags instead of -Os |
|
381 - specfile cleanup |
|
382 |
|
383 ------------------------------------------------------------------- |
|
384 Wed Oct 15 08:05:33 UTC 2014 - wr@rosenauer.org |
|
385 |
|
386 - fix build for all ppc by not enabling elf-hack |
|
387 (bnc#901213) |
|
388 |
|
389 ------------------------------------------------------------------- |
|
390 Sat Oct 11 08:48:24 UTC 2014 - wr@rosenauer.org |
|
391 |
|
392 - update to Firefox 33.0 (bnc#900941) |
|
393 New features: |
|
394 * OpenH264 support (sandboxed) |
|
395 * Enhanced Tiles |
|
396 * Improved search experience through the location bar |
|
397 * Slimmer and faster JavaScript strings |
|
398 * New CSP (Content Security Policy) backend |
|
399 * Support for connecting to HTTP proxy over HTTPS |
|
400 * Improved reliability of the session restoration |
|
401 * Proprietary window.crypto properties/functions removed |
|
402 Security: |
|
403 * MFSA 2014-74/CVE-2014-1574/CVE-2014-1575 |
|
404 Miscellaneous memory safety hazards |
|
405 * MFSA 2014-75/CVE-2014-1576 (bmo#1041512) |
|
406 Buffer overflow during CSS manipulation |
|
407 * MFSA 2014-76/CVE-2014-1577 (bmo#1012609) |
|
408 Web Audio memory corruption issues with custom waveforms |
|
409 * MFSA 2014-77/CVE-2014-1578 (bmo#1063327) |
|
410 Out-of-bounds write with WebM video |
|
411 * MFSA 2014-78/CVE-2014-1580 (bmo#1063733) |
|
412 Further uninitialized memory use during GIF rendering |
|
413 * MFSA 2014-79/CVE-2014-1581 (bmo#1068218) |
|
414 Use-after-free interacting with text directionality |
|
415 * MFSA 2014-80/CVE-2014-1582/CVE-2014-1584 (bmo#1049095, bmo#1066190) |
|
416 Key pinning bypasses |
|
417 * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981) |
|
418 Inconsistent video sharing within iframe |
|
419 * MFSA 2014-82/CVE-2014-1583 (bmo#1015540) |
|
420 Accessing cross-origin objects via the Alarms API |
|
421 (only relevant for installed web apps) |
|
422 - requires NSPR 4.10.7 |
|
423 - requires NSS 3.17.1 |
|
424 - removed obsolete patches: |
|
425 * mozilla-ppc.patch |
|
426 * mozilla-libproxy-compat.patch |
|
427 - added basic appdata information |
|
428 |
|
429 ------------------------------------------------------------------- |
|
430 Sat Sep 20 13:33:51 UTC 2014 - wr@rosenauer.org |
|
431 |
|
432 - update to Firefox 32.0.2 |
|
433 * just a version bump for our builds |
|
434 * fixed the in application update process for certain environments |
|
435 (in application update is not enabled in openSUSE and Linux |
|
436 is unaffected in any case) |
|
437 - build with --disable-optimize for 13.1 and above for i586 to |
|
438 workaround miscompilations (bnc#896624) |
|
439 - use some more build flags to align with upstream |
|
440 |
|
441 ------------------------------------------------------------------- |
|
442 Sat Sep 13 16:58:16 UTC 2014 - wr@rosenauer.org |
|
443 |
|
444 - update to Firefox 32.0.1 |
|
445 * fixed stability issues for computers with multiple graphics cards |
|
446 * mixed content icon may be incorrectly displayed instead of lock |
|
447 icon for SSL sites in 32.0 ( |
|
448 * WebRTC: setRemoteDescription() silently fails if no success |
|
449 callback is specified (bmo#1063971) |
|
450 |
|
451 ------------------------------------------------------------------- |
|
452 Sun Aug 31 07:44:54 UTC 2014 - wr@rosenauer.org |
|
453 |
|
454 - update to Firefox 32.0 (bnc#894370) |
|
455 * MFSA 2014-67/CVE-2014-1553/CVE-2014-1554/CVE-2014-1562 |
|
456 Miscellaneous memory safety hazards |
|
457 * MFSA 2014-68/CVE-2014-1563 (bmo#1018524) |
|
458 Use-after-free during DOM interactions with SVG |
|
459 * MFSA 2014-69/CVE-2014-1564 (bmo#1045977) |
|
460 Uninitialized memory use during GIF rendering |
|
461 * MFSA 2014-70/CVE-2014-1565 (bmo#1047831) |
|
462 Out-of-bounds read in Web Audio audio timeline |
|
463 * MFSA 2014-72/CVE-2014-1567 (bmo#1037641) |
|
464 Use-after-free setting text directionality |
|
465 - rebased patches |
|
466 - requires NSS 3.16.4 |
|
467 - removed upstreamed patch |
|
468 * mozilla-aarch64-bmo-810631.patch |
|
469 |
|
470 ------------------------------------------------------------------- |
|
471 Wed Aug 20 13:50:58 CEST 2014 - behlert@suse.de |
|
472 |
|
473 - adapted _constraints, used more than 3900MB on s390x during |
|
474 last build |
|
475 |
|
476 ------------------------------------------------------------------- |
|
477 Sun Jul 20 18:11:44 UTC 2014 - wr@rosenauer.org |
|
478 |
|
479 - update to Firefox 31.0 (bnc#887746) |
|
480 * MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 |
|
481 Miscellaneous memory safety hazards |
|
482 * MFSA 2014-57/CVE-2014-1549 (bmo#1020205) |
|
483 Buffer overflow during Web Audio buffering for playback |
|
484 * MFSA 2014-58/CVE-2014-1550 (bmo#1020411) |
|
485 Use-after-free in Web Audio due to incorrect control message ordering |
|
486 * MFSA 2014-60/CVE-2014-1561 (bmo#1000514, bmo#910375) |
|
487 Toolbar dialog customization event spoofing |
|
488 * MFSA 2014-61/CVE-2014-1555 (bmo#1023121) |
|
489 Use-after-free with FireOnStateChange event |
|
490 * MFSA 2014-62/CVE-2014-1556 (bmo#1028891) |
|
491 Exploitable WebGL crash with Cesium JavaScript library |
|
492 * MFSA 2014-63/CVE-2014-1544 (bmo#963150) |
|
493 Use-after-free while when manipulating certificates in the trusted cache |
|
494 (solved with NSS 3.16.2 requirement) |
|
495 * MFSA 2014-64/CVE-2014-1557 (bmo#913805) |
|
496 Crash in Skia library when scaling high quality images |
|
497 * MFSA 2014-65/CVE-2014-1558/CVE-2014-1559/CVE-2014-1560 |
|
498 (bmo#1015973, bmo#1026022, bmo#997795) |
|
499 Certificate parsing broken by non-standard character encoding |
|
500 * MFSA 2014-66/CVE-2014-1552 (bmo#985135) |
|
501 IFRAME sandbox same-origin access through redirect |
|
502 - use EGL on ARM |
|
503 - rebased patches |
|
504 - requires NSS 3.16.2 |
|
505 - requires python-devel (not only python) |
|
506 |
|
507 ------------------------------------------------------------------- |
|
508 Mon Jun 9 08:28:17 UTC 2014 - wr@rosenauer.org |
|
509 |
|
510 - update to Firefox 30.0 (bnc#881874) |
|
511 * MFSA 2014-48/CVE-2014-1533/CVE-2014-1534 |
|
512 (bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874, |
|
513 bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981, |
|
514 bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817, |
|
515 bmo#996536, bmo#996715, bmo#999651, bmo#1000598, |
|
516 bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223, |
|
517 bmo#1009952, bmo#1011007) |
|
518 Miscellaneous memory safety hazards (rv:30.0) |
|
519 * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538 |
|
520 (bmo#989994, bmo#999274, bmo#1005584) |
|
521 Use-after-free and out of bounds issues found using Address |
|
522 Sanitizer |
|
523 * MFSA 2014-50/CVE-2014-1539 (bmo#995603) |
|
524 Clickjacking through cursor invisability after Flash interaction |
|
525 * MFSA 2014-51/CVE-2014-1540 (bmo#978862) |
|
526 Use-after-free in Event Listener Manager |
|
527 * MFSA 2014-52/CVE-2014-1541 (bmo#1000185) |
|
528 Use-after-free with SMIL Animation Controller |
|
529 * MFSA 2014-53/CVE-2014-1542 (bmo#991533) |
|
530 Buffer overflow in Web Audio Speex resampler |
|
531 * MFSA 2014-54/CVE-2014-1543 (bmo#1011859) |
|
532 Buffer overflow in Gamepad API |
|
533 * MFSA 2014-55/CVE-2014-1545 (bmo#1018783) |
|
534 Out of bounds write in NSPR |
|
535 - rebased patches |
|
536 - removed obsolete patches |
|
537 * firefox-browser-css.patch |
|
538 * mozilla-aarch64-bmo-962488.patch |
|
539 * mozilla-aarch64-bmo-963023.patch |
|
540 * mozilla-aarch64-bmo-963024.patch |
|
541 * mozilla-aarch64-bmo-963027.patch |
|
542 * mozilla-ppc64-xpcom.patch |
|
543 * mozilla-ppc64le-javascript.patch |
|
544 * mozilla-ppc64le-libffi.patch |
|
545 * mozilla-ppc64le-mfbt.patch |
|
546 * mozilla-ppc64le-webrtc.patch |
|
547 * mozilla-ppc64le-xpcom.patch |
|
548 * mozilla-ppc64le-build.patch |
|
549 - requires NSPR 4.10.6 |
|
550 - enabled GStreamer 1.0 usage for 13.2 and above |
|
551 |
|
552 ------------------------------------------------------------------- |
|
553 Sat May 10 06:09:37 UTC 2014 - wr@rosenauer.org |
|
554 |
|
555 - update to Firefox 29.0.1 |
|
556 * Seer disabled by default (bmo#1005958) |
|
557 * Session Restore failed with a corrupted sessionstore.js file |
|
558 (bmo#1001167) |
|
559 * pdf.js printing white page (bmo#1003707, bnc#876833) |
|
560 - general.useragent.locale gets overwritten with en-US while it |
|
561 should be using the active langpack's setting |
|
562 |
|
563 ------------------------------------------------------------------- |
|
564 Sat Apr 26 12:18:07 UTC 2014 - wr@rosenauer.org |
|
565 |
|
566 - update to Firefox 29.0 (bnc#875378) |
|
567 * MFSA 2014-34/CVE-2014-1518/CVE-2014-1519 |
|
568 Miscellaneous memory safety hazards |
|
569 * MFSA 2014-36/CVE-2014-1522 (bmo#995289) |
|
570 Web Audio memory corruption issues |
|
571 * MFSA 2014-37/CVE-2014-1523 (bmo#969226) |
|
572 Out of bounds read while decoding JPG images |
|
573 * MFSA 2014-38/CVE-2014-1524 (bmo#989183) |
|
574 Buffer overflow when using non-XBL object as XBL |
|
575 * MFSA 2014-39/CVE-2014-1525 (bmo#989210) |
|
576 Use-after-free in the Text Track Manager for HTML video |
|
577 * MFSA 2014-41/CVE-2014-1528 (bmo#963962) |
|
578 Out-of-bounds write in Cairo |
|
579 * MFSA 2014-42/CVE-2014-1529 (bmo#987003) |
|
580 Privilege escalation through Web Notification API |
|
581 * MFSA 2014-43/CVE-2014-1530 (bmo#895557) |
|
582 Cross-site scripting (XSS) using history navigations |
|
583 * MFSA 2014-44/CVE-2014-1531 (bmo#987140) |
|
584 Use-after-free in imgLoader while resizing images |
|
585 * MFSA 2014-45/CVE-2014-1492 (bmo#903885) |
|
586 Incorrect IDNA domain name matching for wildcard certificates |
|
587 (fixed by NSS 3.16) |
|
588 * MFSA 2014-46/CVE-2014-1532 (bmo#966006) |
|
589 Use-after-free in nsHostResolver |
|
590 * MFSA 2014-47/CVE-2014-1526 (bmo#988106) |
|
591 Debugger can bypass XrayWrappers with JavaScript |
|
592 - rebased patches |
|
593 - removed obsolete patches |
|
594 * firefox-browser-css.patch |
|
595 * mozilla-aarch64-599882cfb998.diff |
|
596 * mozilla-aarch64-bmo-963028.patch |
|
597 * mozilla-aarch64-bmo-963029.patch |
|
598 * mozilla-aarch64-bmo-963030.patch |
|
599 * mozilla-aarch64-bmo-963031.patch |
|
600 - requires NSS 3.16 |
|
601 - added mozilla-icu-strncat.patch to fix post build checks |
|
602 |
|
603 ------------------------------------------------------------------- |
|
604 Mon Apr 7 15:34:31 UTC 2014 - dmueller@suse.com |
|
605 |
|
606 - add mozilla-aarch64-599882cfb998.patch, |
|
607 mozilla-aarch64-bmo-810631.patch, |
|
608 mozilla-aarch64-bmo-962488.patch, |
|
609 mozilla-aarch64-bmo-963030.patch, |
|
610 mozilla-aarch64-bmo-963027.patch, |
|
611 mozilla-aarch64-bmo-963028.patch, |
|
612 mozilla-aarch64-bmo-963029.patch, |
|
613 mozilla-aarch64-bmo-963023.patch, |
|
614 mozilla-aarch64-bmo-963024.patch, |
|
615 mozilla-aarch64-bmo-963031.patch: AArch64 porting |
|
616 |
|
617 ------------------------------------------------------------------- |
|
618 Mon Mar 24 16:18:44 UTC 2014 - dvaleev@suse.com |
|
619 |
|
620 - Add patch for bmo#973977 |
|
621 * mozilla-ppc64-xpcom.patch |
|
622 |
|
623 ------------------------------------------------------------------- |
|
624 Mon Mar 24 14:29:12 UTC 2014 - dvaleev@suse.com |
|
625 |
|
626 - Refresh mozilla-ppc64le-xpcom.patch patch |
|
627 |
|
628 ------------------------------------------------------------------- |
|
629 Fri Mar 21 19:01:42 UTC 2014 - dvaleev@suse.com |
|
630 |
|
631 - Adapt mozilla-ppc64le-xpcom.patch to Mozilla > 24.0 build system |
|
632 |
|
633 ------------------------------------------------------------------- |
|
634 Sun Mar 16 13:39:15 UTC 2014 - wr@rosenauer.org |
|
635 |
|
636 - update to Firefox 28.0 (bnc#868603) |
|
637 * MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 |
|
638 Miscellaneous memory safety hazards |
|
639 * MFSA 2014-17/CVE-2014-1497 (bmo#966311) |
|
640 Out of bounds read during WAV file decoding |
|
641 * MFSA 2014-18/CVE-2014-1498 (bmo#935618) |
|
642 crypto.generateCRMFRequest does not validate type of key |
|
643 * MFSA 2014-19/CVE-2014-1499 (bmo#961512) |
|
644 Spoofing attack on WebRTC permission prompt |
|
645 * MFSA 2014-20/CVE-2014-1500 (bmo#956524) |
|
646 onbeforeunload and Javascript navigation DOS |
|
647 * MFSA 2014-22/CVE-2014-1502 (bmo#972622) |
|
648 WebGL content injection from one domain to rendering in another |
|
649 * MFSA 2014-23/CVE-2014-1504 (bmo#911547) |
|
650 Content Security Policy for data: documents not preserved by |
|
651 session restore |
|
652 * MFSA 2014-26/CVE-2014-1508 (bmo#963198) |
|
653 Information disclosure through polygon rendering in MathML |
|
654 * MFSA 2014-27/CVE-2014-1509 (bmo#966021) |
|
655 Memory corruption in Cairo during PDF font rendering |
|
656 * MFSA 2014-28/CVE-2014-1505 (bmo#941887) |
|
657 SVG filters information disclosure through feDisplacementMap |
|
658 * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909) |
|
659 Privilege escalation using WebIDL-implemented APIs |
|
660 * MFSA 2014-30/CVE-2014-1512 (bmo#982957) |
|
661 Use-after-free in TypeObject |
|
662 * MFSA 2014-31/CVE-2014-1513 (bmo#982974) |
|
663 Out-of-bounds read/write through neutering ArrayBuffer objects |
|
664 * MFSA 2014-32/CVE-2014-1514 (bmo#983344) |
|
665 Out-of-bounds write through TypedArrayObject after neutering |
|
666 - requires NSPR 4.10.3 and NSS 3.15.5 |
|
667 - new build dependency (and recommends): |
|
668 * libpulse |
|
669 - update of PowerPC 64 patches (bmo#976648) (pcerny@suse.com) |
|
670 - rebased patches |
|
671 |
|
672 ------------------------------------------------------------------- |
|
673 Mon Feb 17 11:59:28 UTC 2014 - wr@rosenauer.org |
|
674 |
|
675 - update to Firefox 27.0.1 |
|
676 * Fixed stability issues with Greasemonkey and other JS that used |
|
677 ClearTimeoutOrInterval |
|
678 * JS math correctness issue (bmo#941381) |
|
679 - incorporate Google API key for geolocation (bnc#864170) |
|
680 - updated list of "other" locales in RPM requirements |
|
681 |
|
682 ------------------------------------------------------------------- |
|
683 Tue Jan 28 15:45:41 UTC 2014 - wr@rosenauer.org |
|
684 |
|
685 - update to Firefox 27.0 (bnc#861847) |
|
686 * MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 |
|
687 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) |
|
688 * MFSA 2014-02/CVE-2014-1479 (bmo#911864) |
|
689 Clone protected content with XBL scopes |
|
690 * MFSA 2014-03/CVE-2014-1480 (bmo#916726) |
|
691 UI selection timeout missing on download prompts |
|
692 * MFSA 2014-04/CVE-2014-1482 (bmo#943803) |
|
693 Incorrect use of discarded images by RasterImage |
|
694 * MFSA 2014-05/CVE-2014-1483 (bmo#950427) |
|
695 Information disclosure with *FromPoint on iframes |
|
696 * MFSA 2014-06/CVE-2014-1484 (bmo#953993) |
|
697 Profile path leaks to Android system log |
|
698 * MFSA 2014-07/CVE-2014-1485 (bmo#910139) |
|
699 XSLT stylesheets treated as styles in Content Security Policy |
|
700 * MFSA 2014-08/CVE-2014-1486 (bmo#942164) |
|
701 Use-after-free with imgRequestProxy and image proccessing |
|
702 * MFSA 2014-09/CVE-2014-1487 (bmo#947592) |
|
703 Cross-origin information leak through web workers |
|
704 * MFSA 2014-10/CVE-2014-1489 (bmo#959531) |
|
705 Firefox default start page UI content invokable by script |
|
706 * MFSA 2014-11/CVE-2014-1488 (bmo#950604) |
|
707 Crash when using web workers with asm.js |
|
708 * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491 |
|
709 (bmo#934545, bmo#930874, bmo#930857) |
|
710 NSS ticket handling issues |
|
711 * MFSA 2014-13/CVE-2014-1481(bmo#936056) |
|
712 Inconsistent JavaScript handling of access to Window objects |
|
713 - requires NSS 3.15.4 or higher |
|
714 - rebased/reworked patches |
|
715 - removed obsolete mozilla-bug929439.patch |
|
716 |
|
717 ------------------------------------------------------------------- |
|
718 Thu Dec 12 21:19:54 UTC 2013 - uweigand@de.ibm.com |
|
719 |
|
720 - Add support for powerpc64le-linux. |
|
721 * mozilla-ppc64le.patch: general support |
|
722 * mozilla-libffi-ppc64le.patch: libffi backport |
|
723 * mozilla-xpcom-ppc64le.patch: port xpcom |
|
724 - Add build fix from mainline. |
|
725 * mozilla-bug929439.patch |
|
726 |
|
727 ------------------------------------------------------------------- |
|
728 Sun Dec 8 20:26:23 UTC 2013 - wr@rosenauer.org |
|
729 |
|
730 - update to Firefox 26.0 (bnc#854367, bnc#854370) |
|
731 * rebased patches |
|
732 * requires NSPR 4.10.2 and NSS 3.15.3.1 |
|
733 * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 |
|
734 Miscellaneous memory safety hazards |
|
735 * MFSA 2013-105/CVE-2013-5611 (bmo#771294) |
|
736 Application Installation doorhanger persists on navigation |
|
737 * MFSA 2013-106/CVE-2013-5612 (bmo#871161) |
|
738 Character encoding cross-origin XSS attack |
|
739 * MFSA 2013-107/CVE-2013-5614 (bmo#886262) |
|
740 Sandbox restrictions not applied to nested object elements |
|
741 * MFSA 2013-108/CVE-2013-5616 (bmo#938341) |
|
742 Use-after-free in event listeners |
|
743 * MFSA 2013-109/CVE-2013-5618 (bmo#926361) |
|
744 Use-after-free during Table Editing |
|
745 * MFSA 2013-110/CVE-2013-5619 (bmo#917841) |
|
746 Potential overflow in JavaScript binary search algorithms |
|
747 * MFSA 2013-111/CVE-2013-6671 (bmo#930281) |
|
748 Segmentation violation when replacing ordered list elements |
|
749 * MFSA 2013-112/CVE-2013-6672 (bmo#894736) |
|
750 Linux clipboard information disclosure though selection paste |
|
751 * MFSA 2013-113/CVE-2013-6673 (bmo#970380) |
|
752 Trust settings for built-in roots ignored during EV certificate |
|
753 validation |
|
754 * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) |
|
755 Use-after-free in synthetic mouse movement |
|
756 * MFSA 2013-115/CVE-2013-5615 (bmo#929261) |
|
757 GetElementIC typed array stubs can be generated outside observed |
|
758 typesets |
|
759 * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) |
|
760 JPEG information leak |
|
761 * MFSA 2013-117 (bmo#946351) |
|
762 Mis-issued ANSSI/DCSSI certificate |
|
763 (fixed via NSS 3.15.3.1) |
|
764 - removed gecko.js preference file as GStreamer is enabled by |
|
765 default now |
|
766 |
|
767 ------------------------------------------------------------------- |
|
768 Thu Oct 24 18:16:19 UTC 2013 - wr@rosenauer.org |
|
769 |
|
770 - update to Firefox 25.0 (bnc#847708) |
|
771 * rebased patches |
|
772 * requires NSS 3.15.2 or above |
|
773 * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 |
|
774 Miscellaneous memory safety hazards |
|
775 * MFSA 2013-94/CVE-2013-5593 (bmo#868327) |
|
776 Spoofing addressbar through SELECT element |
|
777 * MFSA 2013-95/CVE-2013-5604 (bmo#914017) |
|
778 Access violation with XSLT and uninitialized data |
|
779 * MFSA 2013-96/CVE-2013-5595 (bmo#916580) |
|
780 Improperly initialized memory and overflows in some JavaScript |
|
781 functions |
|
782 * MFSA 2013-97/CVE-2013-5596 (bmo#910881) |
|
783 Writing to cycle collected object during image decoding |
|
784 * MFSA 2013-98/CVE-2013-5597 (bmo#918864) |
|
785 Use-after-free when updating offline cache |
|
786 * MFSA 2013-99/CVE-2013-5598 (bmo#920515) |
|
787 Security bypass of PDF.js checks using iframes |
|
788 * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601 |
|
789 (bmo#915210, bmo#915576, bmo#916685) |
|
790 Miscellaneous use-after-free issues found through ASAN fuzzing |
|
791 * MFSA 2013-101/CVE-2013-5602 (bmo#897678) |
|
792 Memory corruption in workers |
|
793 * MFSA 2013-102/CVE-2013-5603 (bmo#916404) |
|
794 Use-after-free in HTML document templates |
|
795 |
|
796 ------------------------------------------------------------------- |
|
797 Tue Sep 24 07:31:30 UTC 2013 - wr@rosenauer.org |
|
798 |
|
799 - as GStreamer is not automatically required anymore but loaded |
|
800 dynamically if available, require it explicitely |
|
801 - recommend optional GStreamer plugins for comprehensive media |
|
802 support |
|
803 |
|
804 ------------------------------------------------------------------- |
|
805 Mon Sep 16 11:59:18 UTC 2013 - lnussel@suse.de |
|
806 |
|
807 - move greek to the translations-common package (bnc#840551) |
|
808 |
|
809 ------------------------------------------------------------------- |
|
810 Sat Sep 14 14:39:58 UTC 2013 - wr@rosenauer.org |
|
811 |
|
812 - update to Firefox 24.0 (bnc#840485) |
|
813 * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719 |
|
814 Miscellaneous memory safety hazards |
|
815 * MFSA 2013-77/CVE-2013-1720 (bmo#888820) |
|
816 Improper state in HTML5 Tree Builder with templates |
|
817 * MFSA 2013-78/CVE-2013-1721 (bmo#890277) |
|
818 Integer overflow in ANGLE library |
|
819 * MFSA 2013-79/CVE-2013-1722 (bmo#893308) |
|
820 Use-after-free in Animation Manager during stylesheet cloning |
|
821 * MFSA 2013-80/CVE-2013-1723 (bmo#891292) |
|
822 NativeKey continues handling key messages after widget is destroyed |
|
823 * MFSA 2013-81/CVE-2013-1724 (bmo#894137) |
|
824 Use-after-free with select element |
|
825 * MFSA 2013-82/CVE-2013-1725 (bmo#876762) |
|
826 Calling scope for new Javascript objects can lead to memory corruption |
|
827 * MFSA 2013-85/CVE-2013-1728 (bmo#883686) |
|
828 Uninitialized data in IonMonkey |
|
829 * MFSA 2013-88/CVE-2013-1730 (bmo#851353) |
|
830 Compartment mismatch re-attaching XBL-backed nodes |
|
831 * MFSA 2013-89/CVE-2013-1732 (bmo#883514) |
|
832 Buffer overflow with multi-column, lists, and floats |
|
833 * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301) |
|
834 Memory corruption involving scrolling |
|
835 * MFSA 2013-91/CVE-2013-1737 (bmo#907727) |
|
836 User-defined properties on DOM proxies get the wrong "this" object |
|
837 * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897) |
|
838 GC hazard with default compartments and frame chain restoration |
|
839 - enable gstreamer explicitely via pref (gecko.js) |
|
840 - require NSS 3.15.1 |
|
841 |
|
842 ------------------------------------------------------------------- |
|
843 Mon Aug 26 07:35:36 UTC 2013 - wr@rosenauer.org |
|
844 |
|
845 - update to Firefox 23.0.1 |
|
846 * Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls |
|
847 (bmo#901527) |
|
848 |
|
849 ------------------------------------------------------------------- |
|
850 Sun Aug 4 18:30:11 UTC 2013 - wr@rosenauer.org |
|
851 |
|
852 - update to Firefox 23.0 (bnc#833389) |
|
853 * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 |
|
854 Miscellaneous memory safety hazards |
|
855 * MFSA 2013-64/CVE-2013-1704 (bmo#883313) |
|
856 Use after free mutating DOM during SetBody |
|
857 * MFSA 2013-65/CVE-2013-1705 (bmo#882865) |
|
858 Buffer underflow when generating CRMF requests |
|
859 * MFSA 2013-67/CVE-2013-1708 (bmo#879924) |
|
860 Crash during WAV audio file decoding |
|
861 * MFSA 2013-68/CVE-2013-1709 (bmo#838253) |
|
862 Document URI misrepresentation and masquerading |
|
863 * MFSA 2013-69/CVE-2013-1710 (bmo#871368) |
|
864 CRMF requests allow for code execution and XSS attacks |
|
865 * MFSA 2013-70/CVE-2013-1711 (bmo#843829) |
|
866 Bypass of XrayWrappers using XBL Scopes |
|
867 * MFSA 2013-72/CVE-2013-1713 (bmo#887098) |
|
868 Wrong principal used for validating URI for some Javascript |
|
869 components |
|
870 * MFSA 2013-73/CVE-2013-1714 (bmo#879787) |
|
871 Same-origin bypass with web workers and XMLHttpRequest |
|
872 * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) |
|
873 Local Java applets may read contents of local file system |
|
874 - requires NSPR 4.10 and NSS 3.15 |
|
875 |
|
876 ------------------------------------------------------------------- |
|
877 Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com |
|
878 |
|
879 - fix build on ARM (/-g/ matches /-grecord-switches/) |
|
880 |
|
881 ------------------------------------------------------------------- |
|
882 Sat Jun 22 17:48:06 UTC 2013 - wr@rosenauer.org |
|
883 |
|
884 - update to Firefox 22.0 (bnc#825935) |
|
885 * removed obsolete patches |
|
886 + mozilla-qcms-ppc.patch |
|
887 + mozilla-gstreamer-760140.patch |
|
888 * GStreamer support does not build on 12.1 anymore (build only |
|
889 on 12.2 and later) |
|
890 * MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 |
|
891 Miscellaneous memory safety hazards |
|
892 * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 |
|
893 Memory corruption found using Address Sanitizer |
|
894 * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) |
|
895 Privileged content access and execution via XBL |
|
896 * MFSA 2013-52/CVE-2013-1688 (bmo#873966) |
|
897 Arbitrary code execution within Profiler |
|
898 * MFSA 2013-53/CVE-2013-1690 (bmo#857883) |
|
899 Execution of unmapped memory through onreadystatechange event |
|
900 * MFSA 2013-54/CVE-2013-1692 (bmo#866915) |
|
901 Data in the body of XHR HEAD requests leads to CSRF attacks |
|
902 * MFSA 2013-55/CVE-2013-1693 (bmo#711043) |
|
903 SVG filters can lead to information disclosure |
|
904 * MFSA 2013-56/CVE-2013-1694 (bmo#848535) |
|
905 PreserveWrapper has inconsistent behavior |
|
906 * MFSA 2013-57/CVE-2013-1695 (bmo#849791) |
|
907 Sandbox restrictions not applied to nested frame elements |
|
908 * MFSA 2013-58/CVE-2013-1696 (bmo#761667) |
|
909 X-Frame-Options ignored when using server push with multi-part |
|
910 responses |
|
911 * MFSA 2013-59/CVE-2013-1697 (bmo#858101) |
|
912 XrayWrappers can be bypassed to run user defined methods in a |
|
913 privileged context |
|
914 * MFSA 2013-60/CVE-2013-1698 (bmo#876044) |
|
915 getUserMedia permission dialog incorrectly displays location |
|
916 * MFSA 2013-61/CVE-2013-1699 (bmo#840882) |
|
917 Homograph domain spoofing in .com, .net and .name |
|
918 |
|
919 ------------------------------------------------------------------- |
|
920 Tue Jun 11 21:06:58 UTC 2013 - dvaleev@suse.com |
|
921 |
|
922 - Fix qcms altivec include (mozilla-qcms-ppc.patch) |
|
923 |
|
924 ------------------------------------------------------------------- |
|
925 Fri May 10 05:25:39 UTC 2013 - wr@rosenauer.org |
|
926 |
|
927 - update to Firefox 21.0 (bnc#819204) |
|
928 * removed upstreamed patch firefox-712763.patch |
|
929 * removed disabled mozilla-disable-neon-option.patch |
|
930 * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 |
|
931 Miscellaneous memory safety hazards |
|
932 * MFSA 2013-42/CVE-2013-1670 (bmo#853709) |
|
933 Privileged access for content level constructor |
|
934 * MFSA 2013-43/CVE-2013-1671 (bmo#842255) |
|
935 File input control has access to full path |
|
936 * MFSA 2013-46/CVE-2013-1674 (bmo#860971) |
|
937 Use-after-free with video and onresize event |
|
938 * MFSA 2013-47/CVE-2013-1675 (bmo#866825) |
|
939 Uninitialized functions in DOMSVGZoomEvent |
|
940 * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/ |
|
941 CVE-2013-1679/CVE-2013-1680/CVE-2013-1681 |
|
942 Memory corruption found using Address Sanitizer |
|
943 |
|
944 ------------------------------------------------------------------- |
|
945 Tue Apr 9 06:41:31 UTC 2013 - wr@rosenauer.org |
|
946 |
|
947 - revert to use GStreamer 0.10 on 12.3 (bnc#814101) |
|
948 (remove mozilla-gstreamer-1.patch) |
|
949 |
|
950 ------------------------------------------------------------------- |
|
951 Fri Apr 5 17:04:11 UTC 2013 - schwab@linux-m68k.org |
|
952 |
|
953 - Explicitly disable WebRTC support on non-x86, the configure script |
|
954 disables it only half-heartedly |
|
955 |
|
956 ------------------------------------------------------------------- |
|
957 Fri Mar 29 22:15:21 UTC 2013 - wr@rosenauer.org |
|
958 |
|
959 - update to Firefox 20.0 (bnc#813026) |
|
960 * requires NSPR 4.9.5 and NSS 3.14.3 |
|
961 * mozilla-webrtc-ppc.patch included upstream |
|
962 * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 |
|
963 Miscellaneous memory safety hazards |
|
964 * MFSA 2013-31/CVE-2013-0800 (bmo#825721) |
|
965 Out-of-bounds write in Cairo library |
|
966 * MFSA 2013-35/CVE-2013-0796 (bmo#827106) |
|
967 WebGL crash with Mesa graphics driver on Linux |
|
968 * MFSA 2013-36/CVE-2013-0795 (bmo#825697) |
|
969 Bypass of SOW protections allows cloning of protected nodes |
|
970 * MFSA 2013-37/CVE-2013-0794 (bmo#626775) |
|
971 Bypass of tab-modal dialog origin disclosure |
|
972 * MFSA 2013-38/CVE-2013-0793 (bmo#803870) |
|
973 Cross-site scripting (XSS) using timed history navigations |
|
974 * MFSA 2013-39/CVE-2013-0792 (bmo#722831) |
|
975 Memory corruption while rendering grayscale PNG images |
|
976 - use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch) |
|
977 |
|
978 ------------------------------------------------------------------- |
|
979 Tue Mar 12 23:08:15 UTC 2013 - dmueller@suse.com |
|
980 |
|
981 - build fixes for armv7hl: |
|
982 * disable debug build as armv7hl does not have enough memory |
|
983 * disable webrtc on armv7hl as it is non-compiling |
|
984 |
|
985 ------------------------------------------------------------------- |
|
986 Thu Mar 7 19:03:32 UTC 2013 - wr@rosenauer.org |
|
987 |
|
988 - update to Firefox 19.0.2 (bnc#808243) |
|
989 * MFSA 2013-29/CVE-2013-0787 (bmo#848644) |
|
990 Use-after-free in HTML Editor |
|
991 |
|
992 ------------------------------------------------------------------- |
|
993 Thu Feb 28 22:06:36 UTC 2013 - wr@rosenauer.org |
|
994 |
|
995 - update to Firefox 19.0.1 |
|
996 * blocklist updates |
|
997 |
|
998 ------------------------------------------------------------------- |
|
999 Sat Feb 16 07:08:55 UTC 2013 - wr@rosenauer.org |
|
1000 |
|
1001 - update to Firefox 19.0 (bnc#804248) |
|
1002 * MFSA 2013-21/CVE-2013-0783/2013-0784 |
|
1003 Miscellaneous memory safety hazards |
|
1004 * MFSA 2013-22/CVE-2013-0772 (bmo#801366) |
|
1005 Out-of-bounds read in image rendering |
|
1006 * MFSA 2013-23/CVE-2013-0765 (bmo#830614) |
|
1007 Wrapped WebIDL objects can be wrapped again |
|
1008 * MFSA 2013-24/CVE-2013-0773 (bmo#809652) |
|
1009 Web content bypass of COW and SOW security wrappers |
|
1010 * MFSA 2013-25/CVE-2013-0774 (bmo#827193) |
|
1011 Privacy leak in JavaScript Workers |
|
1012 * MFSA 2013-26/CVE-2013-0775 (bmo#831095) |
|
1013 Use-after-free in nsImageLoadingContent |
|
1014 * MFSA 2013-27/CVE-2013-0776 (bmo#796475) |
|
1015 Phishing on HTTPS connection through malicious proxy |
|
1016 * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/ |
|
1017 CVE-2013-0778/CVE-2013-0779/CVE-2013-0781 |
|
1018 Use-after-free, out of bounds read, and buffer overflow issues |
|
1019 found using Address Sanitizer |
|
1020 - removed obsolete patches |
|
1021 * mozilla-webrtc.patch |
|
1022 * mozilla-gstreamer-803287.patch |
|
1023 - added patch to fix session restore window order (bmo#712763) |
|
1024 |
|
1025 ------------------------------------------------------------------- |
|
1026 Sat Feb 2 08:40:52 UTC 2013 - wr@rosenauer.org |
|
1027 |
|
1028 - update to Firefox 18.0.2 |
|
1029 * blocklist and CTP updates |
|
1030 * fixes in JS engine |
|
1031 |
|
1032 ------------------------------------------------------------------- |
|
1033 Wed Jan 16 20:51:55 UTC 2013 - wr@rosenauer.org |
|
1034 |
|
1035 - update to Firefox 18.0.1 |
|
1036 * blocklist updates |
|
1037 * backed out bmo#677092 (removed patch) |
|
1038 * fixed problems involving HTTP proxy transactions |
|
1039 |
|
1040 ------------------------------------------------------------------- |
|
1041 Sat Jan 12 17:25:11 UTC 2013 - schwab@linux-m68k.org |
|
1042 |
|
1043 - Fix WebRTC to build on powerpc |
|
1044 |
|
1045 ------------------------------------------------------------------- |
|
1046 Sun Jan 6 21:54:18 UTC 2013 - wr@rosenauer.org |
|
1047 |
|
1048 - update to Firefox 18.0 (bnc#796895) |
|
1049 * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 |
|
1050 Miscellaneous memory safety hazards |
|
1051 * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 |
|
1052 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 |
|
1053 Use-after-free and buffer overflow issues found using Address Sanitizer |
|
1054 * MFSA 2013-03/CVE-2013-0768 (bmo#815795) |
|
1055 Buffer Overflow in Canvas |
|
1056 * MFSA 2013-04/CVE-2012-0759 (bmo#802026) |
|
1057 URL spoofing in addressbar during page loads |
|
1058 * MFSA 2013-05/CVE-2013-0744 (bmo#814713) |
|
1059 Use-after-free when displaying table with many columns and column groups |
|
1060 * MFSA 2013-06/CVE-2013-0751 (bmo#790454) |
|
1061 Touch events are shared across iframes |
|
1062 * MFSA 2013-07/CVE-2013-0764 (bmo#804237) |
|
1063 Crash due to handling of SSL on threads |
|
1064 * MFSA 2013-08/CVE-2013-0745 (bmo#794158) |
|
1065 AutoWrapperChanger fails to keep objects alive during garbage collection |
|
1066 * MFSA 2013-09/CVE-2013-0746 (bmo#816842) |
|
1067 Compartment mismatch with quickstubs returned values |
|
1068 * MFSA 2013-10/CVE-2013-0747 (bmo#733305) |
|
1069 Event manipulation in plugin handler to bypass same-origin policy |
|
1070 * MFSA 2013-11/CVE-2013-0748 (bmo#806031) |
|
1071 Address space layout leaked in XBL objects |
|
1072 * MFSA 2013-12/CVE-2013-0750 (bmo#805121) |
|
1073 Buffer overflow in Javascript string concatenation |
|
1074 * MFSA 2013-13/CVE-2013-0752 (bmo#805024) |
|
1075 Memory corruption in XBL with XML bindings containing SVG |
|
1076 * MFSA 2013-14/CVE-2013-0757 (bmo#813901) |
|
1077 Chrome Object Wrapper (COW) bypass through changing prototype |
|
1078 * MFSA 2013-15/CVE-2013-0758 (bmo#813906) |
|
1079 Privilege escalation through plugin objects |
|
1080 * MFSA 2013-16/CVE-2013-0753 (bmo#814001) |
|
1081 Use-after-free in serializeToStream |
|
1082 * MFSA 2013-17/CVE-2013-0754 (bmo#814026) |
|
1083 Use-after-free in ListenerManager |
|
1084 * MFSA 2013-18/CVE-2013-0755 (bmo#814027) |
|
1085 Use-after-free in Vibrate |
|
1086 * MFSA 2013-19/CVE-2013-0756 (bmo#814029) |
|
1087 Use-after-free in Javascript Proxy objects |
|
1088 - requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743) |
|
1089 - removed obsolete SLE11 patches (mozilla-gcc43*) |
|
1090 - reenable WebRTC |
|
1091 - added mozilla-libproxy-compat.patch for libproxy API compat |
|
1092 on openSUSE 11.2 and earlier |
|
1093 - backed out restartless language packs as it broke multi-locale |
|
1094 setup (bmo#677092, bmo#818468) |
|
1095 |
|
1096 ------------------------------------------------------------------- |
|
1097 Thu Nov 29 19:56:51 UTC 2012 - wr@rosenauer.org |
|
1098 |
|
1099 - update to Firefox 17.0.1 |
|
1100 * revert some useragent changes introduced in 17.0 |
|
1101 * leaving private browsing with social enabled doesn't reset all |
|
1102 social components (bmo#815042) |
|
1103 - fix KDE integration for file dialogs |
|
1104 |
|
1105 ------------------------------------------------------------------- |
|
1106 Tue Nov 20 19:52:02 UTC 2012 - wr@rosenauer.org |
|
1107 |
|
1108 - update to Firefox 17.0 (bnc#790140) |
|
1109 * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 |
|
1110 Miscellaneous memory safety hazards |
|
1111 * MFSA 2012-92/CVE-2012-4202 (bmo#758200) |
|
1112 Buffer overflow while rendering GIF images |
|
1113 * MFSA 2012-93/CVE-2012-4201 (bmo#747607) |
|
1114 evalInSanbox location context incorrectly applied |
|
1115 * MFSA 2012-94/CVE-2012-5836 (bmo#792857) |
|
1116 Crash when combining SVG text on path with CSS |
|
1117 * MFSA 2012-95/CVE-2012-4203 (bmo#765628) |
|
1118 Javascript: URLs run in privileged context on New Tab page |
|
1119 * MFSA 2012-96/CVE-2012-4204 (bmo#778603) |
|
1120 Memory corruption in str_unescape |
|
1121 * MFSA 2012-97/CVE-2012-4205 (bmo#779821) |
|
1122 XMLHttpRequest inherits incorrect principal within sandbox |
|
1123 * MFSA 2012-99/CVE-2012-4208 (bmo#798264) |
|
1124 XrayWrappers exposes chrome-only properties when not in chrome |
|
1125 compartment |
|
1126 * MFSA 2012-100/CVE-2012-5841 (bmo#805807) |
|
1127 Improper security filtering for cross-origin wrappers |
|
1128 * MFSA 2012-101/CVE-2012-4207 (bmo#801681) |
|
1129 Improper character decoding in HZ-GB-2312 charset |
|
1130 * MFSA 2012-102/CVE-2012-5837 (bmo#800363) |
|
1131 Script entered into Developer Toolbar runs with chrome privileges |
|
1132 * MFSA 2012-103/CVE-2012-4209 (bmo#792405) |
|
1133 Frames can shadow top.location |
|
1134 * MFSA 2012-104/CVE-2012-4210 (bmo#796866) |
|
1135 CSS and HTML injection through Style Inspector |
|
1136 * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ |
|
1137 CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ |
|
1138 CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 |
|
1139 Use-after-free and buffer overflow issues found using Address |
|
1140 Sanitizer |
|
1141 * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 |
|
1142 Use-after-free, buffer overflow, and memory corruption issues |
|
1143 found using Address Sanitizer |
|
1144 - rebased patches |
|
1145 - disabled WebRTC since build is broken (bmo#776877) |
|
1146 |
|
1147 ------------------------------------------------------------------- |
|
1148 Tue Nov 20 15:42:55 UTC 2012 - pcerny@suse.com |
|
1149 |
|
1150 - build on SLE11 |
|
1151 * mozilla-gcc43-enums.patch |
|
1152 * mozilla-gcc43-template_hacks.patch |
|
1153 * mozilla-gcc43-templates_instantiation.patch |
|
1154 |
|
1155 ------------------------------------------------------------------- |
|
1156 Wed Oct 24 08:27:29 UTC 2012 - wr@rosenauer.org |
|
1157 |
|
1158 - update to Firefox 16.0.2 (bnc#786522) |
|
1159 * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196 |
|
1160 (bmo#800666, bmo#793121, bmo#802557) |
|
1161 Fixes for Location object issues |
|
1162 - bring back Obsoletes for libproxy's mozjs plugin for distributions |
|
1163 before 12.2 to avoid crashes |
|
1164 |
|
1165 ------------------------------------------------------------------- |
|
1166 Thu Oct 11 01:51:16 UTC 2012 - wr@rosenauer.org |
|
1167 |
|
1168 - update to Firefox 16.0.1 (bnc#783533) |
|
1169 * MFSA 2012-88/CVE-2012-4191 (bmo#798045) |
|
1170 Miscellaneous memory safety hazards |
|
1171 * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619) |
|
1172 defaultValue security checks not applied |
|
1173 |
|
1174 ------------------------------------------------------------------- |
|
1175 Sun Oct 7 21:40:14 UTC 2012 - wr@rosenauer.org |
|
1176 |
|
1177 - update to Firefox 16.0 (bnc#783533) |
|
1178 * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983 |
|
1179 Miscellaneous memory safety hazards |
|
1180 * MFSA 2012-75/CVE-2012-3984 (bmo#575294) |
|
1181 select element persistance allows for attacks |
|
1182 * MFSA 2012-76/CVE-2012-3985 (bmo#655649) |
|
1183 Continued access to initial origin after setting document.domain |
|
1184 * MFSA 2012-77/CVE-2012-3986 (bmo#775868) |
|
1185 Some DOMWindowUtils methods bypass security checks |
|
1186 * MFSA 2012-79/CVE-2012-3988 (bmo#725770) |
|
1187 DOS and crash with full screen and history navigation |
|
1188 * MFSA 2012-80/CVE-2012-3989 (bmo#783867) |
|
1189 Crash with invalid cast when using instanceof operator |
|
1190 * MFSA 2012-81/CVE-2012-3991 (bmo#783260) |
|
1191 GetProperty function can bypass security checks |
|
1192 * MFSA 2012-82/CVE-2012-3994 (bmo#765527) |
|
1193 top object and location property accessible by plugins |
|
1194 * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370) |
|
1195 Chrome Object Wrapper (COW) does not disallow acces to privileged |
|
1196 functions or properties |
|
1197 * MFSA 2012-84/CVE-2012-3992 (bmo#775009) |
|
1198 Spoofing and script injection through location.hash |
|
1199 * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/ |
|
1200 CVE-2012-4181/CVE-2012-4182/CVE-2012-4183 |
|
1201 Use-after-free, buffer overflow, and out of bounds read issues |
|
1202 found using Address Sanitizer |
|
1203 * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/ |
|
1204 CVE-2012-4188 |
|
1205 Heap memory corruption issues found using Address Sanitizer |
|
1206 * MFSA 2012-87/CVE-2012-3990 (bmo#787704) |
|
1207 Use-after-free in the IME State Manager |
|
1208 - requires NSPR 4.9.2 |
|
1209 - improve GStreamer integration (bmo#760140) |
|
1210 - removed upstreamed mozilla-crashreporter-restart-args.patch |
|
1211 - webapprt now included |
|
1212 - use kmozillahelper's new REVEAL command (bnc#777415) |
|
1213 (requires mozilla-kde4-integration >= 0.6.4) |
|
1214 - updated translations-other with new languages |
|
1215 |
|
1216 ------------------------------------------------------------------- |
|
1217 Mon Sep 10 19:37:56 UTC 2012 - wr@rosenauer.org |
|
1218 |
|
1219 - update to Firefox 15.0.1 (bnc#779936) |
|
1220 * Sites visited while in Private Browsing mode could be found |
|
1221 through manual browser cache inspection (bmo#787743) |
|
1222 |
|
1223 ------------------------------------------------------------------- |
|
1224 Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org |
|
1225 |
|
1226 - update to Firefox 15.0 (bnc#777588) |
|
1227 * MFSA 2012-57/CVE-2012-1970 |
|
1228 Miscellaneous memory safety hazards |
|
1229 * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 |
|
1230 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 |
|
1231 CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 |
|
1232 Use-after-free issues found using Address Sanitizer |
|
1233 * MFSA 2012-59/CVE-2012-1956 (bmo#756719) |
|
1234 Location object can be shadowed using Object.defineProperty |
|
1235 * MFSA 2012-60/CVE-2012-3965 (bmo#769108) |
|
1236 Escalation of privilege through about:newtab |
|
1237 * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) |
|
1238 Memory corruption with bitmap format images with negative height |
|
1239 * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 |
|
1240 WebGL use-after-free and memory corruption |
|
1241 * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 |
|
1242 SVG buffer overflow and use-after-free issues |
|
1243 * MFSA 2012-64/CVE-2012-3971 |
|
1244 Graphite 2 memory corruption |
|
1245 * MFSA 2012-65/CVE-2012-3972 (bmo#746855) |
|
1246 Out-of-bounds read in format-number in XSLT |
|
1247 * MFSA 2012-66/CVE-2012-3973 (bmo#757128) |
|
1248 HTTPMonitor extension allows for remote debugging without explicit |
|
1249 activation |
|
1250 * MFSA 2012-68/CVE-2012-3975 (bmo#770684) |
|
1251 DOMParser loads linked resources in extensions when parsing |
|
1252 text/html |
|
1253 * MFSA 2012-69/CVE-2012-3976 (bmo#768568) |
|
1254 Incorrect site SSL certificate data display |
|
1255 * MFSA 2012-70/CVE-2012-3978 (bmo#770429) |
|
1256 Location object security checks bypassed by chrome code |
|
1257 * MFSA 2012-72/CVE-2012-3980 (bmo#771859) |
|
1258 Web console eval capable of executing chrome-privileged code |
|
1259 - fix HTML5 video crash with GStreamer enabled (bmo#761030) |
|
1260 - GStreamer is only used for MP4 (no WebM, OGG) |
|
1261 - updated filelist |
|
1262 - moved browser specific preferences to correct location |
|
1263 |
|
1264 ------------------------------------------------------------------- |
|
1265 Sun Jul 29 08:34:39 UTC 2012 - aj@suse.de |
|
1266 |
|
1267 - Fix mozilla-kde.patch to include sys/resource.h for getrlimit etc (glibc 2.16) |
|
1268 |
|
1269 ------------------------------------------------------------------- |
|
1270 Sat Jul 14 19:31:51 UTC 2012 - wr@rosenauer.org |
|
1271 |
|
1272 - update to 14.0.1 (bnc#771583) |
|
1273 * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 |
|
1274 Miscellaneous memory safety hazards |
|
1275 * MFSA 2012-43/CVE-2012-1950 |
|
1276 Incorrect URL displayed in addressbar through drag and drop |
|
1277 * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952 |
|
1278 Gecko memory corruption |
|
1279 * MFSA 2012-45/CVE-2012-1955 (bmo#757376) |
|
1280 Spoofing issue with location |
|
1281 * MFSA 2012-46/CVE-2012-1966 (bmo#734076) |
|
1282 XSS through data: URLs |
|
1283 * MFSA 2012-47/CVE-2012-1957 (bmo#750096) |
|
1284 Improper filtering of javascript in HTML feed-view |
|
1285 * MFSA 2012-48/CVE-2012-1958 (bmo#750820) |
|
1286 use-after-free in nsGlobalWindow::PageHidden |
|
1287 * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) |
|
1288 Same-compartment Security Wrappers can be bypassed |
|
1289 * MFSA 2012-50/CVE-2012-1960 (bmo#761014) |
|
1290 Out of bounds read in QCMS |
|
1291 * MFSA 2012-51/CVE-2012-1961 (bmo#761655) |
|
1292 X-Frame-Options header ignored when duplicated |
|
1293 * MFSA 2012-52/CVE-2012-1962 (bmo#764296) |
|
1294 JSDependentString::undepend string conversion results in memory |
|
1295 corruption |
|
1296 * MFSA 2012-53/CVE-2012-1963 (bmo#767778) |
|
1297 Content Security Policy 1.0 implementation errors cause data |
|
1298 leakage |
|
1299 * MFSA 2012-55/CVE-2012-1965 (bmo#758990) |
|
1300 feed: URLs with an innerURI inherit security context of page |
|
1301 * MFSA 2012-56/CVE-2012-1967 (bmo#758344) |
|
1302 Code execution through javascript: URLs |
|
1303 - license change from tri license to MPL-2.0 |
|
1304 - fix crashreporter restart option (bmo#762780) |
|
1305 - require NSS 3.13.5 |
|
1306 - remove mozjs pacrunner obsoletes again for now |
|
1307 - adopted mozilla-prefer_plugin_pref.patch |
|
1308 - PPC fixes: |
|
1309 * reenabled mozilla-yarr-pcre.patch to fix build for PPC |
|
1310 * add patches for bmo#750620 and bmo#746112 |
|
1311 * fix xpcshell segfault on ppc |
|
1312 |
|
1313 ------------------------------------------------------------------- |
|
1314 Fri Jun 15 12:37:09 UTC 2012 - wr@rosenauer.org |
|
1315 |
|
1316 - update to Firefox 13.0.1 |
|
1317 * bugfix release |
|
1318 - obsolete libproxy's mozjs pacrunner (bnc#759123) |
|
1319 |
|
1320 ------------------------------------------------------------------- |
|
1321 Sat Jun 2 08:22:51 UTC 2012 - wr@rosenauer.org |
|
1322 |
|
1323 - update to Firefox 13.0 (bnc#765204) |
|
1324 * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 |
|
1325 Miscellaneous memory safety hazards |
|
1326 * MFSA 2012-36/CVE-2012-1944 (bmo#751422) |
|
1327 Content Security Policy inline-script bypass |
|
1328 * MFSA 2012-37/CVE-2012-1945 (bmo#670514) |
|
1329 Information disclosure though Windows file shares and shortcut |
|
1330 files |
|
1331 * MFSA 2012-38/CVE-2012-1946 (bmo#750109) |
|
1332 Use-after-free while replacing/inserting a node in a document |
|
1333 * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941 |
|
1334 Buffer overflow and use-after-free issues found using Address |
|
1335 Sanitizer |
|
1336 - require NSS 3.13.4 |
|
1337 * MFSA 2012-39/CVE-2012-0441 (bmo#715073) |
|
1338 - fix sound notifications when filename/path contains a whitespace |
|
1339 (bmo#749739) |
|
1340 |
|
1341 ------------------------------------------------------------------- |
|
1342 Wed May 23 14:40:16 UTC 2012 - adrian@suse.de |
|
1343 |
|
1344 - fix build on arm |
|
1345 |
|
1346 ------------------------------------------------------------------- |
|
1347 Wed May 16 05:34:01 UTC 2012 - wr@rosenauer.org |
|
1348 |
|
1349 - reenabled crashreporter for Factory/12.2 |
|
1350 (fix in mozilla-gcc47.patch) |
|
1351 |
|
1352 ------------------------------------------------------------------- |
|
1353 Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org |
|
1354 |
|
1355 - update to Firefox 12.0 (bnc#758408) |
|
1356 * rebased patches |
|
1357 * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 |
|
1358 Miscellaneous memory safety hazards |
|
1359 * MFSA 2012-22/CVE-2012-0469 (bmo#738985) |
|
1360 use-after-free in IDBKeyRange |
|
1361 * MFSA 2012-23/CVE-2012-0470 (bmo#734288) |
|
1362 Invalid frees causes heap corruption in gfxImageSurface |
|
1363 * MFSA 2012-24/CVE-2012-0471 (bmo#715319) |
|
1364 Potential XSS via multibyte content processing errors |
|
1365 * MFSA 2012-25/CVE-2012-0472 (bmo#744480) |
|
1366 Potential memory corruption during font rendering using cairo-dwrite |
|
1367 * MFSA 2012-26/CVE-2012-0473 (bmo#743475) |
|
1368 WebGL.drawElements may read illegal video memory due to |
|
1369 FindMaxUshortElement error |
|
1370 * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) |
|
1371 Page load short-circuit can lead to XSS |
|
1372 * MFSA 2012-28/CVE-2012-0475 (bmo#694576) |
|
1373 Ambiguous IPv6 in Origin headers may bypass webserver access |
|
1374 restrictions |
|
1375 * MFSA 2012-29/CVE-2012-0477 (bmo#718573) |
|
1376 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues |
|
1377 * MFSA 2012-30/CVE-2012-0478 (bmo#727547) |
|
1378 Crash with WebGL content using textImage2D |
|
1379 * MFSA 2012-31/CVE-2011-3062 (bmo#739925) |
|
1380 Off-by-one error in OpenType Sanitizer |
|
1381 * MFSA 2012-32/CVE-2011-1187 (bmo#624621) |
|
1382 HTTP Redirections and remote content can be read by javascript errors |
|
1383 * MFSA 2012-33/CVE-2012-0479 (bmo#714631) |
|
1384 Potential site identity spoofing when loading RSS and Atom feeds |
|
1385 - added mozilla-libnotify.patch to allow fallback from libnotify |
|
1386 to xul based events if no notification-daemon is running |
|
1387 - gcc 4.7 fixes |
|
1388 * mozilla-gcc47.patch |
|
1389 * disabled crashreporter temporarily for Factory |
|
1390 - recommend libcanberra0 for proper sound notifications |
|
1391 |
|
1392 ------------------------------------------------------------------- |
|
1393 Fri Mar 9 21:47:07 UTC 2012 - wr@rosenauer.org |
|
1394 |
|
1395 - update to Firefox 11.0 (bnc#750044) |
|
1396 * MFSA 2012-13/CVE-2012-0455 (bmo#704354) |
|
1397 XSS with Drag and Drop and Javascript: URL |
|
1398 * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103) |
|
1399 SVG issues found with Address Sanitizer |
|
1400 * MFSA 2012-15/CVE-2012-0451 (bmo#717511) |
|
1401 XSS with multiple Content Security Policy headers |
|
1402 * MFSA 2012-16/CVE-2012-0458 |
|
1403 Escalation of privilege with Javascript: URL as home page |
|
1404 * MFSA 2012-17/CVE-2012-0459 (bmo#723446) |
|
1405 Crash when accessing keyframe cssText after dynamic modification |
|
1406 * MFSA 2012-18/CVE-2012-0460 (bmo#727303) |
|
1407 window.fullScreen writeable by untrusted content |
|
1408 * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/ |
|
1409 CVE-2012-0463 |
|
1410 Miscellaneous memory safety hazards |
|
1411 - ported and reenabled KDE integration (bnc#746591) |
|
1412 - explicitely build-require X libs |
|
1413 |
|
1414 ------------------------------------------------------------------- |
|
1415 Mon Mar 5 13:31:48 UTC 2012 - vdziewiecki@suse.com |
|
1416 |
|
1417 - add Provides: browser(npapi) FATE#313084 |
|
1418 |
|
1419 ------------------------------------------------------------------- |
|
1420 Fri Feb 17 17:41:11 UTC 2012 - pcerny@suse.com |
|
1421 |
|
1422 - better plugin directory resolution (bnc#747320) |
|
1423 |
|
1424 ------------------------------------------------------------------- |
|
1425 Thu Feb 16 08:47:31 UTC 2012 - wr@rosenauer.org |
|
1426 |
|
1427 - update to Firefox 10.0.2 (bnc#747328) |
|
1428 * CVE-2011-3026 (bmo#727401) |
|
1429 libpng: integer overflow leading to heap-buffer overflow |
|
1430 |
|
1431 ------------------------------------------------------------------- |
|
1432 Thu Feb 9 09:26:11 UTC 2012 - wr@rosenauer.org |
|
1433 |
|
1434 - update to Firefox 10.0.1 (bnc#746616) |
|
1435 * MFSA 2012-10/CVE-2012-0452 (bmo#724284) |
|
1436 use after free in nsXBLDocumentInfo::ReadPrototypeBindings |
|
1437 |
|
1438 ------------------------------------------------------------------- |
|
1439 Tue Feb 7 10:40:58 UTC 2012 - dvaleev@suse.com |
|
1440 |
|
1441 - Use YARR interpreter instead of PCRE on platforms where YARR JIT |
|
1442 is not supported, since PCRE doesnt build (bmo#691898) |
|
1443 - fix ppc64 build (bmo#703534) |
|
1444 |
|
1445 ------------------------------------------------------------------- |
|
1446 Mon Jan 30 09:41:59 UTC 2012 - wr@rosenauer.org |
|
1447 |
|
1448 - update to Firefox 10.0 (bnc#744275) |
|
1449 * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443 |
|
1450 Miscellaneous memory safety hazards |
|
1451 * MFSA 2012-03/CVE-2012-0445 (bmo#701071) |
|
1452 <iframe> element exposed across domains via name attribute |
|
1453 * MFSA 2012-04/CVE-2011-3659 (bmo#708198) |
|
1454 Child nodes from nsDOMAttribute still accessible after removal |
|
1455 of nodes |
|
1456 * MFSA 2012-05/CVE-2012-0446 (bmo#705651) |
|
1457 Frame scripts calling into untrusted objects bypass security |
|
1458 checks |
|
1459 * MFSA 2012-06/CVE-2012-0447 (bmo#710079) |
|
1460 Uninitialized memory appended when encoding icon images may |
|
1461 cause information disclosure |
|
1462 * MFSA 2012-07/CVE-2012-0444 (bmo#719612) |
|
1463 Potential Memory Corruption When Decoding Ogg Vorbis files |
|
1464 * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466) |
|
1465 Crash with malformed embedded XSLT stylesheets |
|
1466 - KDE integration has been disabled since it needs refactoring |
|
1467 - removed obsolete ppc64 patch |
|
1468 |
|
1469 ------------------------------------------------------------------- |
|
1470 Sun Jan 22 12:08:07 UTC 2012 - joop.boonen@opensuse.org |
|
1471 |
|
1472 - Disable neon for arm as it doesn't build correctly |
|
1473 |
|
1474 ------------------------------------------------------------------- |
|
1475 Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org |
|
1476 |
|
1477 - update to Firefox 9.0.1 |
|
1478 * (strongparent) parentNode of element gets lost (bmo#335998) |
|
1479 |
|
1480 ------------------------------------------------------------------- |
|
1481 Sun Dec 18 09:58:52 UTC 2011 - adrian@suse.de |
|
1482 |
|
1483 - fix arm build, don't package crashreporter there |
|
1484 |
|
1485 ------------------------------------------------------------------- |
|
1486 Sun Dec 18 09:52:08 UTC 2011 - wr@rosenauer.org |
|
1487 |
|
1488 - update to Firefox 9 (bnc#737533) |
|
1489 * MFSA 2011-53/CVE-2011-3660 |
|
1490 Miscellaneous memory safety hazards (rv:9.0) |
|
1491 * MFSA 2011-54/CVE-2011-3661 (bmo#691299) |
|
1492 Potentially exploitable crash in the YARR regular expression |
|
1493 library |
|
1494 * MFSA 2011-55/CVE-2011-3658 (bmo#708186) |
|
1495 nsSVGValue out-of-bounds access |
|
1496 * MFSA 2011-56/CVE-2011-3663 (bmo#704482) |
|
1497 Key detection without JavaScript via SVG animation |
|
1498 * MFSA 2011-58/VE-2011-3665 (bmo#701259) |
|
1499 Crash scaling <video> to extreme sizes |
|
1500 |
|
1501 ------------------------------------------------------------------- |
|
1502 Sun Nov 27 03:51:54 UTC 2011 - mgorse@suse.com |
|
1503 |
|
1504 - Fix accessibility under GNOME 3 (bnc#732898) |
|
1505 |
|
1506 ------------------------------------------------------------------- |
|
1507 Sat Nov 12 15:16:38 UTC 2011 - dvaleev@suse.com |
|
1508 |
|
1509 - fix ppc64 build |
|
1510 |
|
1511 ------------------------------------------------------------------- |
|
1512 Sun Nov 6 08:20:59 UTC 2011 - wr@rosenauer.org |
|
1513 |
|
1514 - update to Firefox 8 (bnc#728520) |
|
1515 * MFSA 2011-47/CVE-2011-3648 (bmo#690225) |
|
1516 Potential XSS against sites using Shift-JIS |
|
1517 * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 |
|
1518 Miscellaneous memory safety hazards |
|
1519 * MFSA 2011-49/CVE-2011-3650 (bmo#674776) |
|
1520 Memory corruption while profiling using Firebug |
|
1521 * MFSA 2011-52/CVE-2011-3655 (bmo#672182) |
|
1522 Code execution via NoWaiverWrapper |
|
1523 - rebased patches |
|
1524 |
|
1525 ------------------------------------------------------------------- |
|
1526 Thu Oct 20 12:34:47 UTC 2011 - wr@rosenauer.org |
|
1527 |
|
1528 - enable telemetry prompt |
|
1529 |
|
1530 ------------------------------------------------------------------- |
|
1531 Fri Sep 30 10:52:36 UTC 2011 - wr@rosenauer.org |
|
1532 |
|
1533 - update to minor release 7.0.1 |
|
1534 * fixed staged addon updates |
|
1535 - set intl.locale.matchOS=true in the base package as it causes |
|
1536 too much confusion when it's only available with branding-openSUSE |
|
1537 |
|
1538 ------------------------------------------------------------------- |
|
1539 Fri Sep 23 11:22:22 UTC 2011 - wr@rosenauer.org |
|
1540 |
|
1541 - update to Firefox 7 (bnc#720264) |
|
1542 including |
|
1543 * Improve Responsiveness with Memory Reductions |
|
1544 * Instant Sync |
|
1545 * WebSocket protocol 8 |
|
1546 * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997 |
|
1547 Miscellaneous memory safety hazards |
|
1548 * MFSA 2011-39/CVE-2011-3000 (bmo#655389) |
|
1549 Defense against multiple Location headers due to CRLF Injection |
|
1550 * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001 |
|
1551 Code installation through holding down Enter |
|
1552 * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335) |
|
1553 Potentially exploitable WebGL crashes |
|
1554 * MFSA 2011-42/CVE-2011-3232 (bmo#653672) |
|
1555 Potentially exploitable crash in the YARR regular expression |
|
1556 library |
|
1557 * MFSA 2011-43/CVE-2011-3004 (bmo#653926) |
|
1558 loadSubScript unwraps XPCNativeWrapper scope parameter |
|
1559 * MFSA 2011-44/CVE-2011-3005 (bmo#675747) |
|
1560 Use after free reading OGG headers |
|
1561 * MFSA 2011-45 |
|
1562 Inferring keystrokes from motion data |
|
1563 - removed obsolete mozilla-cairo-lcd.patch |
|
1564 - rebased patches |
|
1565 - removed XLIB_SKIP_ARGB_VISUALS=1 from environment in |
|
1566 mozilla.sh.in (bnc#680758) |
|
1567 |
|
1568 ------------------------------------------------------------------- |
|
1569 Fri Sep 16 06:57:38 UTC 2011 - wr@rosenauer.org |
|
1570 |
|
1571 - fixed loading of kde.js under KDE (bnc#718311) |
|
1572 |
|
1573 ------------------------------------------------------------------- |
|
1574 Wed Sep 14 07:02:04 UTC 2011 - wr@rosenauer.org |
|
1575 |
|
1576 - add dbus-1-glib-devel to BuildRequires (not pulled in |
|
1577 automatically anymore on 12.1) |
|
1578 - increase minversions for NSPR and NSS |
|
1579 |
|
1580 ------------------------------------------------------------------- |
|
1581 Fri Sep 9 20:44:15 UTC 2011 - wr@rosenauer.org |
|
1582 |
|
1583 - recreated source archive to get correct source-stamp.txt |
|
1584 |
|
1585 ------------------------------------------------------------------- |
|
1586 Wed Sep 7 14:30:34 UTC 2011 - pcerny@suse.com |
|
1587 |
|
1588 - security update to 6.0.2 (bnc#714931) |
|
1589 * Complete blocking of certificates issued by DigiNotar |
|
1590 (bmo#683449) |
|
1591 |
|
1592 ------------------------------------------------------------------- |
|
1593 Fri Sep 2 14:40:07 UTC 2011 - pcerny@suse.com |
|
1594 |
|
1595 - security update to 6.0.1 (bnc#714931) |
|
1596 * MFSA 2011-34 |
|
1597 Protection against fraudulent DigiNotar certificates |
|
1598 (bmo#682927) |
|
1599 |
|
1600 ------------------------------------------------------------------- |
|
1601 Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org |
|
1602 |
|
1603 - update to 6.0 (bnc#712224) |
|
1604 included security fixes MFSA 2011-29 |
|
1605 * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985 |
|
1606 Miscellaneous memory safety hazards |
|
1607 * CVE-2011-2993 (bmo#657267) |
|
1608 Unsigned scripts can call script inside signed JAR |
|
1609 * CVE-2011-2988 (bmo#665934) |
|
1610 Heap overflow in ANGLE library |
|
1611 * CVE-2011-0084 (bmo#648094) |
|
1612 Crash in SVGTextElement.getCharNumAtPosition() |
|
1613 * CVE-2011-2990 |
|
1614 Credential leakage using Content Security Policy reports |
|
1615 * CVE-2011-2986 (bmo#655836) |
|
1616 Cross-origin data theft using canvas and Windows D2D |
|
1617 - removed obsolete curl header dependency (mozilla-curl.patch) |
|
1618 |
|
1619 ------------------------------------------------------------------- |
|
1620 Fri Jul 22 13:34:12 UTC 2011 - wr@rosenauer.org |
|
1621 |
|
1622 - update to 6.0b3 |
|
1623 * removed obsolete patches |
|
1624 - firefox-shellservice.patch |
|
1625 - mozilla-gio.patch |
|
1626 - mozilla-ppc-ipc.patch |
|
1627 - firefox-linkorder.patch |
|
1628 - firefox-no-sync-l10n.patch |
|
1629 - recognize linux3 as platform for symbolstore.py |
|
1630 |
|
1631 ------------------------------------------------------------------- |
|
1632 Fri Jul 1 19:53:18 CEST 2011 - vuntz@opensuse.org |
|
1633 |
|
1634 - Add x-scheme-handler/ftp to the MimeType key in the .desktop, to |
|
1635 let desktops know that Firefox can deal with ftp: URIs. |
|
1636 |
|
1637 ------------------------------------------------------------------- |
|
1638 Fri Jul 1 06:45:08 UTC 2011 - wr@rosenauer.org |
|
1639 |
|
1640 - create upstream branding package again (supposedly empty) |
|
1641 (bnc#703401) |
|
1642 - fix build on SLE11 (changes do not affect/are not applied for |
|
1643 later versions) |
|
1644 |
|
1645 ------------------------------------------------------------------- |
|
1646 Wed Jun 22 06:41:17 UTC 2011 - wr@rosenauer.org |
|
1647 |
|
1648 - enable startup notification (bnc#701465) |
|
1649 |
|
1650 ------------------------------------------------------------------- |
|
1651 Mon Jun 20 19:37:01 UTC 2011 - wr@rosenauer.org |
|
1652 |
|
1653 - update to 5.0 final |
|
1654 - included fixes for security issues: (bnc#701296, bnc#700578) |
|
1655 * MFSA 2011-19/CVE-2011-2374 CVE-2011-2375 |
|
1656 Miscellaneous memory safety hazards |
|
1657 * MFSA 2011-20/CVE-2011-2373 (bmo#617247) |
|
1658 Use-after-free vulnerability when viewing XUL document with |
|
1659 script disabled |
|
1660 * MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303) |
|
1661 Memory corruption due to multipart/x-mixed-replace images |
|
1662 * MFSA 2011-22/CVE-2011-2371 (bmo#664009) |
|
1663 Integer overflow and arbitrary code execution in |
|
1664 Array.reduceRight() |
|
1665 * MFSA 2011-25/CVE-2011-2366 |
|
1666 Stealing of cross-domain images using WebGL textures |
|
1667 * MFSA 2011-26/CVE-2011-2367 CVE-2011-2368 |
|
1668 Multiple WebGL crashes |
|
1669 * MFSA 2011-27/CVE-2011-2369 (bmo#650001) |
|
1670 XSS encoding hazard with inline SVG |
|
1671 * MFSA 2011-28/CVE-2011-2370 (bmo#645699) |
|
1672 Non-whitelisted site can trigger xpinstall |
|
1673 |
|
1674 ------------------------------------------------------------------- |
|
1675 Mon Jun 20 09:17:42 UTC 2011 - wr@rosenauer.org |
|
1676 |
|
1677 - update to 5.0b7 |
|
1678 * updated supported locales |
|
1679 - do not build dump_syms static (not needed for us) |
|
1680 -> fix build for openSUSE 12.1 and above |
|
1681 |
|
1682 ------------------------------------------------------------------- |
|
1683 Wed Jun 15 14:59:32 UTC 2011 - wr@rosenauer.org |
|
1684 |
|
1685 - update to 5.0b6 |
|
1686 - include proper revision information into the build |
|
1687 - speedier find-external-requires.sh |
|
1688 |
|
1689 ------------------------------------------------------------------- |
|
1690 Tue May 31 06:53:55 UTC 2011 - wr@rosenauer.org |
|
1691 |
|
1692 - update to 5.0b3 |
|
1693 - transformed to standalone Firefox (not xulrunner based) |
|
1694 (with new Firefox rapid release cycle it makes no sense anymore) |
|
1695 * imported all relevant xulrunner patches |
|
1696 - do not compile in build timestamp |
|
1697 |
|
1698 ------------------------------------------------------------------- |
|
1699 Fri Apr 15 07:08:53 UTC 2011 - wr@rosenauer.org |
|
1700 |
|
1701 - security update to 4.0.1 (bnc#689281) |
|
1702 * MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0079 |
|
1703 CVE-2011-0080 CVE-2011-0081 |
|
1704 Miscellaneous memory safety hazards |
|
1705 * MFSA 2011-17/CVE-2011-0068 (bmo#623791) |
|
1706 WebGLES vulnerabilities |
|
1707 * MFSA 2011-18/CVE-2011-1202 (bmo#640339) |
|
1708 XSLT generate-id() function heap address leak |
|
1709 |
|
1710 ------------------------------------------------------------------- |
|
1711 Wed Mar 30 11:24:36 UTC 2011 - wr@rosenauer.org |
|
1712 |
|
1713 - add all available icon sizes |
|
1714 |
|
1715 ------------------------------------------------------------------- |
|
1716 Tue Mar 29 11:55:53 UTC 2011 - cfarrell@novell.com |
|
1717 |
|
1718 - license update: MPLv1.1 or GPLv2+ or LGPLv2+ |
|
1719 Sync licenses with Fedora. MPL does not state ^or later^ |
|
1720 |
|
1721 ------------------------------------------------------------------- |
|
1722 Fri Mar 18 08:49:15 UTC 2011 - wr@rosenauer.org |
|
1723 |
|
1724 - update to version 4.0rc2 |
|
1725 - fixed rpm macros delivered with devel package (bnc#679950) |
|
1726 |
|
1727 ------------------------------------------------------------------- |
|
1728 Wed Feb 23 07:52:04 UTC 2011 - wr@rosenauer.org |
|
1729 |
|
1730 - update to version 4.0b12 |
|
1731 - rebased patches |
|
1732 |
|
1733 ------------------------------------------------------------------- |
|
1734 Fri Feb 4 09:32:50 UTC 2011 - wr@rosenauer.org |
|
1735 |
|
1736 - update to version 4.0b11 |
|
1737 * loads of bugfixes compared to last beta |
|
1738 * added "Do Not Track" option |
|
1739 - rebased patches |
|
1740 - disable testpilot |
|
1741 |
|
1742 ------------------------------------------------------------------- |
|
1743 Fri Jan 28 08:56:12 UTC 2011 - wr@rosenauer.org |
|
1744 |
|
1745 - set correct desktop file name within KDE for 11.4 and up |
|
1746 - add devel package with macros for extensions (from lnussel@suse.de) |
|
1747 |
|
1748 ------------------------------------------------------------------- |
|
1749 Sat Jan 22 22:21:52 UTC 2011 - wr@rosenauer.org |
|
1750 |
|
1751 - update to version 4.0b10 |
|
1752 - removed obsolete firefox-shell-bmo624267.patch |
|
1753 - testpilot moved to distribution/extensions |
|
1754 - updated locale provides and removed bn-IN from locales |
|
1755 |
|
1756 ------------------------------------------------------------------- |
|
1757 Tue Jan 11 06:13:40 UTC 2011 - wr@rosenauer.org |
|
1758 |
|
1759 - update to version 4.0b9 |
|
1760 - added x-scheme-handler for http and https to desktop file for |
|
1761 newer Gnome environments |
|
1762 - fixed default browser check/set for GIO (bmo#611953) |
|
1763 (mozilla-shellservice.patch) |
|
1764 - removed obsolete firefox-appname.patch (integrated into |
|
1765 shellservice patch) |
|
1766 - renamed desktop file to firefox.desktop for 11.4 and newer |
|
1767 (bnc#664211) |
|
1768 - removed support for 10.3 and older from the spec file |
|
1769 - removed obsolete "Ximian" categories from desktop file |
|
1770 |
|
1771 ------------------------------------------------------------------- |
|
1772 Mon Jan 3 17:35:46 CET 2011 - meissner@suse.de |
|
1773 |
|
1774 - Mirror ac_add_options --disable-ipc from xulrunner for PowerPC. |
|
1775 |
|
1776 ------------------------------------------------------------------- |
|
1777 Wed Dec 15 07:49:45 UTC 2010 - wr@rosenauer.org |
|
1778 |
|
1779 - update to version 4.0beta8 |
|
1780 |
|
1781 ------------------------------------------------------------------- |
|
1782 Tue Nov 30 14:19:59 UTC 2010 - wr@rosenauer.org |
|
1783 |
|
1784 - major update to version 4.0beta7 |
|
1785 * based on mozilla-xulrunner20 |
|
1786 * far too many internal changes to list |
|
1787 |
|
1788 ------------------------------------------------------------------- |
|
1789 Wed Oct 27 07:12:14 CEST 2010 - wr@rosenauer.org |
|
1790 |
|
1791 - security update to 3.6.12 (bnc#649492) |
|
1792 * MFSA 2010-73/CVE-2010-3765 (bmo#607222) |
|
1793 Heap buffer overflow mixing document.write and DOM insertion |
|
1794 |
|
1795 ------------------------------------------------------------------- |
|
1796 Wed Oct 6 07:13:52 CEST 2010 - wr@rosenauer.org |
|
1797 |
|
1798 - security update to 3.6.11 (bnc#645315) |
|
1799 * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176 |
|
1800 Miscellaneous memory safety hazards |
|
1801 * MFSA 2010-65/CVE-2010-3179 (bmo#583077) |
|
1802 Buffer overflow and memory corruption using document.write |
|
1803 * MFSA 2010-66/CVE-2010-3180 (bmo#588929) |
|
1804 Use-after-free error in nsBarProp |
|
1805 * MFSA 2010-67/CVE-2010-3183 (bmo#598669) |
|
1806 Dangling pointer vulnerability in LookupGetterOrSetter |
|
1807 * MFSA 2010-68/CVE-2010-3177 (bmo#556734) |
|
1808 XSS in gopher parser when parsing hrefs |
|
1809 * MFSA 2010-69/CVE-2010-3178 (bmo#576616) |
|
1810 Cross-site information disclosure via modal calls |
|
1811 * MFSA 2010-70/CVE-2010-3170 (bmo#578697) |
|
1812 SSL wildcard certificate matching IP addresses |
|
1813 * MFSA 2010-71/CVE-2010-3182 (bmo#590753) |
|
1814 Unsafe library loading vulnerabilities |
|
1815 * MFSA 2010-72/CVE-2010-3173 |
|
1816 Insecure Diffie-Hellman key exchange |
|
1817 |
|
1818 ------------------------------------------------------------------- |
|
1819 Wed Sep 15 07:39:22 CEST 2010 - wr@rosenauer.org |
|
1820 |
|
1821 - update to 3.6.10 |
|
1822 * fixing startup topcrash (bmo#594699) |
|
1823 |
|
1824 ------------------------------------------------------------------- |
|
1825 Thu Aug 26 07:40:28 CEST 2010 - wr@rosenauer.org |
|
1826 |
|
1827 - security update to 3.6.9 (bnc#637303) |
|
1828 * MFSA 2010-49/CVE-2010-3169 |
|
1829 Miscellaneous memory safety hazards |
|
1830 * MFSA 2010-50/CVE-2010-2765 (bmo#576447) |
|
1831 Frameset integer overflow vulnerability |
|
1832 * MFSA 2010-51/CVE-2010-2767 (bmo#584512) |
|
1833 Dangling pointer vulnerability using DOM plugin array |
|
1834 * MFSA 2010-53/CVE-2010-3166 (bmo#579655) |
|
1835 Heap buffer overflow in nsTextFrameUtils::TransformText |
|
1836 * MFSA 2010-54/CVE-2010-2760 (bmo#585815) |
|
1837 Dangling pointer vulnerability in nsTreeSelection |
|
1838 * MFSA 2010-55/CVE-2010-3168 (bmo#576075) |
|
1839 XUL tree removal crash and remote code execution |
|
1840 * MFSA 2010-56/CVE-2010-3167 (bmo#576070) |
|
1841 Dangling pointer vulnerability in nsTreeContentView |
|
1842 * MFSA 2010-57/CVE-2010-2766 (bmo#580445) |
|
1843 Crash and remote code execution in normalizeDocument |
|
1844 * MFSA 2010-59/CVE-2010-2762 (bmo#584180) |
|
1845 SJOW creates scope chains ending in outer object |
|
1846 * MFSA 2010-61/CVE-2010-2768 (bmo#579744) |
|
1847 UTF-7 XSS by overriding document charset using <object> type |
|
1848 attribute |
|
1849 * MFSA 2010-62/CVE-2010-2769 (bmo#520189) |
|
1850 Copy-and-paste or drag-and-drop into designMode document allows |
|
1851 XSS |
|
1852 * MFSA 2010-63/CVE-2010-2764 (bmo#552090) |
|
1853 Information leak via XMLHttpRequest statusText |
|
1854 |
|
1855 ------------------------------------------------------------------- |
|
1856 Wed Jul 28 08:33:14 CEST 2010 - meissner@suse.de |
|
1857 |
|
1858 - disable crash reporter for non x86/x86_64 to make it build. |
|
1859 |
|
1860 ------------------------------------------------------------------- |
|
1861 Sat Jul 24 12:42:58 CEST 2010 - wr@rosenauer.org |
|
1862 |
|
1863 - security update to 3.6.8 (bnc#622506) |
|
1864 * MFSA 2010-48/CVE-2010-2755 (bmo#575836) |
|
1865 Dangling pointer crash regression from plugin parameter array |
|
1866 fix |
|
1867 |
|
1868 ------------------------------------------------------------------- |
|
1869 Fri Jul 16 06:48:44 CEST 2010 - wr@rosenauer.org |
|
1870 |
|
1871 - security update to 3.6.7 (bnc#622506) |
|
1872 * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212 |
|
1873 Miscellaneous memory safety hazards |
|
1874 * MFSA 2010-35/CVE-2010-1208 (bmo#572986) |
|
1875 DOM attribute cloning remote code execution vulnerability |
|
1876 * MFSA 2010-36/CVE-2010-1209 (bmo#552110) |
|
1877 Use-after-free error in NodeIterator |
|
1878 * MFSA 2010-37/CVE-2010-1214 (bmo#572985) |
|
1879 Plugin parameter EnsureCachedAttrParamArrays remote code |
|
1880 execution vulnerability |
|
1881 * MFSA 2010-38/CVE-2010-1215 (bmo#567069) |
|
1882 Arbitrary code execution using SJOW and fast native function |
|
1883 * MFSA 2010-39/CVE-2010-2752 (bmo#574059) |
|
1884 nsCSSValue::Array index integer overflow |
|
1885 * MFSA 2010-40/CVE-2010-2753 (bmo#571106) |
|
1886 nsTreeSelection dangling pointer remote code execution |
|
1887 vulnerability |
|
1888 * MFSA 2010-41/CVE-2010-1205 (bmo#570451) |
|
1889 Remote code execution using malformed PNG image |
|
1890 * MFSA 2010-42/CVE-2010-1213 (bmo#568148) |
|
1891 Cross-origin data disclosure via Web Workers and importScripts |
|
1892 * MFSA 2010-43/CVE-2010-1207 (bmo#571287) |
|
1893 Same-origin bypass using canvas context |
|
1894 * MFSA 2010-44/CVE-2010-1210 (bmo#564679) |
|
1895 Characters mapped to U+FFFD in 8 bit encodings cause subsequent |
|
1896 character to vanish |
|
1897 * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957) |
|
1898 Multiple location bar spoofing vulnerabilities |
|
1899 * MFSA 2010-46/CVE-2010-0654 (bmo#524223) |
|
1900 Cross-domain data theft using CSS |
|
1901 * MFSA 2010-47/CVE-2010-2754 (bmo#568564) |
|
1902 Cross-origin data leakage from script filename in error messages |
|
1903 |
|
1904 ------------------------------------------------------------------- |
|
1905 Sun Jun 27 20:24:31 CEST 2010 - wr@rosenauer.org |
|
1906 |
|
1907 - update to 3.6.6 release |
|
1908 * modifies the crash protection feature to increase the amount |
|
1909 of time that plugins are allowed to be non-responsive before |
|
1910 being terminated. |
|
1911 |
|
1912 ------------------------------------------------------------------- |
|
1913 Wed Jun 23 14:40:35 CEST 2010 - wr@rosenauer.org |
|
1914 |
|
1915 - update to final 3.6.4 release (bnc#603356) |
|
1916 * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/ |
|
1917 CVE-2010-1203 |
|
1918 Crashes with evidence of memory corruption (rv:1.9.2.4) |
|
1919 * MFSA 2010-28/CVE-2010-1198 (bmo#532246) |
|
1920 Freed object reuse across plugin instances |
|
1921 * MFSA 2010-29/CVE-2010-1196 (bmo#534666) |
|
1922 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal |
|
1923 * MFSA 2010-30/CVE-2010-1199 (bmo#554255) |
|
1924 Integer Overflow in XSLT Node Sorting |
|
1925 * MFSA 2010-31/CVE-2010-1125 (bmo#552255) |
|
1926 focus() behavior can be used to inject or steal keystrokes |
|
1927 * MFSA 2010-32/CVE-2010-1197 (bmo#537120) |
|
1928 Content-Disposition: attachment ignored if |
|
1929 Content-Type: multipart also present |
|
1930 * MFSA 2010-33/CVE-2008-5913 (bmo#475585) |
|
1931 User tracking across sites using Math.random() |
|
1932 |
|
1933 ------------------------------------------------------------------- |
|
1934 Mon Jun 7 07:07:33 CEST 2010 - wr@rosenauer.org |
|
1935 |
|
1936 - update to 3.6.4(build6) |
|
1937 |
|
1938 ------------------------------------------------------------------- |
|
1939 Sun Apr 18 09:42:40 CEST 2010 - wr@rosenauer.org |
|
1940 |
|
1941 - security update to 3.6.4 (Lorentz) |
|
1942 * enable crashreporter also for x86-64 |
|
1943 * Flash runs in a separate process to avoid crashing Firefox |
|
1944 (ix86 only; x86-64 still uses nspluginwrapper) |
|
1945 |
|
1946 ------------------------------------------------------------------- |
|
1947 Thu Apr 1 11:15:38 UTC 2010 - wr@rosenauer.org |
|
1948 |
|
1949 - security update to 3.6.3 |
|
1950 * MFSA 2010-25/CVE-2010-1121 (bmo#555109) |
|
1951 Re-use of freed object due to scope confusion |
|
1952 |
|
1953 ------------------------------------------------------------------- |
|
1954 Thu Mar 18 06:43:33 CET 2010 - wr@rosenauer.org |
|
1955 |
|
1956 - security update to version 3.6.2 (bnc#586567) |
|
1957 * MFSA 2010-08/CVE-2010-1028 |
|
1958 WOFF heap corruption due to integer overflow |
|
1959 * MFSA 2010-09/CVE-2010-0164 (bmo#547143) |
|
1960 Deleted frame reuse in multipart/x-mixed-replace image |
|
1961 * MFSA 2010-10/CVE-2010-0170 (bmo#541530) |
|
1962 XSS via plugins and unprotected Location object |
|
1963 * MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167 |
|
1964 Crashes with evidence of memory corruption |
|
1965 * MFSA 2010-12/CVE-2010-0171 (bmo#531364) |
|
1966 XSS using addEventListener and setTimeout on a wrapped object |
|
1967 * MFSA 2010-13/CVE-2010-0168 (bmo#540642) |
|
1968 Content policy bypass with image preloading |
|
1969 * MFSA 2010-14/CVE-2010-0169 (bmo#535806) |
|
1970 Browser chrome defacement via cached XUL stylesheets |
|
1971 * MFSA 2010-15/CVE-2010-0172 (bmo#537862) |
|
1972 Asynchronous Auth Prompt attaches to wrong window |
|
1973 * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174 |
|
1974 Crashes with evidence of memory corruption |
|
1975 * MFSA 2010-18/CVE-2010-0176 (bmo#538308) |
|
1976 Dangling pointer vulnerability in nsTreeContentView |
|
1977 * MFSA 2010-19/CVE-2010-0177 (bmo#538310) |
|
1978 Dangling pointer vulnerability in nsPluginArray |
|
1979 * MFSA 2010-20/CVE-2010-0178 (bmo#546909) |
|
1980 Chrome privilege escalation via forced URL drag and drop |
|
1981 * MFSA 2010-22/CVE-2009-3555 (bmo#545755) |
|
1982 Update NSS to support TLS renegotiation indication |
|
1983 * MFSA 2010-23/CVE-2010-0181 (bmo#452093) |
|
1984 Image src redirect to mailto: URL opens email editor |
|
1985 * MFSA 2010-24/CVE-2010-0182 (bmo#490790) |
|
1986 XMLDocument::load() doesn't check nsIContentPolicy |
|
1987 |
|
1988 ------------------------------------------------------------------- |
|
1989 Mon Jan 18 09:42:50 CET 2010 - wr@rosenauer.org |
|
1990 |
|
1991 - update to 3.6rc2 (already named 3.6.0) |
|
1992 - removed obsolete orbit-devel build requirement |
|
1993 |
|
1994 ------------------------------------------------------------------- |
|
1995 Wed Jan 6 17:15:40 CET 2010 - wr@rosenauer.org |
|
1996 |
|
1997 - major update to 3.6rc1 |
|
1998 |
|
1999 ------------------------------------------------------------------- |
|
2000 Fri Dec 25 09:39:42 CET 2009 - wr@rosenauer.org |
|
2001 |
|
2002 - update to version 3.5.7 (bnc#568011) |
|
2003 * DNS resolution in MakeSN of nsAuthSSPI causing issues for |
|
2004 proxy servers that support NTLM auth (bmo#535193) |
|
2005 - added missing lockdown preferences (bnc#567131) |
|
2006 |
|
2007 ------------------------------------------------------------------- |
|
2008 Thu Dec 17 20:06:38 CET 2009 - wr@rosenauer.org |
|
2009 |
|
2010 - readded firefox-ui-lockdown.patch (bnc#546158) |
|
2011 |
|
2012 ------------------------------------------------------------------- |
|
2013 Thu Dec 3 21:53:59 CET 2009 - wr@rosenauer.org |
|
2014 |
|
2015 - security update to version 3.5.6 (bnc#559807) |
|
2016 * MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982 |
|
2017 Crashes with evidence of memory corruption (rv:1.9.1.6) |
|
2018 * MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816) |
|
2019 Memory safety fixes in liboggplay media library |
|
2020 * MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613) |
|
2021 Integer overflow, crash in libtheora video library |
|
2022 * MFSA 2009-68/CVE-2009-3983 (bmo#487872) |
|
2023 NTLM reflection vulnerability |
|
2024 * MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) |
|
2025 Location bar spoofing vulnerabilities |
|
2026 * MFSA 2009-70/VE-2009-3986 (bmo#522430) |
|
2027 Privilege escalation via chrome window.opener |
|
2028 - fixed firefox-browser-css.patch (bnc#561027) |
|
2029 |
|
2030 ------------------------------------------------------------------- |
|
2031 Mon Nov 23 22:31:21 CET 2009 - wr@rosenauer.org |
|
2032 |
|
2033 - rebased patches for fuzz=0 |
|
2034 |
|
2035 ------------------------------------------------------------------- |
|
2036 Thu Nov 5 19:49:33 UTC 2009 - wr@rosenauer.org |
|
2037 |
|
2038 - update to version 3.5.5 (bnc#553172) |
|
2039 |
|
2040 ------------------------------------------------------------------- |
|
2041 Sat Oct 17 23:19:23 CEST 2009 - wr@rosenauer.org |
|
2042 |
|
2043 - security update to version 3.5.4 (bnc#545277) |
|
2044 * MFSA 2009-52/CVE-2009-3370 (bmo#511615) |
|
2045 Form history vulnerable to stealing |
|
2046 * MFSA 2009-53/CVE-2009-3274 (bmo#514823) |
|
2047 Local downloaded file tampering |
|
2048 * MFSA 2009-54/CVE-2009-3371 (bmo#514554) |
|
2049 Crash with recursive web-worker calls |
|
2050 * MFSA 2009-55/CVE-2009-3372 (bmo#500644) |
|
2051 Crash in proxy auto-configuration regexp parsing |
|
2052 * MFSA 2009-56/CVE-2009-3373 (bmo#511689) |
|
2053 Heap buffer overflow in GIF color map parser |
|
2054 * MFSA 2009-57/CVE-2009-3374 (bmo#505988) |
|
2055 Chrome privilege escalation in XPCVariant::VariantDataToJS() |
|
2056 * MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862) |
|
2057 Heap buffer overflow in string to number conversion |
|
2058 * MFSA 2009-61/CVE-2009-3375 (bmo#503226) |
|
2059 Cross-origin data theft through document.getSelection() |
|
2060 * MFSA 2009-62/CVE-2009-3376 (bmo#511521) |
|
2061 Download filename spoofing with RTL override |
|
2062 * MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378 |
|
2063 Upgrade media libraries to fix memory safety bugs |
|
2064 * MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383 |
|
2065 Crashes with evidence of memory corruption |
|
2066 - removed upstreamed patch |
|
2067 * firefox-bug506901.patch |
|
2068 |
|
2069 ------------------------------------------------------------------- |
|
2070 Wed Oct 7 20:11:24 CEST 2009 - llunak@novell.com |
|
2071 |
|
2072 - fix KDE button order in one more place (bnc#170055) |
|
2073 |
|
2074 ------------------------------------------------------------------- |
|
2075 Fri Oct 2 20:26:49 CEST 2009 - wr@rosenauer.org |
|
2076 |
|
2077 - improve UI colors to be usable with dark themes at all |
|
2078 (firefox-browser-css.patch) (bnc#503351) |
|
2079 - extend list of supported architectures as ABI identifier |
|
2080 (mozilla-abi.patch) (bnc#543460) |
|
2081 |
|
2082 ------------------------------------------------------------------- |
|
2083 Mon Sep 14 00:07:55 CEST 2009 - wr@rosenauer.org |
|
2084 |
|
2085 - added KDE integration patch from llunak@novell.com |
|
2086 (firefox-kde.patch) |
|
2087 * support for knotify, making -kde4-addon obsolete |
|
2088 * KDE-specific support functional (bnc#170055) |
|
2089 - do not build libnkgnomevfs (bmo#512671) (firefox-no-gnomevfs) |
|
2090 |
|
2091 ------------------------------------------------------------------- |
|
2092 Thu Sep 10 09:34:26 CEST 2009 - wr@rosenauer.org |
|
2093 |
|
2094 - security update to version 3.5.3 (bnc#534458) |
|
2095 * MFSA 2009-47/CVE-2009-3069/CVE-2009-3070/CVE-2009-3071/ |
|
2096 CVE-2009-3072/CVE-2009-3073/CVE-2009-3074/CVE-2009-3075 |
|
2097 Crashes with evidence of memory corruption |
|
2098 * MFSA 2009-49/CVE-2009-3077 (bmo#506871) |
|
2099 TreeColumns dangling pointer vulnerability |
|
2100 * MFSA 2009-50/CVE-2009-3078 (bmo#453827) |
|
2101 Location bar spoofing via tall line-height Unicode characters |
|
2102 * MFSA 2009-51/CVE-2009-3079 (bmo#454363) |
|
2103 Chrome privilege escalation with FeedWriter |
|
2104 |
|
2105 ------------------------------------------------------------------- |
|
2106 Wed Aug 19 22:14:07 CEST 2009 - wr@rosenauer.org |
|
2107 |
|
2108 - renamed patch firefox-contextmenu-gnome to firefox-cross-desktop |
|
2109 as it contains more tweaks to handle non-Gnome environments and |
|
2110 especially KDE integration: |
|
2111 * added the ability to set the KDE default browser |
|
2112 (still part of bnc#170055) |
|
2113 |
|
2114 ------------------------------------------------------------------- |
|
2115 Sat Aug 8 00:14:18 CEST 2009 - wr@rosenauer.org |
|
2116 |
|
2117 - split -translations package into -common and -other |
|
2118 (bnc#529180) |
|
2119 - remove "set as background" from context menu if not running in |
|
2120 Gnome (part of bnc#170055) |
|
2121 |
|
2122 ------------------------------------------------------------------- |
|
2123 Fri Jul 31 09:01:57 CEST 2009 - wr@rosenauer.org |
|
2124 |
|
2125 - security update to version 3.5.2 |
|
2126 * MFSA 2009-38/CVE-2009-2470 (bmo#459524) |
|
2127 Data corruption with SOCKS5 reply containing DNS name longer |
|
2128 than 15 characters |
|
2129 * MFSA 2009-44/CVE-2009-2654 (bmo#451898) |
|
2130 Location bar and SSL indicator spoofing via window.open() on |
|
2131 invalid URL |
|
2132 * MFSA 2009-45 |
|
2133 Crashes with evidence of memory corruption |
|
2134 * MFSA 2009-46 (bmo#498897) |
|
2135 Chrome privilege escalation due to incorrectly cached wrapper |
|
2136 * various other stability fixes |
|
2137 - export MOZ_APP_LAUNCHER in the startscript (bmo#453689) |
|
2138 |
|
2139 ------------------------------------------------------------------- |
|
2140 Tue Jul 28 14:54:46 CEST 2009 - wr@rosenauer.org |
|
2141 |
|
2142 - fixed %exclude usage |
|
2143 - fixed preferences' advanced pane for fresh profiles (bmo#506901) |
|
2144 |
|
2145 ------------------------------------------------------------------- |
|
2146 Wed Jul 15 20:13:19 CEST 2009 - wr@rosenauer.org |
|
2147 |
|
2148 - security update to version 3.5.1 |
|
2149 * MFSA 2009-41 |
|
2150 Corrupt JIT state after deep return from native function |
|
2151 |
|
2152 ------------------------------------------------------------------- |
|
2153 Mon Jul 6 12:33:47 CEST 2009 - wr@rosenauer.org |
|
2154 |
|
2155 - added mozilla-linkorder.patch to fix build with --as-needed |
|
2156 |
|
2157 ------------------------------------------------------------------- |
|
2158 Tue Jun 30 08:52:00 CEST 2009 - wr@rosenauer.org |
|
2159 |
|
2160 - update to final version 3.5 (20090623) |
|
2161 |
|
2162 ------------------------------------------------------------------- |
|
2163 Tue Jun 23 09:39:50 CEST 2009 - wr@rosenauer.org |
|
2164 |
|
2165 - fixed build by linking to a real file |
|
2166 |
|
2167 ------------------------------------------------------------------- |
|
2168 Thu Jun 18 10:19:40 CEST 2009 - wr@rosenauer.org |
|
2169 |
|
2170 - update to version 3.5rc2 (20090617) |
|
2171 - BuildRequire mozilla-xulrunner191 = 1.9.1.0 |
|
2172 |
|
2173 ------------------------------------------------------------------- |
|
2174 Sat Jun 6 15:59:02 CEST 2009 - wr@rosenauer.org |
|
2175 |
|
2176 - update to version 3.5b99 (20090604) |
|
2177 - BuildRequire mozilla-xulrunner191 = 1.9.1b99 |
|
2178 |
|
2179 ------------------------------------------------------------------- |
|
2180 Wed May 27 08:03:16 CEST 2009 - wr@rosenauer.org |
|
2181 |
|
2182 - fixed typos in improved xulrunner dependencies |
|
2183 |
|
2184 ------------------------------------------------------------------- |
|
2185 Mon May 11 18:25:12 CEST 2009 - wr@rosenauer.org |
|
2186 |
|
2187 - use non-localized Downloads folder (bnc#501724) |
|
2188 |
|
2189 ------------------------------------------------------------------- |
|
2190 Mon May 4 07:57:50 CEST 2009 - wr@rosenauer.org |
|
2191 |
|
2192 - update to new major version 3.5b4 |
|
2193 * based on Gecko 1.9.1 (mozilla-xulrunner191) |
|
2194 * Private Browsing Mode |
|
2195 * TraceMonkey JavaScript engine |
|
2196 * Geolocation support |
|
2197 * native JSON and web worker threads support |
|
2198 * speculative parsing for faster content rendering |
|
2199 * Some HTML5 support |
|
2200 - updated firefox.schemas |
|
2201 - improved firefox-no-update.patch |
|
2202 |
|
2203 ------------------------------------------------------------------- |
|
2204 Tue Apr 28 10:47:54 CEST 2009 - wr@rosenauer.org |
|
2205 |
|
2206 - security update to 3.0.10 |
|
2207 * MFSA 2009-23/CVE-2009-1313 (bmo#489647) |
|
2208 Crash in nsTextFrame::ClearTextRun() |
|
2209 |
|
2210 ------------------------------------------------------------------- |
|
2211 Thu Apr 16 13:52:21 CEST 2009 - wr@rosenauer.org |
|
2212 |
|
2213 - security update to 3.0.9 (bnc#495473) |
|
2214 * MFSA 2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304/CVE-2009-1305 |
|
2215 Crashes with evidence of memory corruption (rv:1.9.0.9) |
|
2216 * MFSA 2009-15/CVE-2009-0652 (bmo#479336) |
|
2217 URL spoofing with box drawing character |
|
2218 * MFSA 2009-16/CVE-2009-1306 (bmo#474536) |
|
2219 jar: scheme ignores the content-disposition: header on the |
|
2220 inner URI |
|
2221 * MFSA 2009-17/CVE-2009-1307 (bmo#481342) |
|
2222 Same-origin violations when Adobe Flash loaded via |
|
2223 view-source: scheme |
|
2224 * MFSA 2009-18/CVE-2009-1308 (bmo#481558) |
|
2225 XSS hazard using third-party stylesheets and XBL bindings |
|
2226 * MFSA 2009-19/CVE-2009-1309 (bmo#482206,478433) |
|
2227 Same-origin violations in XMLHttpRequest and |
|
2228 XPCNativeWrapper.toString |
|
2229 * MFSA 2009-20/CVE-2009-1310 (bmo#483086) |
|
2230 Malicious search plugins can inject code into arbitrary sites |
|
2231 * MFSA 2009-21/CVE-2009-1311 (bmo#471962) |
|
2232 POST data sent to wrong site when saving web page with |
|
2233 embedded frame |
|
2234 * MFSA 2009-22/CVE-2009-1312 (bmo#475636) |
|
2235 Firefox allows Refresh header to redirect to javascript: URIs |
|
2236 |
|
2237 ------------------------------------------------------------------- |
|
2238 Fri Mar 27 09:43:43 CET 2009 - wr@rosenauer.org |
|
2239 |
|
2240 - security update to 1.9.0.8 (bnc#488955,489411) |
|
2241 * MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) |
|
2242 Crash and remote code execution in XSL transformation |
|
2243 * MFSA 2009-13/CVE-2009-1044 (bmo#484320) |
|
2244 Arbitrary code execution via XUL tree moveToEdgeShift |
|
2245 - allow RPM provides for stuff besides shared libraries |
|
2246 (e.g. mime-types) |
|
2247 |
|
2248 ------------------------------------------------------------------- |
|
2249 Sun Mar 1 11:08:58 CET 2009 - wr@rosenauer.org |
|
2250 |
|
2251 - security update to 3.0.7 (bnc#478625) |
|
2252 * MFSA 2009-07 - Crashes with evidence of memory corruption |
|
2253 CVE-2009-0771 - Layout Engine Crashes |
|
2254 CVE-2009-0772 - Layout Engine Crashes |
|
2255 CVE-2009-0773 - crashes in the JavaScript engine |
|
2256 CVE-2009-0774 - Layout Engine Crashes |
|
2257 * MFSA 2009-08/CVE-2009-0775 - (bmo#474456) |
|
2258 Mozilla Firefox XUL Linked Clones Double Free Vulnerability |
|
2259 * MFSA 2009-09/CVE-2009-0776 (bmo#414540) |
|
2260 XML data theft via RDFXMLDataSource and cross-domain redirect |
|
2261 * MFSA 2009-10/CVE-2009-0040 (bmo#478901) |
|
2262 Upgrade PNG library to fix memory safety hazards |
|
2263 * MFSA 2009-11/CVE-2009-0777 (bmo#452979) |
|
2264 URL spoofing with invisible control characters |
|
2265 |
|
2266 ------------------------------------------------------------------- |
|
2267 Wed Feb 4 18:58:59 EST 2009 - hfiguiere@suse.de |
|
2268 |
|
2269 - Review and approve changes. |
|
2270 |
|
2271 ------------------------------------------------------------------- |
|
2272 Wed Jan 28 13:48:00 CET 2009 - wr@rosenauer.org |
|
2273 |
|
2274 - security update to 3.0.6 (bnc#470074) |
|
2275 * MFSA 2009-06/CVE-2009-0358: Directives to not cache pages ignored |
|
2276 (bmo#441751) |
|
2277 * MFSA 2009-05/CVE-2009-0357: XMLHttpRequest allows reading |
|
2278 HTTPOnly cookies (bmo#380418) |
|
2279 * MFSA 2009-04/CVE-2009-0356: Chrome privilege escalation via |
|
2280 local .desktop files (bmo#460425) |
|
2281 * MFSA 2009-03/CVE-2009-0355: Local file stealing with SessionStore |
|
2282 (bmo#466937) |
|
2283 * MFSA 2009-02/CVE-2009-0354: XSS using a chrome XBL method |
|
2284 and window.eval (bmo#468581) |
|
2285 * MFSA 2009-01/CVE-2009-0352 - CVE-2009-0353: Crashes with |
|
2286 evidence of memory corruption (rv:1.9.0.6) (bmo#452913, |
|
2287 bmo#449006, bmo#331088, bmo#401042, bmo#416461, bmo#422283, |
|
2288 bmo#422301, bmo#431705, bmo#437142, bmo#421839, bmo#420697, |
|
2289 bmo#461027) |
|
2290 * (non security) added lv locale |
|
2291 |
|
2292 ------------------------------------------------------------------- |
|
2293 Thu Jan 22 11:09:42 EST 2009 - hfiguiere@suse.de |
|
2294 |
|
2295 - Fix the wrapper script for PowerPC 64-bits (bnc#464753) |
|
2296 |
|
2297 ------------------------------------------------------------------- |
|
2298 Wed Dec 17 13:13:25 EST 2008 - hfiguiere@suse.de |
|
2299 |
|
2300 - Review and approve changes. |
|
2301 |
|
2302 ------------------------------------------------------------------- |
|
2303 Mon Dec 15 16:41:57 CET 2008 - wr@rosenauer.org |
|
2304 |
|
2305 - security update to 1.9.0.5 (bnc#455804) |
|
2306 for details |
|
2307 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html |
|
2308 * removed aboutRights workaround again |
|
2309 * added et locale |
|
2310 |
|
2311 ------------------------------------------------------------------- |
|
2312 Tue Nov 25 10:14:45 EST 2008 - hfiguiere@suse.de |
|
2313 |
|
2314 - Review and approve changes. |
|
2315 |
|
2316 ------------------------------------------------------------------- |
|
2317 Sat Nov 22 13:26:03 CET 2008 - wr@rosenauer.org |
|
2318 |
|
2319 - replace license agreement with about:rights toolbar |
|
2320 (backported from upcoming FF 3.0.5) (bnc#436054, bmo#456439) |
|
2321 (it's always displayed in en-US) |
|
2322 |
|
2323 ------------------------------------------------------------------- |
|
2324 Fri Nov 21 03:11:41 EST 2008 - hfiguiere@suse.de |
|
2325 |
|
2326 - Update firefox-lockdown-ui.patch |
|
2327 * Print Setup is now properly locked down. bnc#431028 |
|
2328 * Bookmark editing it now properly locked down. bnc#439335 |
|
2329 * Bookmars are properly hidden. |
|
2330 * History is properly locked down. bnc#439343 |
|
2331 * Make sure the search bar is not put back when resetting the |
|
2332 toolbar. bnc#439358 |
|
2333 |
|
2334 ------------------------------------------------------------------- |
|
2335 Thu Nov 20 18:49:19 CST 2008 - maw@suse.de |
|
2336 |
|
2337 - Review and approve changes. |
|
2338 |
|
2339 ------------------------------------------------------------------- |
|
2340 Thu Nov 13 08:22:13 CET 2008 - wr@rosenauer.org |
|
2341 |
|
2342 - lockdown cleanup |
|
2343 * removed gecko-lockdown.patch from Firefox (it's in xulrunner) |
|
2344 * stripped out some toolkit stuff from firefox-ui-lockdown |
|
2345 * added extra default preferences for lockdown |
|
2346 |
|
2347 ------------------------------------------------------------------- |
|
2348 Wed Nov 12 17:55:19 CST 2008 - maw@suse.de |
|
2349 |
|
2350 - Review and approve changes. |
|
2351 |
|
2352 ------------------------------------------------------------------- |
|
2353 Tue Nov 11 09:15:59 CET 2008 - wr@rosenauer.org |
|
2354 |
|
2355 - update to security/maintenance release 3.0.4 (bnc#439841) |
|
2356 * support additional locales (bg, cy, eo, oc) |
|
2357 - removed obsolete configure option (enable-gconf) |
|
2358 |
|
2359 ------------------------------------------------------------------- |
|
2360 Fri Nov 7 15:39:54 CST 2008 - maw@suse.de |
|
2361 |
|
2362 - Review and approve changes. |
|
2363 |
|
2364 ------------------------------------------------------------------- |
|
2365 Tue Nov 4 23:27:03 CET 2008 - wr@rosenauer.org |
|
2366 |
|
2367 - moved gconf schema into branding packages (bnc#441646) |
|
2368 |
|
2369 ------------------------------------------------------------------- |
|
2370 Tue Oct 28 16:16:14 EDT 2008 - hfiguiere@suse.de |
|
2371 |
|
2372 - Fix missing %endif (for fix for bnc#434283) |
|
2373 |
|
2374 ------------------------------------------------------------------- |
|
2375 Mon Oct 27 17:05:02 EDT 2008 - hfiguiere@suse.de |
|
2376 |
|
2377 - Add disable_show_passwords to firefox.schemas. (FATE #301534) |
|
2378 |
|
2379 ------------------------------------------------------------------- |
|
2380 Mon Oct 27 11:57:29 CET 2008 - wr@rosenauer.org |
|
2381 |
|
2382 - make biarch dependencies work correctly (bnc#434283) |
|
2383 |
|
2384 ------------------------------------------------------------------- |
|
2385 Thu Oct 23 10:14:22 EDT 2008 - hfiguiere@suse.de |
|
2386 |
|
2387 - Added firefox-ui-lockdown.patch and gecko-lockdown.patch |
|
2388 * Lockdown: FATE#302023, FATE#302024 |
|
2389 |
|
2390 ------------------------------------------------------------------- |
|
2391 Mon Oct 6 14:55:48 CEST 2008 - sbrabec@suse.cz |
|
2392 |
|
2393 - Conflict with other branding providers (FATE#304881). |
|
2394 |
|
2395 ------------------------------------------------------------------- |
|
2396 Mon Sep 29 12:27:43 CDT 2008 - maw@suse.de |
|
2397 |
|
2398 - Review and approve changes. |
|
2399 |
|
2400 ------------------------------------------------------------------- |
|
2401 Mon Sep 29 11:36:30 CDT 2008 - maw@suse.de |
|
2402 |
|
2403 - Remove a reference to a stale patch. |
|
2404 |
|
2405 ------------------------------------------------------------------- |
|
2406 Sun Sep 28 18:19:26 CEST 2008 - wr@rosenauer.org |
|
2407 |
|
2408 - update to regression fix release 3.0.3 |
|
2409 * Fixed a problem where users were unable to retrieve saved |
|
2410 passwords or save new passwords (bmo#454708, bnc#429179#c20, |
|
2411 CVE-2008-4063, CVE-2008-4064, CVE-2008-3836, andCVE-2008-4070) |
|
2412 |
|
2413 ------------------------------------------------------------------- |
|
2414 Thu Sep 25 14:47:13 CDT 2008 - maw@suse.de |
|
2415 |
|
2416 - Review and approve changes. |
|
2417 |
|
2418 ------------------------------------------------------------------- |
|
2419 Mon Sep 15 13:45:16 CEST 2008 - wr@rosenauer.org |
|
2420 |
|
2421 - update to security/maintenance release 3.0.2 (bnc#429179) |
|
2422 - removed unused files from sources |
|
2423 - fix more rpmlint complaints and provide a config file to filter |
|
2424 false positives |
|
2425 - disable Gnome crashreporter as it has no value |
|
2426 - brought man-page up to date for the firefox stub |
|
2427 (removing firefox-bin reference) |
|
2428 - en-US locale not longer packaged in translations subpackage |
|
2429 |
|
2430 ------------------------------------------------------------------- |
|
2431 Fri Aug 15 18:56:26 CDT 2008 - maw@novell.com |
|
2432 |
|
2433 - Review and approve changes. |
|
2434 |
|
2435 ------------------------------------------------------------------- |
|
2436 Mon Aug 4 09:26:05 CEST 2008 - wr@rosenauer.org |
|
2437 |
|
2438 - Tweak branding split |
|
2439 |
|
2440 ------------------------------------------------------------------- |
|
2441 Tue Jul 29 15:02:47 CEST 2008 - vuntz@novell.com |
|
2442 |
|
2443 - Create branding package (bnc#390752): |
|
2444 + search-addons.tar.bz2, bookmarks.html.suse and |
|
2445 firefox-suse-default-prefs.js will be moved to |
|
2446 MozillaFirefox-branding-openSUSE |
|
2447 + create a MozillaFirefox-branding-upstream package |
|
2448 |
|
2449 ------------------------------------------------------------------- |
|
2450 Mon Jul 28 20:54:22 CEST 2008 - mauro@suse.de |
|
2451 |
|
2452 - Update to stability/security release 3.0.1 (bnc#407573) |
|
2453 (thanks, Wolfgang) |
|
2454 + MFSA 2008-36 Crash with malformed GIF file on Mac OS X |
|
2455 + MFSA 2008-35 Command-line URLs launch multiple tabs when |
|
2456 Firefox not running |
|
2457 + MFSA 2008-34 Remote code execution by overflowing CSS reference counter |
|
2458 - Set browser.shell.checkDefaultBrowser to true (bnc#404119) |
|
2459 |
|
2460 ------------------------------------------------------------------- |
|
2461 Tue Jun 17 18:49:33 CEST 2008 - maw@suse.de |
|
2462 |
|
2463 - Merge changes from the build service (thanks, Wolfgang) |
|
2464 (bnc#400001 and SWAMP#18164). |
|
2465 |
|
2466 ------------------------------------------------------------------- |
|
2467 Tue Jun 17 14:40:04 CEST 2008 - wr@rosenauer.org |
|
2468 |
|
2469 - update to version 3.0 |
|
2470 - fixed double entry in bookmarks for www.opensuse.org (bnc#396980 |
|
2471 |
|
2472 ------------------------------------------------------------------- |
|
2473 Thu May 15 13:45:51 CEST 2008 - aj@suse.de |
|
2474 |
|
2475 - Add Planet SUSE, forums.o.o and How to participate to default |
|
2476 URLs. |
|
2477 |
|
2478 ------------------------------------------------------------------- |
|
2479 Fri May 2 16:25:24 CEST 2008 - maw@suse.de |
|
2480 |
|
2481 - network.protocol-handler.app.* prefs are no longer supported; |
|
2482 remove references to them from firefox-suse-default-prefs.js |
|
2483 (bnc#383697). |
|
2484 |
|
2485 ------------------------------------------------------------------- |
|
2486 Thu Apr 3 01:42:34 CEST 2008 - maw@suse.de |
|
2487 |
|
2488 - Update to Firefox 3.0b5 (2.9.95) (thanks, Wolfgang). |
|
2489 |
|
2490 ------------------------------------------------------------------- |
|
2491 Wed Mar 26 01:05:18 CET 2008 - maw@suse.de |
|
2492 |
|
2493 - Merge changes from the build service (thanks, Wolfgang) |
|
2494 - Update to the fourth Firefox 3.0 Beta (2.9.94): |
|
2495 + Based upon the Gecko 1.9 Web rendering platform, which improves |
|
2496 performance, stability, and rendering correctness; it also |
|
2497 boasts a considerable simplification in its code |
|
2498 + Security improvements: |
|
2499 * One-click site info |
|
2500 * Malware Protection |
|
2501 * New Web Forgery Protection page |
|
2502 * New SSL error pages |
|
2503 * Add-ons and Plugin version check |
|
2504 * Secure add-on updates |
|
2505 * Effective top-level domain (eTLD) service to better restrict |
|
2506 cookies and other restricted content to a single domain |
|
2507 * Better protection against cross-site JSON data leaks |
|
2508 + Usability improvements: |
|
2509 * Easier password management |
|
2510 * Simplified add-on installation |
|
2511 * New Download Manager |
|
2512 * Resumable downloading |
|
2513 * Full page zoom |
|
2514 * Podcasts and Videocasts can be associated with your media |
|
2515 playback tools |
|
2516 * Tab scrolling and quickmenu |
|
2517 * Save what you were doing: Firefox will prompt users to save |
|
2518 tabs on exit |
|
2519 * Optimized Open in Tabs behavior |
|
2520 * Location and Search bar size can now be customized with a |
|
2521 simple resizer item |
|
2522 * Text selection improvements |
|
2523 * Find toolbar |
|
2524 * Improved integration with Linux: Firefox's default icons, |
|
2525 buttons, and menu styles now use the native GTK theme |
|
2526 + Personalization improvements: |
|
2527 * Star button: quickly add bookmarks from the location bar |
|
2528 with a single click; a second click lets you file and tag them |
|
2529 * Tags: associate keywords with your bookmarks to sort them |
|
2530 by topic |
|
2531 * Location bar & auto-complete |
|
2532 * Smart Bookmarks Folder |
|
2533 * Places Organizer: view, organize and search through all |
|
2534 of your bookmarks, tags, and browsing history with multiple |
|
2535 views and smart folders to store your frequent searches |
|
2536 * Web-based protocol handlers |
|
2537 * Download & Install Add-ons |
|
2538 * Easy to use Download Actions |
|
2539 + Improved platform for web developers: |
|
2540 * New graphics and font handling: new graphics and text |
|
2541 rendering architectures in Gecko 1.9 provides rendering |
|
2542 improvements in CSS, SVG as well as improved display of |
|
2543 fonts with ligatures and complex scripts |
|
2544 * Color management: (set gfx.color_management.enabled on |
|
2545 in about:config and restart the browser to enable.); |
|
2546 Firefox can now adjust images with embedded color profiles |
|
2547 * Offline support: enables web applications to provide |
|
2548 offline functionality (website authors must add support |
|
2549 for offline browsing to their site for this feature |
|
2550 to be available to users) |
|
2551 + Improved performance: |
|
2552 * Speed: improvements to the JavaScript engine as well as |
|
2553 profile guided optimizations have resulted in significant |
|
2554 improvements in performance; compared to Firefox 2, |
|
2555 web applications like Google Mail and Zoho Office run |
|
2556 twice as fast in Firefox 3 Beta 4, and the popular |
|
2557 SunSpider test from Apple shows improvements over |
|
2558 previous releases |
|
2559 * Memory usage: Several new technologies work together to |
|
2560 reduce the amount of memory used by Firefox 3 Beta 4 |
|
2561 over a web browsing session; memory cycles are broken |
|
2562 and collected by an automated cycle collector, a new |
|
2563 memory allocator reduces fragmentation, hundreds of leaks |
|
2564 have been fixed, and caching strategies have been tuned |
|
2565 * Reliability: A user's bookmarks, history, cookies, and |
|
2566 preferences are now stored in a transactionally secure |
|
2567 database format which will prevent data loss even if their |
|
2568 system crashes |
|
2569 - This version depends upon the mozilla-xulrunner190 package |
|
2570 - Drop various stale packages, respin several that have been |
|
2571 kept around, and add a few new ones. |
|
2572 |
|
2573 ------------------------------------------------------------------- |
|
2574 Mon Feb 11 18:18:14 CET 2008 - maw@suse.de |
|
2575 |
|
2576 - Security update to version 2.0.0.12 (bnc#354469): |
|
2577 + MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div |
|
2578 overlay |
|
2579 + MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet |
|
2580 redirect |
|
2581 + MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain |
|
2582 text files |
|
2583 + MFSA 2008-08/CVE-2008-0591 File action dialog tampering |
|
2584 + MFSA 2008-06/CVE-2008-0419 Web browsing history and forward |
|
2585 navigation stealing |
|
2586 + MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome: URI |
|
2587 + MFSA 2008-04/CVE-2008-0417 Stored password corruption |
|
2588 + MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote |
|
2589 Code Execution |
|
2590 + MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing |
|
2591 vulnerabilities |
|
2592 + MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory |
|
2593 corruption (rv:1.8.1.12) |
|
2594 - Reference libaoss.so in start script (bnc#117079) |
|
2595 - Remove mozilla-canvas-1.8.1.10.patch, as it has been upstreamed |
|
2596 - Update firefox-ui-lockdown.patch (FATE#301534, FATE#302023, and |
|
2597 FATE#302024) |
|
2598 - Add application/x-xpinstall mime type to MozillaFirefox.desktop |
|
2599 - Add MozillaFirefox.xml to bind .xpi to application/x-xpinstall |
|
2600 in desktop. |
|
2601 |
|
2602 ------------------------------------------------------------------- |
|
2603 Thu Jan 17 17:52:47 CET 2008 - maw@suse.de |
|
2604 |
|
2605 - Add mozilla-maxpathlen.patch (#354150 and bmo #412610). |
|
2606 |
|
2607 ------------------------------------------------------------------- |
|
2608 Fri Dec 21 18:46:50 CET 2007 - maw@suse.de |
|
2609 |
|
2610 - Add firefox-348446-empty-lists.patch (bnc#348446). |
|
2611 |
|
2612 ------------------------------------------------------------------- |
|
2613 Wed Dec 5 02:21:26 CET 2007 - maw@suse.de |
|
2614 |
|
2615 - Respin proxy-dev.patch (bnc#340678) -- thanks, Anders! |
|
2616 |
|
2617 ------------------------------------------------------------------- |
|
2618 Tue Nov 27 18:25:25 CET 2007 - maw@suse.de |
|
2619 |
|
2620 - Security update to version 2.0.0.10 (#341905, #341591): |
|
2621 + MFSA 2007-39 Referer-spoofing via window.location race condition |
|
2622 + MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10) |
|
2623 + MFSA 2007-37 jar: URI scheme XSS hazard |
|
2624 + Fixes for regressions introduced in 2.0.0.8 |
|
2625 + Updated dbus.patch, startup.patch, misc.dif, and configure.patch |
|
2626 - Add mozilla-gcc4.3-fixes.patch |
|
2627 - Add mozilla-canvas-1.8.1.10.patch (#341591#c10). |
|
2628 |
|
2629 ------------------------------------------------------------------- |
|
2630 Mon Nov 26 18:27:25 CET 2007 - maw@suse.de |
|
2631 |
|
2632 - Build with -ftree-vrp -fwrapv, per advice in #342603#c17. |
|
2633 |
|
2634 ------------------------------------------------------------------- |
|
2635 Tue Nov 13 17:49:01 CET 2007 - maw@suse.de |
|
2636 |
|
2637 - Add firefox-gcc4.3-fixes.patch. |
|
2638 |
|
2639 ------------------------------------------------------------------- |
|
2640 Fri Oct 19 02:04:45 CEST 2007 - maw@suse.de |
|
2641 |
|
2642 - Security update to version 2.0.0.8 (#332512) (thanks, Wolfgang) |
|
2643 * MFSA 2007-29 Crashes with evidence of memory corruption |
|
2644 * MFSA 2007-30 onUnload Tailgating |
|
2645 * MFSA 2007-31 Digest authentication request splitting |
|
2646 * MFSA 2007-32 File input focus stealing vulnerability |
|
2647 * MFSA 2007-33 XUL pages can hide the window titlebar |
|
2648 * MFSA 2007-34 Possible file stealing through sftp protocol |
|
2649 * MFSA 2007-35 XPCNativeWraper pollution using Script object |
|
2650 complete advisories on |
|
2651 http://www.mozilla.org/projects/security/known-vulnerabilities.html |
|
2652 |
|
2653 ------------------------------------------------------------------- |
|
2654 Sun Sep 23 19:49:12 CEST 2007 - maw@suse.de |
|
2655 |
|
2656 - Don't explicitly require libaoss.so (#326751). |
|
2657 |
|
2658 ------------------------------------------------------------------- |
|
2659 Fri Sep 14 23:13:06 CEST 2007 - maw@suse.de |
|
2660 |
|
2661 - Update the Novell Support search plugin in search-addons.tar.bz2 |
|
2662 (#297261) |
|
2663 - Set the browser.tabs.loadFolderAndReplace preference to false |
|
2664 by default (#230759). |
|
2665 |
|
2666 ------------------------------------------------------------------- |
|
2667 Wed Sep 12 15:21:06 CEST 2007 - dmueller@suse.de |
|
2668 |
|
2669 - fix hardlinks accross partitions |
|
2670 |
|
2671 ------------------------------------------------------------------- |
|
2672 Thu Sep 6 16:07:12 CEST 2007 - maw@suse.de |
|
2673 |
|
2674 - Add http://software.opensuse.org/search?baseproject=openSUSE:10.3 |
|
2675 to the default bookmarks (#308223). |
|
2676 |
|
2677 ------------------------------------------------------------------- |
|
2678 Mon Sep 3 22:33:09 CEST 2007 - ro@suse.de |
|
2679 |
|
2680 - move last change a bit further in specfile |
|
2681 |
|
2682 ------------------------------------------------------------------- |
|
2683 Fri Aug 31 18:36:16 CEST 2007 - maw@suse.de |
|
2684 |
|
2685 - Mark a .png file as nonexecutable. |
|
2686 |
|
2687 ------------------------------------------------------------------- |
|
2688 Tue Aug 28 16:44:08 CEST 2007 - maw@suse.de |
|
2689 |
|
2690 - Minor .spec update (#305193) |
|
2691 + Remove two obsolete patches |
|
2692 + Correct releasedate |
|
2693 + Include only the officially supported locales. |
|
2694 |
|
2695 ------------------------------------------------------------------- |
|
2696 Wed Aug 22 17:53:03 CEST 2007 - maw@suse.de |
|
2697 |
|
2698 - Merge changes from the build service (thanks, Wolfgang): |
|
2699 + Provide locale dependency information (#302288) |
|
2700 + Add x11-session.patch, supporting X11 session management |
|
2701 (#227047) |
|
2702 + Update to version 2.0.0.6 |
|
2703 * MFSA 2007-26 Privilege escalation through chrome-loaded |
|
2704 about:blank windows |
|
2705 * MFSA 2007-27 Unescaped URIs passed to external programs |
|
2706 (only relevant on Windows) |
|
2707 - Use %fdupes. |
|
2708 |
|
2709 ------------------------------------------------------------------- |
|
2710 Tue Aug 21 09:45:35 CEST 2007 - aj@suse.de |
|
2711 |
|
2712 - Adjust bookmarks: Add news.opensuse.org, use new software.o.o |
|
2713 page. |
|
2714 |
|
2715 ------------------------------------------------------------------- |
|
2716 Thu Aug 16 14:57:27 CEST 2007 - mauro@suse.de |
|
2717 |
|
2718 - Revert previous change. |
|
2719 |
|
2720 ------------------------------------------------------------------- |
|
2721 Tue Aug 14 11:58:23 CEST 2007 - mauro@suse.de |
|
2722 |
|
2723 - Added support for ymp in the mimetypes.rdf |
|
2724 - Added OneClickInstallUrlHandler for handing the actual call from firefox. |
|
2725 - Fixes bnc #295677 |
|
2726 |
|
2727 ------------------------------------------------------------------- |
|
2728 Mon Jul 23 18:57:07 CEST 2007 - maw@suse.de |
|
2729 |
|
2730 - Security update to version 2.0.0.5 (#288115) which has fixes for: |
|
2731 MFSA 2007-18 |
|
2732 CVE-2007-3734 - Browser flaws |
|
2733 CVE-2007-3735 - Javascript flaws |
|
2734 |
|
2735 MFSA 2007-19 |
|
2736 CVE-2007-3736 |
|
2737 |
|
2738 MFSA 2007-20 |
|
2739 CVE-2007-3089 |
|
2740 |
|
2741 MFSA 2007-21 |
|
2742 CVE-2007-3737 |
|
2743 |
|
2744 MFSA 2007-22 |
|
2745 CVE-2007-3285 |
|
2746 |
|
2747 MFSA 2007-23 |
|
2748 CVE-2007-3670 |
|
2749 |
|
2750 MFSA 2007-24 |
|
2751 CVE-2007-3656 |
|
2752 |
|
2753 MFSA 2007-25 |
|
2754 CVE-2007-3738 |
|
2755 |
|
2756 ------------------------------------------------------------------- |
|
2757 Thu Jun 21 15:59:01 CEST 2007 - adrian@suse.de |
|
2758 |
|
2759 - fix changelog entry order |
|
2760 |
|
2761 ------------------------------------------------------------------- |
|
2762 Mon Jun 18 13:22:42 CDT 2007 - maw@suse.de |
|
2763 |
|
2764 - Use mozilla.sh.in from the build service (#230681). |
|
2765 |
|
2766 ------------------------------------------------------------------- |
|
2767 Tue Jun 5 15:55:08 CEST 2007 - sbrabec@suse.cz |
|
2768 |
|
2769 - Removed invalid desktop category "Application" (#254654). |
|
2770 |
|
2771 ------------------------------------------------------------------- |
|
2772 Mon Jun 4 19:53:35 CDT 2007 - maw@suse.de |
|
2773 |
|
2774 - Security update to version 2.0.0.4 |
|
2775 - Refresh configure.patch, startup.patch, and visibility.patch |
|
2776 - Now use l10n-%{version}.tar.bz2 instead of l10n.tar.bz2. |
|
2777 |
|
2778 ------------------------------------------------------------------- |
|
2779 Mon Apr 30 16:49:55 CEST 2007 - ro@suse.de |
|
2780 |
|
2781 - added unzip to BuildRequires |
|
2782 |
|
2783 ------------------------------------------------------------------- |
|
2784 Wed Apr 18 14:16:44 CEST 2007 - mfabian@suse.de |
|
2785 |
|
2786 - add Japanese to the languages which get PANGO enabled in the |
|
2787 start script to support the Japanese combining characters |
|
2788 U+3099 U+309A (see bugzilla #262718 comment #29). |
|
2789 |
|
2790 ------------------------------------------------------------------- |
|
2791 Mon Mar 12 11:06:10 CST 2007 - maw@suse.de |
|
2792 |
|
2793 - Package gconf stuff. |
|
2794 |
|
2795 ------------------------------------------------------------------- |
|
2796 Wed Feb 21 16:37:25 CST 2007 - maw@suse.de |
|
2797 |
|
2798 - Security update to 2.0.0.2 (#244923), which covers: |
|
2799 + mfsa2007-01 |
|
2800 * CVE-2007-0775 - layout engine crashes |
|
2801 * CVE-2007-0776 - SVG |
|
2802 * CVE-2007-0777 - javascript engine corruption |
|
2803 + mfsa2007-02 |
|
2804 * CVE-2007-0995 - Invalid trailing characters in HTML tag attributes |
|
2805 * CVE-2007-0996 - Child frame character set inheritance |
|
2806 * CVE-2006-6077 - Injected password forms |
|
2807 + mfsa2007-02 |
|
2808 + mfsa2007-03 |
|
2809 * CVE-2007-0078 |
|
2810 + mfsa2007-04 |
|
2811 * CVE-2007-0079 |
|
2812 + mfsa2007-05 |
|
2813 * CVE-2007-0780 |
|
2814 * CVE-2007-0800 |
|
2815 + mfsa2007-06 |
|
2816 * CVE-2007-0008 - client flaw |
|
2817 * CVE-2007-0009 - server flaw |
|
2818 + mfsa2007-07 |
|
2819 * CVE-2007-0981 |
|
2820 - Updates mozilla.sh.in (#230681) |
|
2821 - Fixes #232209 |
|
2822 - Updates the man page (#243037) |
|
2823 - Properly propagates exit codes (#241492) |
|
2824 - Adds em-356370.patch (#217374) |
|
2825 |
|
2826 ------------------------------------------------------------------- |
|
2827 Thu Jan 25 10:16:56 CST 2007 - maw@suse.de |
|
2828 |
|
2829 - Fixup the Gnome paths, keeping in closer sync with the |
|
2830 buildservice. |
|
2831 |
|
2832 ------------------------------------------------------------------- |
|
2833 Thu Jan 18 09:27:54 CST 2007 - maw@suse.de |
|
2834 |
|
2835 - Gnome is now in /usr, so remove references to /opt/gnome |
|
2836 - Install firefox.png with the executable bit not set. |
|
2837 |
|
2838 ------------------------------------------------------------------- |
|
2839 Wed Jan 10 12:57:39 CET 2007 - meissner@suse.de |
|
2840 |
|
2841 - readd MozillaFirebird provides (was incorrect in removing it). |
|
2842 |
|
2843 ------------------------------------------------------------------- |
|
2844 Mon Jan 8 11:16:08 CET 2007 - meissner@suse.de |
|
2845 |
|
2846 - Do not provide MozillaFirebird, just obsolete it. |
|
2847 |
|
2848 ------------------------------------------------------------------- |
|
2849 Fri Dec 1 02:22:49 CET 2006 - maw@suse.de |
|
2850 |
|
2851 - Update gecko-lockdown.patch (#220616). |
|
2852 |
|
2853 ------------------------------------------------------------------- |
|
2854 Thu Nov 30 19:02:54 CET 2006 - maw@suse.de |
|
2855 |
|
2856 - Update firefox-suse-default-prefs.js, adding |
|
2857 'pref("browser.backspace_action", 2);' (#217374) |
|
2858 |
|
2859 ------------------------------------------------------------------- |
|
2860 Thu Nov 30 08:17:28 CET 2006 - aj@suse.de |
|
2861 |
|
2862 - Fix last change (#224431). |
|
2863 |
|
2864 ------------------------------------------------------------------- |
|
2865 Wed Nov 29 11:45:47 CET 2006 - aj@suse.de |
|
2866 |
|
2867 - Change download bookmark (#224431). |
|
2868 - Rename bookmark folder to openSUSE. |
|
2869 |
|
2870 ------------------------------------------------------------------- |
|
2871 Tue Nov 28 08:09:48 CET 2006 - aj@suse.de |
|
2872 |
|
2873 - Sync from Buildservice with following critical fixes (thanks |
|
2874 Wolfgang Rosenauer!): |
|
2875 * fixed system-proxies.patch to actually work (#223881). |
|
2876 * Rearrange Bookmarks to pass trademark review. |
|
2877 |
|
2878 ------------------------------------------------------------------- |
|
2879 Mon Nov 27 19:40:44 CET 2006 - aj@suse.de |
|
2880 |
|
2881 - Fix tango theme (#223796). |
|
2882 |
|
2883 ------------------------------------------------------------------- |
|
2884 Mon Nov 27 17:40:50 CET 2006 - aj@suse.de |
|
2885 |
|
2886 - Use www.opensuse.org as home page. |
|
2887 |
|
2888 ------------------------------------------------------------------- |
|
2889 Sun Nov 12 11:28:00 CET 2006 - aj@suse.de |
|
2890 |
|
2891 - Set novell.com as home page. |
|
2892 - Update from BuildService (thanks Wolfgang!): |
|
2893 - fixed crash in htmlparser (#217257, bmo #358797) |
|
2894 - added gconf2 as PreReq (#212505) |
|
2895 - added 32bit libaoss.so as requirement (#216266) |
|
2896 - Removed SUSE searchplugin (Portal not available anymore) |
|
2897 (#216054) |
|
2898 - Removed obsolete xul-picker.patch and system-nspr.patch |
|
2899 - Fixed building on 10.1 and 10.0 (dbus) |
|
2900 - Removed obsolete throbber preference |
|
2901 |
|
2902 ------------------------------------------------------------------- |
|
2903 Thu Nov 9 19:09:46 CET 2006 - jhargadon@suse.de |
|
2904 |
|
2905 - updated tango theme |
|
2906 |
|
2907 ------------------------------------------------------------------- |
|
2908 Sun Oct 29 12:05:46 CET 2006 - aj@suse.de |
|
2909 |
|
2910 - Another fix for 214125, patch by Wolfgang Rosenauer. |
|
2911 |
|
2912 ------------------------------------------------------------------- |
|
2913 Thu Oct 26 06:58:59 CEST 2006 - aj@suse.de |
|
2914 |
|
2915 - Fix gcc warnings about undefined operations, patch by |
|
2916 Robert O'Callahan. |
|
2917 - Update system-proxies.patch to fix error box (214125), patch by |
|
2918 Robert O'Callahan. |
|
2919 |
|
2920 ------------------------------------------------------------------- |
|
2921 Mon Oct 23 21:54:54 CEST 2006 - aj@suse.de |
|
2922 |
|
2923 - Update to current CVS version of 2.0. |
|
2924 - Use www.opensuse.org as default home page for now (#203547). |
|
2925 |
|
2926 ------------------------------------------------------------------- |
|
2927 Sat Oct 21 08:53:50 CEST 2006 - aj@suse.de |
|
2928 |
|
2929 - Disable non-working plasticfox and tango themes. |
|
2930 |
|
2931 ------------------------------------------------------------------- |
|
2932 Fri Oct 20 20:16:29 CEST 2006 - aj@suse.de |
|
2933 |
|
2934 - Fix building of locales. |
|
2935 |
|
2936 ------------------------------------------------------------------- |
|
2937 Fri Oct 20 11:27:23 CEST 2006 - mkoenig@suse.de |
|
2938 |
|
2939 - update to version 2.0rc3: |
|
2940 * New features: Visual Refresh, Built-in phishing protection, |
|
2941 Enhanced search capabilities, Improved tabbed browsing, |
|
2942 Resuming your browsing session, Previewing and subscribing |
|
2943 to Web feeds, Inline spell checking, Live Titles, |
|
2944 Improved Add-ons manager, JavaScript 1.7, Extended search |
|
2945 plugin format, Updates to the extension system, |
|
2946 Client-side session and persistent storage, SVG text |
|
2947 |
|
2948 ------------------------------------------------------------------- |
|
2949 Tue Oct 17 11:26:44 CEST 2006 - meissner@suse.de |
|
2950 |
|
2951 - disabled debugging. |
|
2952 |
|
2953 ------------------------------------------------------------------- |
|
2954 Tue Sep 12 20:27:02 CEST 2006 - stark@suse.de |
|
2955 |
|
2956 - security update to version 1.5.0.7 |
|
2957 |
|
2958 ------------------------------------------------------------------- |
|
2959 Mon Aug 21 12:53:50 CEST 2006 - stark@suse.de |
|
2960 |
|
2961 - added greasemonkey helper change (#199920) |
|
2962 - fixed packager.mk for new make version |
|
2963 |
|
2964 ------------------------------------------------------------------- |
|
2965 Fri Aug 11 20:51:48 CEST 2006 - stark@suse.de |
|
2966 |
|
2967 - fixed crash in dbus component (patch by thoenig #197928) |
|
2968 - use external adresses for PAC configuration (#196506) |
|
2969 |
|
2970 ------------------------------------------------------------------- |
|
2971 Mon Aug 7 09:26:58 CEST 2006 - stark@suse.de |
|
2972 |
|
2973 - added symlink for Firefox 1.0.x compatibility |
|
2974 |
|
2975 ------------------------------------------------------------------- |
|
2976 Sat Jul 29 08:48:53 CEST 2006 - stark@suse.de |
|
2977 |
|
2978 - update to regression release 1.5.0.6 (#195043) |
|
2979 |
|
2980 ------------------------------------------------------------------- |
|
2981 Thu Jul 27 06:20:36 CEST 2006 - stark@suse.de |
|
2982 |
|
2983 - security update to version 1.5.0.5 (#195043) |
|
2984 * observer-lock.patch integrated now |
|
2985 - fixed leak in JS' liveconnect (#186066) |
|
2986 - fixed desktop file for old distributions |
|
2987 (StartupNotify=false) |
|
2988 |
|
2989 ------------------------------------------------------------------- |
|
2990 Thu Jun 29 20:13:28 CEST 2006 - stark@suse.de |
|
2991 |
|
2992 - fixed printing crash if the last used printer is not available |
|
2993 anymore (#187013) |
|
2994 |
|
2995 ------------------------------------------------------------------- |
|
2996 Fri Jun 16 22:11:22 CEST 2006 - stark@suse.de |
|
2997 |
|
2998 - added 48x48 icon (#185777) |
|
2999 |
|
3000 ------------------------------------------------------------------- |
|
3001 Mon Jun 12 20:20:02 CEST 2006 - stark@suse.de |
|
3002 |
|
3003 - fix overwrite confirmation for GTK filesaver (#179531) |
|
3004 - get network.negotiate-auth.trusted-uris and |
|
3005 network.negotiate-auth.delegation-uris from gconf if |
|
3006 system-settings are enabled (#184489) |
|
3007 |
|
3008 ------------------------------------------------------------------- |
|
3009 Thu Jun 1 20:34:43 CEST 2006 - stark@suse.de |
|
3010 |
|
3011 - update to security/stability release 1.5.0.4 (#179011) |
|
3012 - moved locale-global prefs to browserconfig.properties (#177881) |
|
3013 |
|
3014 ------------------------------------------------------------------- |
|
3015 Tue May 23 21:11:11 CEST 2006 - stark@suse.de |
|
3016 |
|
3017 - complete implementation of startup-notification (#115417) |
|
3018 (including autoconf and remote support) |
|
3019 - different home-pages for SLE10 and SL (#177881) |
|
3020 |
|
3021 ------------------------------------------------------------------- |
|
3022 Tue May 16 06:27:26 CEST 2006 - stark@suse.de |
|
3023 |
|
3024 - fixed potential deadlock in nsObserverList::RemoveObserver |
|
3025 (#173986, bmo #338069) |
|
3026 - base startup notification on libstartup-notification (#115417) |
|
3027 |
|
3028 ------------------------------------------------------------------- |
|
3029 Thu May 11 09:39:27 CEST 2006 - stark@suse.de |
|
3030 |
|
3031 - save printer settings properly (#174082, bmo #324072) |
|
3032 - added startup notification support for showing load activity |
|
3033 in Gnome and to avoid focus stealing prevention (#115417) |
|
3034 - added StartupNotify=true to desktop file (#115417) |
|
3035 - provide legacy symlink for NLD9 update compatibility (#173138) |
|
3036 - fixed system-proxies patch to avoid unwanted wpad requests |
|
3037 (#171743, #167613) |
|
3038 |
|
3039 ------------------------------------------------------------------- |
|
3040 Mon May 8 14:55:52 CEST 2006 - stark@suse.de |
|
3041 |
|
3042 - preconfigure the theme according to the used desktop (#151163) |
|
3043 |
|
3044 ------------------------------------------------------------------- |
|
3045 Thu Apr 27 10:24:07 CEST 2006 - stark@suse.de |
|
3046 |
|
3047 - last minute change for 1.5.0.3 |
|
3048 |
|
3049 ------------------------------------------------------------------- |
|
3050 Wed Apr 26 14:23:33 CEST 2006 - stark@suse.de |
|
3051 |
|
3052 - security update to 1.5.0.3 |
|
3053 - fix for typo in postscript.patch |
|
3054 |
|
3055 ------------------------------------------------------------------- |
|
3056 Tue Apr 25 14:14:51 CEST 2006 - stark@suse.de |
|
3057 |
|
3058 - fixed iframe crash (#169039, bmo #334515) |
|
3059 - fixed img tag misuse (#168710, bmo #334341) |
|
3060 |
|
3061 ------------------------------------------------------------------- |
|
3062 Mon Apr 24 08:04:16 CEST 2006 - stark@suse.de |
|
3063 |
|
3064 - improved postscript output (bmo #334485) |
|
3065 - changed defaults for printer properties (#6534) |
|
3066 - overwrite gnome-vfs' file protocol by providing "desktop-launch" |
|
3067 (#131501) |
|
3068 - get available paper sizes from CUPS (#65482) |
|
3069 - replaced/removed complicated gconfd reload in %post (#167989) |
|
3070 - fixed memory leak in clipboard caching (bmo #289897) |
|
3071 |
|
3072 ------------------------------------------------------------------- |
|
3073 Tue Apr 11 08:35:53 CEST 2006 - stark@suse.de |
|
3074 |
|
3075 - added (optional) plastikfox theme (#151163) |
|
3076 - get some more security related patches (#148876) |
|
3077 - finally fixed the default proxy configuration by adding a new |
|
3078 UI option (#132398) |
|
3079 |
|
3080 ------------------------------------------------------------------- |
|
3081 Mon Apr 3 11:41:13 CEST 2006 - stark@suse.de |
|
3082 |
|
3083 - fixed keyword fixup patch (#162532) |
|
3084 |
|
3085 ------------------------------------------------------------------- |
|
3086 Tue Mar 28 07:17:04 CEST 2006 - stark@suse.de |
|
3087 |
|
3088 - don't use keyword fixup for pasted text (#160034, bmo #331522) |
|
3089 |
|
3090 ------------------------------------------------------------------- |
|
3091 Mon Mar 20 09:28:58 CET 2006 - stark@suse.de |
|
3092 |
|
3093 - added Tango theme |
|
3094 - fixed reading proxies from gconf (#132398) |
|
3095 |
|
3096 ------------------------------------------------------------------- |
|
3097 Sun Mar 12 09:04:05 CET 2006 - stark@suse.de |
|
3098 |
|
3099 - tweaked bookmarks (fixed URLs) |
|
3100 - added Khmer (km-*) to pango locales (#157397) |
|
3101 |
|
3102 ------------------------------------------------------------------- |
|
3103 Sat Mar 4 21:08:45 CET 2006 - stark@suse.de |
|
3104 |
|
3105 - fixed crash with multipart JPEGs (bmo #328684) (#140416) |
|
3106 - got latest security fixes from upstream (#148876) |
|
3107 |
|
3108 ------------------------------------------------------------------- |
|
3109 Wed Feb 22 13:24:58 CET 2006 - stark@suse.de |
|
3110 |
|
3111 - fixed plugin loading when launched from Thunderbird (#151614) |
|
3112 - merged dbus reconnection patch (#150042) |
|
3113 - default to autodetect proxy (network.proxy.type=4) (#151811) |
|
3114 - added GTK category to desktop file |
|
3115 |
|
3116 ------------------------------------------------------------------- |
|
3117 Tue Feb 14 06:45:24 CET 2006 - stark@suse.de |
|
3118 |
|
3119 - modified lockdown patches (#67281, #67282) |
|
3120 - applied set of security patches (#148876) |
|
3121 bmo bugs: 282105, 307989, 315625, 320459, 323634, 325403, 325947 |
|
3122 |
|
3123 ------------------------------------------------------------------- |
|
3124 Tue Feb 7 20:09:43 CET 2006 - stark@suse.de |
|
3125 |
|
3126 - fixed disabling of Pango (#148788) |
|
3127 |
|
3128 ------------------------------------------------------------------- |
|
3129 Thu Feb 2 21:51:30 CET 2006 - stark@suse.de |
|
3130 |
|
3131 - define gssapi lib explicitely (#147670) |
|
3132 - use only official Firefox-Icon |
|
3133 - changed home-download patch |
|
3134 |
|
3135 ------------------------------------------------------------------- |
|
3136 Sun Jan 29 09:54:49 CET 2006 - stark@suse.de |
|
3137 |
|
3138 - throbber URL is default again |
|
3139 - removed firefox-showpass patch |
|
3140 - removed additional CA certs from builtin NSS |
|
3141 |
|
3142 ------------------------------------------------------------------- |
|
3143 Fri Jan 27 17:55:21 CET 2006 - stark@suse.de |
|
3144 |
|
3145 - got some l10n changes from 1.8.0 branch |
|
3146 |
|
3147 ------------------------------------------------------------------- |
|
3148 Fri Jan 27 08:15:09 CET 2006 - stark@suse.de |
|
3149 |
|
3150 - final 1.5.0.1 version |
|
3151 - make it possible to choose $HOME as download directory |
|
3152 (#144894, bmo #300856) |
|
3153 |
|
3154 ------------------------------------------------------------------- |
|
3155 Wed Jan 25 21:33:43 CET 2006 - mls@suse.de |
|
3156 |
|
3157 - converted neededforbuild to BuildRequires |
|
3158 |
|
3159 ------------------------------------------------------------------- |
|
3160 Sun Jan 22 17:06:57 CET 2006 - stark@suse.de |
|
3161 |
|
3162 - disable Pango if MOZ_ENABLE_PANGO is not set |
|
3163 and no typical language which needs Pango is used (#143428) |
|
3164 |
|
3165 ------------------------------------------------------------------- |
|
3166 Wed Jan 18 10:27:30 CET 2006 - stark@suse.de |
|
3167 |
|
3168 - fixed DumpStackToFile() for glibc 2.4 |
|
3169 - added default (font) settings |
|
3170 |
|
3171 ------------------------------------------------------------------- |
|
3172 Thu Jan 12 10:23:58 CET 2006 - stark@suse.de |
|
3173 |
|
3174 - update to 1.5.0.1pre (20060111) |
|
3175 - updated man-page |
|
3176 - fixed hovered tab close button |
|
3177 - only Requires mozilla-nspr instead of PreReq since |
|
3178 there is no postinstall registration necessary anymore |
|
3179 - use system NSS from CODE10 on |
|
3180 - use -fstack-protector where available |
|
3181 - changed unixproxy component to work on older distributions |
|
3182 |
|
3183 ------------------------------------------------------------------- |
|
3184 Mon Jan 2 13:39:09 CET 2006 - stark@suse.de |
|
3185 |
|
3186 - added unixproxy component written by Robert O'Callahan (#132398) |
|
3187 (bmo #66057) |
|
3188 - added official translations |
|
3189 - preload libaoss for plugin sound (#117079) |
|
3190 |
|
3191 ------------------------------------------------------------------- |
|
3192 Wed Dec 28 08:16:03 CET 2005 - stark@suse.de |
|
3193 |
|
3194 - get some patches from 1.8.0 branch |
|
3195 - readded modification to gconf-backend (bmo #321315) |
|
3196 - readded lockdown stuff |
|
3197 - enable additional extension install directory (#120329) |
|
3198 (/usr/lib/browser-extensions/firefox) |
|
3199 - added patch to make the XUL filechooser optional |
|
3200 (MOZ_XUL_PICKER) |
|
3201 |
|
3202 ------------------------------------------------------------------- |
|
3203 Wed Dec 14 16:08:12 CET 2005 - stark@suse.de |
|
3204 |
|
3205 - fixed patch for parsing -remote parameter |
|
3206 - removed default-plugin patch (not needed anymore) |
|
3207 |
|
3208 ------------------------------------------------------------------- |
|
3209 Fri Dec 9 17:21:29 CET 2005 - stark@suse.de |
|
3210 |
|
3211 - fix to ignore X composite extension (#135373) |
|
3212 - fixed parsing of -remote parameters (#134396) |
|
3213 - activated locales as released |
|
3214 |
|
3215 ------------------------------------------------------------------- |
|
3216 Tue Nov 29 21:33:13 CET 2005 - stark@suse.de |
|
3217 |
|
3218 - update to 1.5 (20051128) |
|
3219 - don't override startup URL when changing Gecko versions (#135314) |
|
3220 - added patch for GTK2 handling (#134831) |
|
3221 - readded add-plugins stuff for compatibility |
|
3222 |
|
3223 ------------------------------------------------------------------- |
|
3224 Fri Nov 18 07:41:41 CET 2005 - stark@suse.de |
|
3225 |
|
3226 - update to 1.5rc3 (20051117) |
|
3227 |
|
3228 ------------------------------------------------------------------- |
|
3229 Mon Oct 31 08:58:14 CET 2005 - stark@suse.de |
|
3230 |
|
3231 - updated l10n archive (20051030) |
|
3232 - fixed postinstall script to copy plugin links instead of files |
|
3233 |
|
3234 ------------------------------------------------------------------- |
|
3235 Fri Oct 28 06:43:27 CEST 2005 - stark@suse.de |
|
3236 |
|
3237 - update to 1.5rc1 (20051027) |
|
3238 - fixed profile locking on FAT partitions (bmo #313360) |
|
3239 - introduced an rpath again |
|
3240 |
|
3241 ------------------------------------------------------------------- |
|
3242 Wed Oct 19 20:03:48 CEST 2005 - stark@suse.de |
|
3243 |
|
3244 - update to snapshot 1.5 (20051019) |
|
3245 - moved installation to /usr/%{_lib}/firefox |
|
3246 - added dbus component to be able to get network status from |
|
3247 NetworkManager (bmo #312793) |
|
3248 - remove all update UI for application |
|
3249 - removed diable-gconf (no registration at build time anymore) |
|
3250 - removed rebuild-databases.sh (no system registration anymore) |
|
3251 - open links in new windows (#128087) |
|
3252 |
|
3253 ------------------------------------------------------------------- |
|
3254 Thu Oct 6 20:44:53 CEST 2005 - stark@suse.de |
|
3255 |
|
3256 - update to Firefox 1.5b2 (20051005) |
|
3257 - added supported translations |
|
3258 |
|
3259 ------------------------------------------------------------------- |
|
3260 Sat Oct 1 15:09:18 CEST 2005 - stark@suse.de |
|
3261 |
|
3262 - update to Firefox 1.5b1 (20050930) RPM version 1.4.1 |
|
3263 - removed rebuild-databases.sh calls |
|
3264 - removed add-plugins.sh calls and corresponding triggers |
|
3265 - enabled SVG and Canvas support |
|
3266 - fixed gconf urlhandler registration |
|
3267 |
|
3268 ------------------------------------------------------------------- |
|
3269 Tue Sep 20 10:24:16 CEST 2005 - stark@suse.de |
|
3270 |
|
3271 - security update to 1.0.7 (#117619) |
|
3272 * MFSA 2005-57: IDN heap overrun using soft-hyphens (bmo #307259) |
|
3273 (enabled IDN pref again) |
|
3274 * MFSA 2005-58: |
|
3275 CAN-2005-2701 Heap overrun in XBM image processing |
|
3276 CAN-2005-2702 Crash on "zero-width non-joiner" sequence |
|
3277 CAN-2005-2703 XMLHttpRequest header spoofing |
|
3278 CAN-2005-2704 Object spoofing using XBL <implements> |
|
3279 CAN-2005-2705 JavaScript integer overflow |
|
3280 CAN-2005-2706 Privilege escalation using about: scheme |
|
3281 CAN-2005-2707 Chrome window spoofing |
|
3282 Regression fixes |
|
3283 - register beagle extension if it gets installed (#116787) |
|
3284 |
|
3285 ------------------------------------------------------------------- |
|
3286 Tue Sep 13 15:41:37 CEST 2005 - aj@suse.de |
|
3287 |
|
3288 - Change SUSE bookmarks. |
|
3289 |
|
3290 ------------------------------------------------------------------- |
|
3291 Sun Sep 11 17:05:07 CEST 2005 - stark@suse.de |
|
3292 |
|
3293 - disable IDN per default (#116070) |
|
3294 - unlocalize bookmarks (#114279) |
|
3295 |
|
3296 ------------------------------------------------------------------- |
|
3297 Thu Sep 8 08:52:13 CEST 2005 - stark@suse.de |
|
3298 |
|
3299 - fixed some filemodes (#114849) |
|
3300 |
|
3301 ------------------------------------------------------------------- |
|
3302 Sun Sep 4 00:03:53 CEST 2005 - stark@suse.de |
|
3303 |
|
3304 - fixed gconf-backend patch to be able to use |
|
3305 system prefs (#114054) |
|
3306 |
|
3307 ------------------------------------------------------------------- |
|
3308 Thu Sep 1 13:22:17 CEST 2005 - stark@suse.de |
|
3309 |
|
3310 - changed default font to sans-serif (#114464) |
|
3311 - removed de-de parts of the bookmark-links (#114279) |
|
3312 |
|
3313 ------------------------------------------------------------------- |
|
3314 Mon Aug 22 06:10:12 CEST 2005 - stark@suse.de |
|
3315 |
|
3316 - install gconf schema for lockdown also on non-NLD |
|
3317 - added backports (firefox-backports.patch) |
|
3318 * gtk_im_context_set_cursor_location() is not used (bmo #281339) |
|
3319 * fixed crash in imgCacheValidator::OnStartRequest() |
|
3320 (bmo #293307) |
|
3321 - workaround for linking with pangoxft and pangox |
|
3322 (broken by gtk 2.8 update) (#105764) |
|
3323 - remove extensions on deinstallation |
|
3324 - include dragonegg (kparts) plugin (#105468) |
|
3325 |
|
3326 ------------------------------------------------------------------- |
|
3327 Thu Aug 18 13:08:55 CEST 2005 - stark@suse.de |
|
3328 |
|
3329 - fixed regression in profile locking change (bmo #303633) |
|
3330 - added rtsp handler to global config (#104434) |
|
3331 - don't blacklist help: protocol (bmo #304833) |
|
3332 - fixed Gdk-WARNING at startup (gtk.patch) |
|
3333 - fixed crash with gtk 2.7 (bmo #300226, bnc #104586) |
|
3334 - fixed installation of the beagle plugin |
|
3335 - update industrial theme to 1.0.11 (#104564) |
|
3336 - included lockdownV2 (removed obsolete gconf.diff) |
|
3337 - linked firefox-bin with rpath to progdir |
|
3338 |
|
3339 ------------------------------------------------------------------- |
|
3340 Fri Aug 5 09:51:26 CEST 2005 - stark@suse.de |
|
3341 |
|
3342 - fixed profile locking (bmo #151188) |
|
3343 - install beagle extension globally |
|
3344 |
|
3345 ------------------------------------------------------------------- |
|
3346 Fri Jul 29 06:58:24 CEST 2005 - stark@suse.de |
|
3347 |
|
3348 - don't require and provide NSS libs (#98002) |
|
3349 - fixed printing error 'You cannot print while in print preview' |
|
3350 (#96991, bmo #302445) |
|
3351 |
|
3352 ------------------------------------------------------------------- |
|
3353 Wed Jul 27 09:34:12 CEST 2005 - stark@suse.de |
|
3354 |
|
3355 - fixed Firefox on ppc (stack-direction.patch) (#97359) |
|
3356 - removed open-pref from startscript as it is done |
|
3357 automatically now (#73042) |
|
3358 - updated Novell searchplugins |
|
3359 |
|
3360 ------------------------------------------------------------------- |
|
3361 Mon Jul 25 12:32:13 CEST 2005 - stark@suse.de |
|
3362 |
|
3363 - GTK filechooser is now modal (#8533) |
|
3364 - backed out patch to add tooltips to print-preview |
|
3365 because it breaks localization |
|
3366 |
|
3367 ------------------------------------------------------------------- |
|
3368 Fri Jul 22 10:54:39 CEST 2005 - stark@suse.de |
|
3369 |
|
3370 - fixed another problem in printing patch |
|
3371 |
|
3372 ------------------------------------------------------------------- |
|
3373 Tue Jul 19 10:44:59 CEST 2005 - stark@suse.de |
|
3374 |
|
3375 - fixed error in ft-xft-ps2.patch |
|
3376 - disabled stripping in spec instead of patch |
|
3377 - added NSPR to PreReq |
|
3378 |
|
3379 ------------------------------------------------------------------- |
|
3380 Mon Jul 18 08:43:24 CEST 2005 - stark@suse.de |
|
3381 |
|
3382 - fixed some more regressions with final 1.0.6 |
|
3383 - fixed width calculation in Postscript module (bmo #290292) |
|
3384 - fixed plugin event starvation (bnc #94749, #94751, bmo #301161) |
|
3385 |
|
3386 ------------------------------------------------------------------- |
|
3387 Fri Jul 15 11:24:47 CEST 2005 - stark@suse.de |
|
3388 |
|
3389 - searchplugins can now be installed per profile (#8176) |
|
3390 |
|
3391 ------------------------------------------------------------------- |
|
3392 Fri Jul 15 06:54:02 CEST 2005 - stark@suse.de |
|
3393 |
|
3394 - update to 1.0.6 which restores API compatibility |
|
3395 |
|
3396 ------------------------------------------------------------------- |
|
3397 Tue Jul 12 06:20:37 CEST 2005 - stark@suse.de |
|
3398 |
|
3399 - update to 1.0.5 final (#88509) |
|
3400 - don't strip explicitely |
|
3401 - don't ship beagle.xpi |
|
3402 |
|
3403 ------------------------------------------------------------------- |
|
3404 Wed Jul 6 14:13:09 CEST 2005 - stark@suse.de |
|
3405 |
|
3406 - update to 1.0.5-pre (20050705) |
|
3407 - use RPM_OPT_FLAGS for NSS component |
|
3408 - fixed implicit declarations and uninitialized used variables |
|
3409 - added patch for bmo #87969 |
|
3410 |
|
3411 ------------------------------------------------------------------- |
|
3412 Tue Jul 5 10:17:16 CEST 2005 - stark@suse.de |
|
3413 |
|
3414 - fixed regression from security update (#95069, bmo #298478) |
|
3415 |
|
3416 ------------------------------------------------------------------- |
|
3417 Mon Jun 27 21:46:58 CEST 2005 - stark@suse.de |
|
3418 |
|
3419 - don't use system-prefs by default on NLD |
|
3420 - removed basic lockdown stuff for SUSE Linux |
|
3421 (it's not needed and caused problems: bnc #75418) |
|
3422 - fixed NLD lockdown patch (bnc #75418) |
|
3423 - don't write prefs back to gconf for now |
|
3424 |
|
3425 ------------------------------------------------------------------- |
|
3426 Wed Jun 22 07:32:42 CEST 2005 - stark@suse.de |
|
3427 |
|
3428 - new NLD lockdown patch which is syncing user prefs to gconf |
|
3429 - update to 1.0.5pre security-release |
|
3430 |
|
3431 ------------------------------------------------------------------- |
|
3432 Thu Jun 9 06:56:02 CEST 2005 - stark@suse.de |
|
3433 |
|
3434 - new revision of NLD lockdown patch |
|
3435 - fixed remote usage behaviour in start script (bnc #41903) |
|
3436 - got more bugfixes from the branch |
|
3437 |
|
3438 ------------------------------------------------------------------- |
|
3439 Thu Jun 2 10:31:48 CEST 2005 - stark@suse.de |
|
3440 |
|
3441 - fixed neededforbuild |
|
3442 |
|
3443 ------------------------------------------------------------------- |
|
3444 Wed Jun 1 20:15:25 CEST 2005 - stark@suse.de |
|
3445 |
|
3446 - fixed IDN for 64bit platforms (bmo #236425, bnc #46268) |
|
3447 |
|
3448 ------------------------------------------------------------------- |
|
3449 Fri May 20 15:12:06 CEST 2005 - stark@suse.de |
|
3450 |
|
3451 - fixed keybinding for KP separator (bnc #84147) |
|
3452 - pulled security related patch from upstream branch |
|
3453 - update plastikfox theme to version 1.6 |
|
3454 |
|
3455 ------------------------------------------------------------------- |
|
3456 Thu May 12 06:16:25 CEST 2005 - stark@suse.de |
|
3457 |
|
3458 - update to final 1.0.4 release |
|
3459 |
|
3460 ------------------------------------------------------------------- |
|
3461 Tue May 10 06:38:05 CEST 2005 - stark@suse.de |
|
3462 |
|
3463 - update to 1.0.4 security release |
|
3464 - removed s390(x) patches (upstream) |
|
3465 - made two more files %verify (81692) |
|
3466 - updated NLD lockdown patch (81304) |
|
3467 |
|
3468 ------------------------------------------------------------------- |
|
3469 Thu Apr 28 09:45:53 CEST 2005 - stark@suse.de |
|
3470 |
|
3471 - use static NSPR libs from new location |
|
3472 |
|
3473 ------------------------------------------------------------------- |
|
3474 Sat Apr 23 15:56:08 CEST 2005 - stark@suse.de |
|
3475 |
|
3476 - activate usage of system NSPR for distributions after 9.3 |
|
3477 - add patch to be able to use systen NSPR at all |
|
3478 |
|
3479 ------------------------------------------------------------------- |
|
3480 Fri Apr 22 02:06:06 CEST 2005 - ro@suse.de |
|
3481 |
|
3482 - use mozilla-gcc4.patch |
|
3483 |
|
3484 ------------------------------------------------------------------- |
|
3485 Thu Apr 21 12:51:19 CEST 2005 - stark@suse.de |
|
3486 |
|
3487 - don't execute gconf magic within build environment |
|
3488 |
|
3489 ------------------------------------------------------------------- |
|
3490 Sat Apr 16 13:05:37 CEST 2005 - stark@suse.de |
|
3491 |
|
3492 - update to final 1.0.3 release |
|
3493 |
|
3494 ------------------------------------------------------------------- |
|
3495 Fri Apr 15 00:10:54 CEST 2005 - ro@suse.de |
|
3496 |
|
3497 - fix problem in postinstall script |
|
3498 |
|
3499 ------------------------------------------------------------------- |
|
3500 Wed Apr 14 09:20:02 CEST 2005 - stark@suse.de |
|
3501 |
|
3502 - included fixed lockdown patch for NLD |
|
3503 - linked proxies within Firefox with gnome settings (NLD) |
|
3504 - added gconfd restart procedure to install script |
|
3505 (only needed if gconf changes are done) (#76852) |
|
3506 |
|
3507 ------------------------------------------------------------------- |
|
3508 Sat Apr 2 21:03:11 CEST 2005 - stark@suse.de |
|
3509 |
|
3510 - update to security pre-release 1.0.3 (#75692) |
|
3511 * Manual plug-in install, javascript vulnerability (bmo #288556) |
|
3512 * Access memory vulnerability (bmo #288688) |
|
3513 |
|
3514 ------------------------------------------------------------------- |
|
3515 Fri Apr 1 11:32:44 CEST 2005 - stark@suse.de |
|
3516 |
|
3517 - added advanced lockdown features for ZLM integration (NLD-only) |
|
3518 |
|
3519 ------------------------------------------------------------------- |
|
3520 Tue Mar 22 12:33:15 CET 2005 - stark@suse.de |
|
3521 |
|
3522 - update to final 1.0.2 |
|
3523 - use new theme handling on NLD |
|
3524 - added default-plugin-less-annoying from mozilla |
|
3525 - use GTK2 for Flash |
|
3526 - use system NSPR on SUSE releases after 9.3 |
|
3527 - made startscript PIS aware |
|
3528 - set g-application-name correctly (bmo #281979) |
|
3529 - added man-page |
|
3530 - use GTK system colors |
|
3531 - modify useragent string and add vendor id |
|
3532 - activate smooth-scrolling by default (#74310) |
|
3533 |
|
3534 ------------------------------------------------------------------- |
|
3535 Tue Mar 22 08:59:06 CET 2005 - stark@suse.de |
|
3536 |
|
3537 - don't register beagle automatically (#74062) |
|
3538 - added default bookmarks for SUSE LINUX |
|
3539 |
|
3540 ------------------------------------------------------------------- |
|
3541 Mon Mar 21 18:20:39 CET 2005 - max@suse.de |
|
3542 |
|
3543 - Fixed a typo in the shell code that handles inclusion of the |
|
3544 Acrobat Reader plugin (#70861). |
|
3545 |
|
3546 ------------------------------------------------------------------- |
|
3547 Thu Mar 17 21:01:11 CET 2005 - stark@suse.de |
|
3548 |
|
3549 - updates from upcoming 1.0.2 |
|
3550 - added again logic to use Adobe Reader 7 (#70861) |
|
3551 - fixed crash in ICO decoding (#67142, bmo #245631) |
|
3552 - preinstall beagle extension (#72920) |
|
3553 - bugfixes in trigger scripts |
|
3554 - fixed industrial theming for Gnome (#72918) |
|
3555 |
|
3556 ------------------------------------------------------------------- |
|
3557 Sat Mar 12 12:42:16 CET 2005 - stark@suse.de |
|
3558 |
|
3559 - fixed more security related bugs |
|
3560 (bmo #284551, #284627, #285595) |
|
3561 |
|
3562 ------------------------------------------------------------------- |
|
3563 Wed Mar 9 21:42:05 CET 2005 - stark@suse.de |
|
3564 |
|
3565 - update also GNOME desktop file (#71810) |
|
3566 - added firefox-gnome.png to filelist |
|
3567 - use correct Firefox icon |
|
3568 |
|
3569 ------------------------------------------------------------------- |
|
3570 Mon Mar 7 20:47:00 CET 2005 - stark@suse.de |
|
3571 |
|
3572 - disable inclusion of acrobat plugin again (#70861) |
|
3573 - don't use gconfd in registration phase (#66381) |
|
3574 |
|
3575 ------------------------------------------------------------------- |
|
3576 Mon Mar 7 16:13:29 CET 2005 - adrian@suse.de |
|
3577 |
|
3578 - use standard icon again for the default desktop file and |
|
3579 add a Gnome-only desktop file for the Gnome icon |
|
3580 - add plastikfox chrome theme to fix button order within KDE |
|
3581 - add patch for automatic theme selection for KDE and Gnome |
|
3582 - do register extensions in rebuild-databases.sh instead of %install, |
|
3583 to fix needed timestamps |
|
3584 |
|
3585 ------------------------------------------------------------------- |
|
3586 Fri Mar 4 07:54:47 CET 2005 - stark@suse.de |
|
3587 |
|
3588 - extend add-plugins to recognize Java 1.5 (#66909) |
|
3589 - changed comment in desktop-file (#66867) |
|
3590 |
|
3591 ------------------------------------------------------------------- |
|
3592 Tue Feb 22 09:33:44 CET 2005 - stark@suse.de |
|
3593 |
|
3594 - make --display parameter working in all cases (bnc #66043) |
|
3595 - revised postscript patch |
|
3596 - final 1.0.1 codebase |
|
3597 |
|
3598 ------------------------------------------------------------------- |
|
3599 Mon Feb 21 13:09:30 CET 2005 - stark@suse.de |
|
3600 |
|
3601 - added patch to create Postscript level 2 (instead of 3) |
|
3602 (special thanks to Jungshik Shin) |
|
3603 - disabled freetype explicitly to be able to use the above patch |
|
3604 (freetype wasn't used anymore since some time anyway) |
|
3605 |
|
3606 ------------------------------------------------------------------- |
|
3607 Fri Feb 18 09:10:10 CET 2005 - stark@suse.de |
|
3608 |
|
3609 - got more patches from branch to get another IDN fix and to |
|
3610 fix bug #51019 |
|
3611 - enabled IDN again |
|
3612 |
|
3613 ------------------------------------------------------------------- |
|
3614 Wed Feb 16 09:20:39 CET 2005 - stark@suse.de |
|
3615 |
|
3616 - bumped version number to 1.0.1 |
|
3617 |
|
3618 ------------------------------------------------------------------- |
|
3619 Tue Feb 15 10:26:04 CET 2005 - stark@suse.de |
|
3620 |
|
3621 - got updates from 1.0.1 branch |
|
3622 |
|
3623 ------------------------------------------------------------------- |
|
3624 Thu Feb 10 06:57:33 CET 2005 - stark@suse.de |
|
3625 |
|
3626 - additional fireflashing fix (#50635, bmo #280664) |
|
3627 - some more security related fixes |
|
3628 (bmo #268483, #273498, #277322) |
|
3629 - fire up GTK2 filepicker if GNOME is running |
|
3630 |
|
3631 ------------------------------------------------------------------- |
|
3632 Tue Feb 8 07:51:13 CET 2005 - stark@suse.de |
|
3633 |
|
3634 - some prefs are ignored (bmo #261934) |
|
3635 - disabled default IDN (#50566) |
|
3636 - fixed some more bugzilla.mozilla.org bugs: |
|
3637 #276482, #280056, #280603 |
|
3638 |
|
3639 ------------------------------------------------------------------- |
|
3640 Sun Feb 6 13:10:12 CET 2005 - stark@suse.de |
|
3641 |
|
3642 - use same desktop categories for Professional and NLD |
|
3643 - added some lockdown stuff for printing and page saving |
|
3644 (bmo #280488) |
|
3645 |
|
3646 ------------------------------------------------------------------- |
|
3647 Wed Feb 2 13:58:53 CET 2005 - stark@suse.de |
|
3648 |
|
3649 - modified gconf.diff to honor ignore_hosts (bmo #280742) |
|
3650 - added a JS crasher fix (bmo #268535) |
|
3651 - added more fixes (bmo #255441, #273024, #275405, #275634) |
|
3652 |
|
3653 ------------------------------------------------------------------- |
|
3654 Fri Jan 28 12:39:37 CET 2005 - stark@suse.de |
|
3655 |
|
3656 - added gplflash inclusion |
|
3657 - improved JRE inclusion |
|
3658 - reactivated usage of Acrobat Reader plugin |
|
3659 (ready for acroread 7) |
|
3660 |
|
3661 ------------------------------------------------------------------- |
|
3662 Sat Jan 22 13:16:47 CET 2005 - stark@suse.de |
|
3663 |
|
3664 - added some backported bugfixes |
|
3665 |
|
3666 ------------------------------------------------------------------- |
|
3667 Sat Dec 18 10:30:11 CET 2004 - stark@suse.de |
|
3668 |
|
3669 - updated industrial theme to 1.0.9 |
|
3670 - use slightly changed icon for menu-entry (bnc #275) |
|
3671 - use original desktop file for NLD again |
|
3672 |
|
3673 ------------------------------------------------------------------- |
|
3674 Thu Dec 16 19:37:48 CET 2004 - stark@suse.de |
|
3675 |
|
3676 - newer patch for GNOME associations (bnc #362) |
|
3677 - fix overwriting of files with GTK picker (Ximian #65068) |
|
3678 - readded the industrial default theme patch for NLD |
|
3679 |
|
3680 ------------------------------------------------------------------- |
|
3681 Wed Dec 15 11:50:56 CET 2004 - stark@suse.de |
|
3682 |
|
3683 - activate GTK filepicker for NLD again |
|
3684 - fix for GNOME helper applications with parameters |
|
3685 - make GNOME associations the default on NLD |
|
3686 |
|
3687 ------------------------------------------------------------------- |
|
3688 Sat Dec 4 16:11:01 CET 2004 - stark@suse.de |
|
3689 |
|
3690 - fixed build on s390/s390x |
|
3691 - added patch to be able to install-global without running X |
|
3692 (bmo #265859) |
|
3693 |
|
3694 ------------------------------------------------------------------- |
|
3695 Thu Nov 18 21:48:05 CET 2004 - stark@suse.de |
|
3696 |
|
3697 - update industrial theme to 1.0.8 (still not activated) |
|
3698 - added patch to make home-directory the default download dir |
|
3699 (on NLD is still used Desktop) |
|
3700 |
|
3701 ------------------------------------------------------------------- |
|
3702 Thu Nov 11 09:01:58 CET 2004 - stark@suse.de |
|
3703 |
|
3704 - made initial window height smaller again |
|
3705 |
|
3706 ------------------------------------------------------------------- |
|
3707 Tue Nov 9 09:09:06 CET 2004 - stark@suse.de |
|
3708 |
|
3709 - update to final 1.0 release (20041109) |
|
3710 |
|
3711 ------------------------------------------------------------------- |
|
3712 Thu Nov 4 08:22:36 CET 2004 - stark@suse.de |
|
3713 |
|
3714 - update to 1.0rc2 |
|
3715 |
|
3716 ------------------------------------------------------------------- |
|
3717 Sat Oct 30 21:27:29 CEST 2004 - stark@suse.de |
|
3718 |
|
3719 - added missing s390(x) patch |
|
3720 |
|
3721 ------------------------------------------------------------------- |
|
3722 Wed Oct 27 07:26:25 CEST 2004 - stark@suse.de |
|
3723 |
|
3724 - update to 1.0rc1 codebase |
|
3725 - printing via XFT/fontconfig |
|
3726 - freetype changes to avoid API conflicts with newer freetype2 |
|
3727 - fixed build for s390/s390x |
|
3728 - removed AMD64 patch (included upstream) |
|
3729 - added translations sub-package |
|
3730 - removed "Show folder" patch for NLD (resolved upstream) |
|
3731 - don't use gnome-filepicker patch for NLD for now |
|
3732 - removed hppa buildfix (included upstream) |
|
3733 - removed untitled.patch (bmo #24068) resolved by (bmo #262478) |
|
3734 - use make -C browser/installer now to prepare installation |
|
3735 - don't check for default browser at startup (#47587) |
|
3736 - updated industrial.jar (0.99.13) (disabled) |
|
3737 |
|
3738 ------------------------------------------------------------------- |
|
3739 Fri Oct 15 13:51:54 CEST 2004 - stark@suse.de |
|
3740 |
|
3741 - inherit locale from system |
|
3742 - fixed chrome registration |
|
3743 |
|
3744 ------------------------------------------------------------------- |
|
3745 Wed Oct 6 23:11:01 CEST 2004 - joeshaw@suse.de |
|
3746 |
|
3747 - disable gconf settings as default (Ximian #67718) |
|
3748 |
|
3749 ------------------------------------------------------------------- |
|
3750 Wed Oct 6 07:04:05 CEST 2004 - stark@suse.de |
|
3751 |
|
3752 - fixed inclusion of RealPlayer plugin again |
|
3753 |
|
3754 ------------------------------------------------------------------- |
|
3755 Tue Oct 5 10:09:04 CEST 2004 - stark@suse.de |
|
3756 |
|
3757 - small important fix in firefox-download.patch (Ximian #65472) |
|
3758 |
|
3759 ------------------------------------------------------------------- |
|
3760 Sun Oct 3 00:02:09 CEST 2004 - stark@suse.de |
|
3761 |
|
3762 - added security-fix from 0.10.1 (mozilla.org #259708) (#46687) |
|
3763 |
|
3764 ------------------------------------------------------------------- |
|
3765 Fri Oct 1 12:49:38 CEST 2004 - stark@suse.de |
|
3766 |
|
3767 - final fix for downloading to Desktop folder (Ximian #65756) |
|
3768 - remove Postscript from printer names (Ximian #65560) |
|
3769 |
|
3770 ------------------------------------------------------------------- |
|
3771 Thu Sep 30 16:14:10 CEST 2004 - shprasad@suse.de |
|
3772 |
|
3773 - Modified the MozillaFirefox.desktop file. |
|
3774 Changed the name 'Firefox' to 'Firefox Web Browser'. |
|
3775 Also changed it for all languages. |
|
3776 |
|
3777 ------------------------------------------------------------------- |
|
3778 Wed Sep 29 15:54:46 CEST 2004 - stark@suse.de |
|
3779 |
|
3780 - fix inclusion of RealPlayer plugin (Ximian #65711) |
|
3781 |
|
3782 ------------------------------------------------------------------- |
|
3783 Mon Sep 27 17:51:24 CEST 2004 - joeshaw@suse.de |
|
3784 |
|
3785 - Update the industrial default patch, for some reason it didn't |
|
3786 take before. |
|
3787 |
|
3788 ------------------------------------------------------------------- |
|
3789 Fri Sep 24 07:34:48 CEST 2004 - stark@suse.de |
|
3790 |
|
3791 - fix for Ximian #65176 (mozilla.org #240068) |
|
3792 - revised patch for update function (Ximian #65615) |
|
3793 |
|
3794 ------------------------------------------------------------------- |
|
3795 Thu Sep 23 20:21:39 CEST 2004 - joeshaw@suse.de |
|
3796 |
|
3797 - Uncomment the patch which tells the UI that industrial is the |
|
3798 default. |
|
3799 |
|
3800 ------------------------------------------------------------------- |
|
3801 Thu Sep 23 12:38:06 CEST 2004 - stark@suse.de |
|
3802 |
|
3803 - open Nautilus on NLD for 'Show folder' in download settings |
|
3804 (Ximian #65472) by sragavan@novell.com |
|
3805 - save to Desktop folder if selected (Ximian #65756) |
|
3806 by sragavan@novell.com |
|
3807 |
|
3808 ------------------------------------------------------------------- |
|
3809 Wed Sep 22 10:23:01 CEST 2004 - stark@suse.de |
|
3810 |
|
3811 - synced NLD package with 9.2 version |
|
3812 - GTK2 filepicker does now ask for confirmation when overwriting |
|
3813 files (Ximian #65068) by sagarwala@novell.com |
|
3814 - no direct update function (Ximian #65615) by rganesan@novell.com |
|
3815 - throbber linked to Novell (Ximian #66283) by rganesan@novell.com |
|
3816 - make industrial the default theme for NLD |
|
3817 (Ximian #65542) by joeshaw@suse.de |
|
3818 |
|
3819 ------------------------------------------------------------------- |
|
3820 Mon Sep 20 22:00:55 CEST 2004 - joeshaw@suse.de |
|
3821 |
|
3822 - Add default bookmarks. Ximian #65546. |
|
3823 - Add the industrial theme, but it's not the default yet. |
|
3824 - Remove acroread from add-plugins because it's badly behaved. |
|
3825 Ximian #65499. |
|
3826 |
|
3827 ------------------------------------------------------------------- |
|
3828 Mon Sep 20 17:57:38 CEST 2004 - federico@ximian.com |
|
3829 |
|
3830 - Added MozillaFirefox-toplevel-window-height.diff for |
|
3831 http://bugzilla.ximian.com/show_bug.cgi?id=65543 |
|
3832 |
|
3833 ------------------------------------------------------------------- |
|
3834 Sun Sep 19 15:42:30 CEST 2004 - stark@suse.de |
|
3835 |
|
3836 - use GNOME system prefs only for NLD by default |
|
3837 (fixes bug #45575) |
|
3838 |
|
3839 ------------------------------------------------------------------- |
|
3840 Fri Sep 17 08:59:32 CEST 2004 - stark@suse.de |
|
3841 |
|
3842 - joeshaw@suse.de: Update GConf patch so that proxy settings work |
|
3843 correctly (Ximian #64461) |
|
3844 - don't search Java on every path (Ximian #65383) |
|
3845 - added some missing fixes for official release |
|
3846 - added new java package name for triggers (#45257) |
|
3847 |
|
3848 ------------------------------------------------------------------- |
|
3849 Sat Sep 11 13:25:41 CEST 2004 - stark@suse.de |
|
3850 |
|
3851 - update to official 1.0PR (0.10) |
|
3852 - adopted gnome-filepicker patch |
|
3853 - removed obsolete CUPS hack from start-script |
|
3854 (Ximian #65635, #65560) |
|
3855 |
|
3856 ------------------------------------------------------------------- |
|
3857 Thu Sep 9 21:35:42 CEST 2004 - stark@suse.de |
|
3858 |
|
3859 - fixed endianess on AMD64 in JS component (#34743) |
|
3860 |
|
3861 ------------------------------------------------------------------- |
|
3862 Mon Sep 6 17:33:07 CEST 2004 - stark@suse.de |
|
3863 |
|
3864 - fixed filelist |
|
3865 |
|
3866 ------------------------------------------------------------------- |
|
3867 Mon Sep 6 13:48:03 CEST 2004 - stark@suse.de |
|
3868 |
|
3869 - update to 1.0PR (aka 0.10) |
|
3870 |
|
3871 ------------------------------------------------------------------- |
|
3872 Fri Sep 3 21:35:47 CEST 2004 - stark@suse.de |
|
3873 |
|
3874 - added ppc64 patch |
|
3875 |
|
3876 ------------------------------------------------------------------- |
|
3877 Thu Sep 2 03:08:59 CEST 2004 - dave@suse.de |
|
3878 |
|
3879 - Fixed up the .desktop installation on nld |
|
3880 |
|
3881 ------------------------------------------------------------------- |
|
3882 Wed Sep 1 15:05:48 CEST 2004 - shprasad@suse.de |
|
3883 |
|
3884 - Doesn't ask to set Firefox as default web-browser. |
|
3885 |
|
3886 ------------------------------------------------------------------- |
|
3887 Tue Aug 31 14:01:18 CEST 2004 - stark@suse.de |
|
3888 |
|
3889 - next new version for filepicker stuff |
|
3890 - deactivated native filepicker for NLD |
|
3891 - update to snapshot (20040831) |
|
3892 |
|
3893 ------------------------------------------------------------------- |
|
3894 Tue Aug 24 17:35:52 CEST 2004 - stark@suse.de |
|
3895 |
|
3896 - new version of gnome-filepicker patch |
|
3897 - added patch for config |
|
3898 |
|
3899 ------------------------------------------------------------------- |
|
3900 Fri Aug 20 17:12:48 CEST 2004 - stark@suse.de |
|
3901 |
|
3902 - update to snapshot (20040820) |
|
3903 |
|
3904 ------------------------------------------------------------------- |
|
3905 Thu Aug 19 08:46:42 CEST 2004 - stark@suse.de |
|
3906 |
|
3907 - added workaround for mozilla bug #246313 |
|
3908 (Firefox does not start: getting "cannot open display" error) |
|
3909 |
|
3910 ------------------------------------------------------------------- |
|
3911 Wed Aug 18 15:07:22 CEST 2004 - stark@suse.de |
|
3912 |
|
3913 - added some patches from Ximian |
|
3914 - use GNOME filepicker |
|
3915 - use more gconf settings |
|
3916 - set startup homepage to Novell |
|
3917 |
|
3918 ------------------------------------------------------------------- |
|
3919 Tue Aug 17 13:12:35 CEST 2004 - stark@suse.de |
|
3920 |
|
3921 - update to pre-1.0.0 (20040817) |
|
3922 |
|
3923 ------------------------------------------------------------------- |
|
3924 Thu Aug 5 06:27:41 CEST 2004 - stark@suse.de |
|
3925 |
|
3926 - security update to 0.9.3 |
|
3927 (including #43312 and others) |
|
3928 - handle RealPlayer 9 plugin |
|
3929 |
|
3930 ------------------------------------------------------------------- |
|
3931 Mon Aug 2 15:11:51 CEST 2004 - ro@suse.de |
|
3932 |
|
3933 - recode desktop file to utf-8 |
|
3934 |
|
3935 ------------------------------------------------------------------- |
|
3936 Wed Jul 28 08:46:31 CEST 2004 - stark@suse.de |
|
3937 |
|
3938 - added fix against certificate spoofing (#43312) |
|
3939 |
|
3940 ------------------------------------------------------------------- |
|
3941 Fri Jul 23 06:31:41 CEST 2004 - stark@suse.de |
|
3942 |
|
3943 - update to 0.9.2 |
|
3944 - added workaround for extension registry |
|
3945 - removed old (incompatible) mozex extension |
|
3946 |
|
3947 ------------------------------------------------------------------- |
|
3948 Tue Jun 29 06:27:59 CEST 2004 - stark@suse.de |
|
3949 |
|
3950 - update to 0.9.1 |
|
3951 - added hint to run as root first |
|
3952 |
|
3953 ------------------------------------------------------------------- |
|
3954 Tue Jun 15 12:42:28 CEST 2004 - stark@suse.de |
|
3955 |
|
3956 - update to 0.9 |
|
3957 - added patch for newer freetype |
|
3958 |
|
3959 ------------------------------------------------------------------- |
|
3960 Fri Apr 2 10:31:45 CEST 2004 - stark@suse.de |
|
3961 |
|
3962 - removing relocation of TEMP directory (#34391) |
|
3963 |
|
3964 ------------------------------------------------------------------- |
|
3965 Mon Mar 29 11:43:51 CEST 2004 - stark@suse.de |
|
3966 |
|
3967 - update to 0.8.0+ (20040503) |
|
3968 - removed firefox logos and activate official branding for |
|
3969 milestone builds |
|
3970 - changed profile-dir to .firefox |
|
3971 - added some needed files |
|
3972 - enabled gnomevfs extension |
|
3973 |
|
3974 ------------------------------------------------------------------- |
|
3975 Fri Mar 26 18:09:34 CET 2004 - uli@suse.de |
|
3976 |
|
3977 - fixed hang during build on s390* (bug #35440) |
|
3978 |
|
3979 ------------------------------------------------------------------- |
|
3980 Wed Mar 3 06:52:00 CET 2004 - stark@suse.de |
|
3981 |
|
3982 - removed unused patches for GTK2 build |
|
3983 - more fixes for (#35179) |
|
3984 |
|
3985 ------------------------------------------------------------------- |
|
3986 Mon Mar 1 07:32:52 CET 2004 - stark@suse.de |
|
3987 |
|
3988 - improved start-script to interact with thunderbird (#35179) |
|
3989 |
|
3990 ------------------------------------------------------------------- |
|
3991 Thu Feb 26 06:57:05 CET 2004 - stark@suse.de |
|
3992 |
|
3993 - use official releasedate |
|
3994 - added official (trademarked) artwork |
|
3995 - added firefox icon to /usr/share/pixmaps |
|
3996 - cleaned up spec-file (there will be no GTK1 version) |
|
3997 |
|
3998 ------------------------------------------------------------------- |
|
3999 Tue Feb 24 16:43:17 CET 2004 - stark@suse.de |
|
4000 |
|
4001 - fixed optimization for non-x86 archs |
|
4002 |
|
4003 ------------------------------------------------------------------- |
|
4004 Tue Feb 24 07:43:35 CET 2004 - stark@suse.de |
|
4005 |
|
4006 - adopted file-list and build options to original distribution |
|
4007 - added prdtoa fix (#32963) |
|
4008 - added hook for static firefox build to rebuild-databases.sh |
|
4009 - added compiler flags for security/ (nss-opt.patch) |
|
4010 - included mozex (mozex.mozdev.org) |
|
4011 - added -Os as optimization flag |
|
4012 |
|
4013 ------------------------------------------------------------------- |
|
4014 Mon Feb 9 21:59:37 CET 2004 - stark@suse.de |
|
4015 |
|
4016 - renamed to MozillaFirefox |
|
4017 - update to final version 0.8 |
|
4018 |
|
4019 ------------------------------------------------------------------- |
|
4020 Fri Feb 6 08:39:15 CET 2004 - stark@suse.de |
|
4021 |
|
4022 - update to Firebird 0.8 (20040205) |
|
4023 - added mips build fix |
|
4024 - set PS printer list in MozillaFirebird.sh |
|
4025 - use lib64 again for biarch platforms |
|
4026 |
|
4027 ------------------------------------------------------------------- |
|
4028 Sat Jan 10 10:33:54 CET 2004 - adrian@suse.de |
|
4029 |
|
4030 - build as user |
|
4031 |
|
4032 ------------------------------------------------------------------- |
|
4033 Fri Aug 22 11:32:07 CEST 2003 - stark@suse.de |
|
4034 |
|
4035 - upstream sync for 0.6.1post |
|
4036 |
|
4037 ------------------------------------------------------------------- |
|
4038 Sun Aug 10 22:01:12 CEST 2003 - stark@suse.de |
|
4039 |
|
4040 - removed dmoz from searchplugins-filelist |
|
4041 |
|
4042 ------------------------------------------------------------------- |
|
4043 Fri Aug 8 10:30:50 CEST 2003 - stark@suse.de |
|
4044 |
|
4045 - update to 0.6.1post (TRUNK) |
|
4046 - use -fno-strict-aliasing |
|
4047 |
|
4048 ------------------------------------------------------------------- |
|
4049 Thu Jul 31 11:25:39 CEST 2003 - stark@suse.de |
|
4050 |
|
4051 - update to 0.6.1 (MOZILLA_1_4_BRANCH) |
|
4052 - synchronized with mozilla-source |
|
4053 - created file-list |
|
4054 |
|
4055 ------------------------------------------------------------------- |
|
4056 Thu Jul 10 09:45:49 CEST 2003 - stark@suse.de |
|
4057 |
|
4058 - update to snapshot 20030709 |
|
4059 - fixed generation of symlink MozillaFirebird-xremote-client |
|
4060 |
|
4061 ------------------------------------------------------------------- |
|
4062 Fri Jun 20 06:53:08 CEST 2003 - stark@suse.de |
|
4063 |
|
4064 - update to snapshot 20030622 (0.7pre) |
|
4065 |
|
4066 ------------------------------------------------------------------- |
|
4067 Mon May 19 08:54:46 CEST 2003 - stark@suse.de |
|
4068 |
|
4069 - update to snapshot 20030518 (0.6) |
|
4070 |
|
4071 ------------------------------------------------------------------- |
|
4072 Sun May 7 10:11:16 CEST 2003 - stark@suse.de |
|
4073 |
|
4074 - update to snapshot 20030507 |
|
4075 |
|
4076 ------------------------------------------------------------------- |
|
4077 Wed Apr 30 13:26:43 CEST 2003 - stark@suse.de |
|
4078 |
|
4079 - initial SuSE package |
|
4080 |