1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Mon Nov 18 13:50:16 UTC 2013 - wr@rosenauer.org |
2 Sat Dec 28 20:10:57 UTC 2013 - wr@rosenauer.org |
3 |
3 |
4 - update to Firefox 26.0b5 |
4 - update to Firefox 27.0b2 |
|
5 - requires NSS 3.15.4 or higher |
|
6 - rebased/reworked patches |
|
7 - added mozilla-system-nspr.patch to allow system NSPR builds |
|
8 (bmo#953130) |
|
9 |
|
10 ------------------------------------------------------------------- |
|
11 Sun Dec 8 20:26:23 UTC 2013 - wr@rosenauer.org |
|
12 |
|
13 - update to Firefox 26.0 (bnc#854367, bnc#854370) |
5 * rebased patches |
14 * rebased patches |
6 * requires NSPR 4.10.2 and NSS 3.15.3 |
15 * requires NSPR 4.10.2 and NSS 3.15.3.1 |
|
16 * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 |
|
17 Miscellaneous memory safety hazards |
|
18 * MFSA 2013-105/CVE-2013-5611 (bmo#771294) |
|
19 Application Installation doorhanger persists on navigation |
|
20 * MFSA 2013-106/CVE-2013-5612 (bmo#871161) |
|
21 Character encoding cross-origin XSS attack |
|
22 * MFSA 2013-107/CVE-2013-5614 (bmo#886262) |
|
23 Sandbox restrictions not applied to nested object elements |
|
24 * MFSA 2013-108/CVE-2013-5616 (bmo#938341) |
|
25 Use-after-free in event listeners |
|
26 * MFSA 2013-109/CVE-2013-5618 (bmo#926361) |
|
27 Use-after-free during Table Editing |
|
28 * MFSA 2013-110/CVE-2013-5619 (bmo#917841) |
|
29 Potential overflow in JavaScript binary search algorithms |
|
30 * MFSA 2013-111/CVE-2013-6671 (bmo#930281) |
|
31 Segmentation violation when replacing ordered list elements |
|
32 * MFSA 2013-112/CVE-2013-6672 (bmo#894736) |
|
33 Linux clipboard information disclosure though selection paste |
|
34 * MFSA 2013-113/CVE-2013-6673 (bmo#970380) |
|
35 Trust settings for built-in roots ignored during EV certificate |
|
36 validation |
|
37 * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) |
|
38 Use-after-free in synthetic mouse movement |
|
39 * MFSA 2013-115/CVE-2013-5615 (bmo#929261) |
|
40 GetElementIC typed array stubs can be generated outside observed |
|
41 typesets |
|
42 * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) |
|
43 JPEG information leak |
|
44 * MFSA 2013-117 (bmo#946351) |
|
45 Mis-issued ANSSI/DCSSI certificate |
|
46 (fixed via NSS 3.15.3.1) |
7 - removed gecko.js preference file as GStreamer is enabled by |
47 - removed gecko.js preference file as GStreamer is enabled by |
8 default now |
48 default now |
9 |
49 |
10 ------------------------------------------------------------------- |
50 ------------------------------------------------------------------- |
11 Thu Oct 24 18:16:19 UTC 2013 - wr@rosenauer.org |
51 Thu Oct 24 18:16:19 UTC 2013 - wr@rosenauer.org |