Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox42
changeset 886 2e9f984bca7f
parent 885 ee3c462047d5
child 889 de3a92aed259
equal deleted inserted replaced
885:ee3c462047d5 886:2e9f984bca7f 
       
     1 -------------------------------------------------------------------
 
       
     2 Sun Nov 15 19:52:20 UTC 2015 - wr@rosenauer.org
 
       
     3 
       
     4 - Add desktop menu action for private browsing window to desktop
 
       
     5   file (boo#954747)
 
       
     6 - remove obsolete patch mozilla-bmo1005535.patch completely from
 
       
     7   source package to avoid automatic check failures
 
       
     8 
     1 -------------------------------------------------------------------
 
     9 -------------------------------------------------------------------
 
     2 Sat Oct 31 19:50:03 UTC 2015 - wr@rosenauer.org
 
    10 Sat Oct 31 19:50:03 UTC 2015 - wr@rosenauer.org
 
     3 
    11 
     4 - update to Firefox 42.0 (bnc#952810)
 
    12 - update to Firefox 42.0 (bnc#952810)
 
     5   * Private Browsing with Tracking Protection blocks certain Web
 
    13   * Private Browsing with Tracking Protection blocks certain Web
 
     7   * Control Center that contains site security and privacy controls
 
    15   * Control Center that contains site security and privacy controls
 
     8   * Login Manager improvements
 
    16   * Login Manager improvements
 
     9   * WebRTC improvements
 
    17   * WebRTC improvements
 
    10   * Indicator added to tabs that play audio with one-click muting
 
    18   * Indicator added to tabs that play audio with one-click muting
 
    11   * Media Source Extension for HTML5 video available for all sites
 
    19   * Media Source Extension for HTML5 video available for all sites
 
    12 - requires NSPR 4.10.10 and NSS 3.19.4
 
    20   security fixes:
 
       
    21   * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
 
       
    22     Miscellaneous memory safety hazards
 
       
    23   * MFSA 2015-117/CVE-2015-4515 (bmo#1046421)
 
       
    24     Information disclosure through NTLM authentication
 
       
    25   * MFSA 2015-118/CVE-2015-4518 (bmo#1182778, bmo#1136692)
 
       
    26     CSP bypass due to permissive Reader mode whitelist
 
       
    27   * MFSA 2015-119/CVE-2015-7185 (bmo#1149000) (Android only)
 
       
    28     Firefox for Android addressbar can be removed after fullscreen mode
 
       
    29   * MFSA 2015-120/CVE-2015-7186 (bmo#1193027) (Android only)
 
       
    30     Reading sensitive profile files through local HTML file on Android
 
       
    31   * MFSA 2015-121/CVE-2015-7187 (bmo#1195735)
 
       
    32     disabling scripts in Add-on SDK panels has no effect
 
       
    33   * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
 
       
    34     Trailing whitespace in IP address hostnames can bypass same-origin policy
 
       
    35   * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
 
       
    36     Buffer overflow during image interactions in canvas
 
       
    37   * MFSA 2015-124/CVE-2015-7190 (bmo#1208520) (Android only)
 
       
    38     Android intents can be used on Firefox for Android to open privileged files
 
       
    39   * MFSA 2015-125/CVE-2015-7191 (bmo#1208956) (Android only)
 
       
    40     XSS attack through intents on Firefox for Android
 
       
    41   * MFSA 2015-126/CVE-2015-7192 (bmo#1210023) (OS X only)
 
       
    42     Crash when accessing HTML tables with accessibility tools on OS X
 
       
    43   * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
 
       
    44     CORS preflight is bypassed when non-standard Content-Type headers
 
       
    45     are received
 
       
    46   * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
 
       
    47     Memory corruption in libjar through zip files
 
       
    48   * MFSA 2015-129/CVE-2015-7195 (bmo#1211871)
 
       
    49     Certain escaped characters in host of Location-header are being
 
       
    50     treated as non-escaped
 
       
    51   * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
 
       
    52     JavaScript garbage collection crash with Java applet
 
       
    53   * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
 
       
    54     (bmo#1188010, bmo#1204061, bmo#1204155)
 
       
    55     Vulnerabilities found through code inspection
 
       
    56   * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
 
       
    57     Mixed content WebSocket policy bypass through workers
 
       
    58   * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
 
       
    59     (bmo#1202868, bmo#1205157)
 
       
    60     NSS and NSPR memory corruption issues
 
       
    61     (fixed in mozilla-nspr and mozilla-nss packages)
 
       
    62 - requires NSPR >= 4.10.10 and NSS >= 3.19.4
 
    13 - removed obsolete patches
 
    63 - removed obsolete patches
 
    14   * mozilla-arm-disable-edsp.patch
 
    64   * mozilla-arm-disable-edsp.patch
 
    15   * mozilla-icu-strncat.patch
 
    65   * mozilla-icu-strncat.patch
 
    16   * mozilla-skia-be-le.patch
 
    66   * mozilla-skia-be-le.patch
 
    17   * toolkit-download-folder.patch
 
    67   * toolkit-download-folder.patch
mozilla