1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Tue Jul 9 10:41:59 UTC 2013 - wr@rosenauer.org |
2 Sun Aug 4 18:30:11 UTC 2013 - wr@rosenauer.org |
3 |
3 |
4 - update to Firefox 23.0b4 (20130708) |
4 - update to Firefox 23.0 (bnc#833389) |
|
5 * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 |
|
6 Miscellaneous memory safety hazards |
|
7 * MFSA 2013-64/CVE-2013-1704 (bmo#883313) |
|
8 Use after free mutating DOM during SetBody |
|
9 * MFSA 2013-65/CVE-2013-1705 (bmo#882865) |
|
10 Buffer underflow when generating CRMF requests |
|
11 * MFSA 2013-67/CVE-2013-1708 (bmo#879924) |
|
12 Crash during WAV audio file decoding |
|
13 * MFSA 2013-68/CVE-2013-1709 (bmo#838253) |
|
14 Document URI misrepresentation and masquerading |
|
15 * MFSA 2013-69/CVE-2013-1710 (bmo#871368) |
|
16 CRMF requests allow for code execution and XSS attacks |
|
17 * MFSA 2013-70/CVE-2013-1711 (bmo#843829) |
|
18 Bypass of XrayWrappers using XBL Scopes |
|
19 * MFSA 2013-72/CVE-2013-1713 (bmo#887098) |
|
20 Wrong principal used for validating URI for some Javascript |
|
21 components |
|
22 * MFSA 2013-73/CVE-2013-1714 (bmo#879787) |
|
23 Same-origin bypass with web workers and XMLHttpRequest |
|
24 * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) |
|
25 Local Java applets may read contents of local file system |
5 - requires NSPR 4.10 and NSS 3.15 |
26 - requires NSPR 4.10 and NSS 3.15 |
6 |
27 |
7 ------------------------------------------------------------------- |
28 ------------------------------------------------------------------- |
8 Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com |
29 Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com |
9 |
30 |