1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Sun Apr 15 08:16:22 UTC 2012 - wr@rosenauer.org |
2 Wed Apr 25 07:17:25 UTC 2012 - wr@rosenauer.org |
3 |
3 |
4 - update to Aurora 13 (20120414) |
4 - update to Firefox 13.0beta (20120425) |
|
5 - require NSS 3.13.4 |
|
6 |
|
7 ------------------------------------------------------------------- |
|
8 Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org |
|
9 |
|
10 - update to Firefox 12.0 (bnc#758408) |
|
11 * rebased patches |
|
12 * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 |
|
13 Miscellaneous memory safety hazards |
|
14 * MFSA 2012-22/CVE-2012-0469 (bmo#738985) |
|
15 use-after-free in IDBKeyRange |
|
16 * MFSA 2012-23/CVE-2012-0470 (bmo#734288) |
|
17 Invalid frees causes heap corruption in gfxImageSurface |
|
18 * MFSA 2012-24/CVE-2012-0471 (bmo#715319) |
|
19 Potential XSS via multibyte content processing errors |
|
20 * MFSA 2012-25/CVE-2012-0472 (bmo#744480) |
|
21 Potential memory corruption during font rendering using cairo-dwrite |
|
22 * MFSA 2012-26/CVE-2012-0473 (bmo#743475) |
|
23 WebGL.drawElements may read illegal video memory due to |
|
24 FindMaxUshortElement error |
|
25 * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) |
|
26 Page load short-circuit can lead to XSS |
|
27 * MFSA 2012-28/CVE-2012-0475 (bmo#694576) |
|
28 Ambiguous IPv6 in Origin headers may bypass webserver access |
|
29 restrictions |
|
30 * MFSA 2012-29/CVE-2012-0477 (bmo#718573) |
|
31 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues |
|
32 * MFSA 2012-30/CVE-2012-0478 (bmo#727547) |
|
33 Crash with WebGL content using textImage2D |
|
34 * MFSA 2012-31/CVE-2011-3062 (bmo#739925) |
|
35 Off-by-one error in OpenType Sanitizer |
|
36 * MFSA 2012-32/CVE-2011-1187 (bmo#624621) |
|
37 HTTP Redirections and remote content can be read by javascript errors |
|
38 * MFSA 2012-33/CVE-2012-0479 (bmo#714631) |
|
39 Potential site identity spoofing when loading RSS and Atom feeds |
|
40 - added mozilla-libnotify.patch to allow fallback from libnotify |
|
41 to xul based events if no notification-daemon is running |
|
42 - gcc 4.7 fixes |
|
43 * mozilla-gcc47.patch |
|
44 * disabled crashreporter temporarily for Factory |
|
45 - recommend libcanberra0 for proper sound notifications |
5 |
46 |
6 ------------------------------------------------------------------- |
47 ------------------------------------------------------------------- |
7 Fri Mar 9 21:47:07 UTC 2012 - wr@rosenauer.org |
48 Fri Mar 9 21:47:07 UTC 2012 - wr@rosenauer.org |
8 |
49 |
9 - update to Firefox 11.0 (bnc#750044) |
50 - update to Firefox 11.0 (bnc#750044) |