Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox37
changeset 844 86fa73db98e5
parent 843 0d861c33ec70
child 845 a704b2a17e39
child 846 d995ef5231ed
equal deleted inserted replaced
843:0d861c33ec70 844:86fa73db98e5 
     1 -------------------------------------------------------------------
 
     1 -------------------------------------------------------------------
 
     2 Sun Mar 22 13:00:28 UTC 2015 - wr@rosenauer.org
 
     2 Fri Apr  3 08:27:24 UTC 2015 - wr@rosenauer.org
 
     3 
     3 
     4 - update to Firefox 37.0b7
 
     4 - update to Firefox 37.0.1 (bnc#926166)
 
     5 - removed obsolete patch
 
     5   * MFSA 2015-43/CVE-2015-0798 (bmo#1147597) (Android only)
 
       
     6     Loading privileged content through Reader mode
 
       
     7   * MFSA 2015-44/CVE-2015-0799 (bmo#1148328)
 
       
     8     Certificate verification bypass through the HTTP/2 Alt-Svc header
 
       
     9 
       
    10 -------------------------------------------------------------------
 
       
    11 Sat Mar 28 09:46:48 UTC 2015 - wr@rosenauer.org
 
       
    12 
       
    13 - update to Firefox 37.0 (bnc#925368)
 
       
    14   * Heartbeat user rating system
 
       
    15   * Yandex set as default search provider for the Turkish locale
 
       
    16   * Bing search now uses HTTPS for secure searching
 
       
    17   * Improved protection against site impersonation via OneCRL
 
       
    18     centralized certificate revocation
 
       
    19   * Opportunistically encrypt HTTP traffic where the server supports
 
       
    20     HTTP/2 AltSvc
 
       
    21   * some more behaviour changes for TLS
 
       
    22   security fixes:
 
       
    23   * MFSA 2015-30/CVE-2015-0814/CVE-2015-0815
 
       
    24     Miscellaneous memory safety hazards
 
       
    25   * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
 
       
    26     Use-after-free when using the Fluendo MP3 GStreamer plugin
 
       
    27   * MFSA 2015-32/CVE-2015-0812 (bmo#1128126)
 
       
    28     Add-on lightweight theme installation approval bypassed through
 
       
    29     MITM attack
 
       
    30   * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
 
       
    31     resource:// documents can load privileged pages
 
       
    32   * MFSA-2015-34/CVE-2015-0811 (bmo#1132468)
 
       
    33     Out of bounds read in QCMS library
 
       
    34   * MFSA-2015-35/CVE-2015-0810 (bmo#1125013)
 
       
    35     Cursor clickjacking with flash and images (OS X only)
 
       
    36   * MFSA-2015-36/CVE-2015-0808 (bmo#1109552)
 
       
    37     Incorrect memory management for simple-type arrays in WebRTC
 
       
    38   * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
 
       
    39     CORS requests should not follow 30x redirections after preflight
 
       
    40   * MFSA-2015-38/CVE-2015-0805/CVE-2015-0806 (bmo#1135511, bmo#1099437)
 
       
    41     Memory corruption crashes in Off Main Thread Compositing
 
       
    42   * MFSA-2015-39/CVE-2015-0803/CVE-2015-0804 (bmo#1134560)
 
       
    43     Use-after-free due to type confusion flaws
 
       
    44   * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
 
       
    45     Same-origin bypass through anchor navigation
 
       
    46   * MFSA-2015-41/CVE-2015-0800/CVE-2012-2808
 
       
    47     PRNG weakness allows for DNS poisoning on Android (only)
 
       
    48   * MFSA-2015-42/CVE-2015-0802 (bmo#1124898)
 
       
    49     Windows can retain access to privileged content on navigation
 
       
    50     to unprivileged pages
 
       
    51 - removed obsolete patches
 
     6   * mozilla-bmo1088588.patch
 
    52   * mozilla-bmo1088588.patch
 
       
    53   * mozilla-bmo1108834.patch
 
     7 - requires NSPR 4.10.8
 
    54 - requires NSPR 4.10.8
 
       
    55 
       
    56 -------------------------------------------------------------------
 
       
    57 Tue Mar 24 15:35:24 UTC 2015 - dvaleev@suse.com
 
       
    58 
       
    59 - Fix builds with skia on Power
 
       
    60   mozilla-skia-be-le.patch (patch from #bmo1136958)
 
       
    61   mozilla-bmo1108834.patch
 
       
    62   mozilla-bmo1005535.patch
 
     8 
    63 
     9 -------------------------------------------------------------------
 
    64 -------------------------------------------------------------------
 
    10 Sat Mar 21 09:03:12 UTC 2015 - wr@rosenauer.org
 
    65 Sat Mar 21 09:03:12 UTC 2015 - wr@rosenauer.org
 
    11 
    66 
    12 - update to Firefox 36.0.4 (bnc#923534)
 
    67 - update to Firefox 36.0.4 (bnc#923534)
mozilla