Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
branchfirefox70
changeset 1112 8a4f5aea2475
parent 1111 97a6da6d7e29
child 1114 572ec48f3fe8
equal deleted inserted replaced
1111:97a6da6d7e29 1112:8a4f5aea2475 
       
     1 -------------------------------------------------------------------
 
       
     2 Sun Oct 20 20:19:31 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
 
       
     3 
       
     4 - Mozilla Firefox 70.0
 
       
     5   * more privacy protections from Enhanced Tracking Protection
 
       
     6   * Firefox Lockwise passwordmanager
 
       
     7   * Improvements to core engine components, for better browsing on more sites
 
       
     8   * Improved privacy and security indicators
 
       
     9   MFSA 2019-34
 
       
    10   * CVE-2018-6156 (bmo#1480088)
 
       
    11     Heap buffer overflow in FEC processing in WebRTC
 
       
    12   * CVE-2019-15903 (bmo#1584907)
 
       
    13     Heap overflow in expat library in XML_GetCurrentLineNumber
 
       
    14   * CVE-2019-11757 (bmo#1577107)
 
       
    15     Use-after-free when creating index updates in IndexedDB
 
       
    16   * CVE-2019-11759 (bmo#1577953)
 
       
    17     Stack buffer overflow in HKDF output
 
       
    18   * CVE-2019-11760 (bmo#1577719)
 
       
    19     Stack buffer overflow in WebRTC networking
 
       
    20   * CVE-2019-11761 (bmo#1561502)
 
       
    21     Unintended access to a privileged JSONView object
 
       
    22   * CVE-2019-11762 (bmo#1582857)
 
       
    23     document.domain-based origin isolation has same-origin-property violation
 
       
    24   * CVE-2019-11763 (bmo#1584216)
 
       
    25     Incorrect HTML parsing results in XSS bypass technique
 
       
    26   * CVE-2019-11765 (bmo#1562582)
 
       
    27     Incorrect permissions could be granted to a website
 
       
    28   * CVE-2019-17000 (bmo#1441468)
 
       
    29     CSP bypass using object tag with data: URI
 
       
    30   * CVE-2019-17001 (bmo#1587976)
 
       
    31     CSP bypass using object tag when script-src 'none' is specified
 
       
    32   * CVE-2019-17002 (bmo#1561056)
 
       
    33     upgrade-insecure-requests was not being honored for links dragged and dropped
 
       
    34   * CVE-2019-11764 (bmo#1558522, bmo#1577061, bmo#1548044, bmo#1571223,
 
       
    35     bmo#1573048, bmo#1578933, bmo#1575217, bmo#1583684, bmo#1586845, bmo#1581950,
 
       
    36     bmo#1583463, bmo#1586599)
 
       
    37     Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
 
       
    38 - requires
 
       
    39     rust/cargo >= 1.36
 
       
    40     NSPR >= 4.22
 
       
    41     NSS >= 3.46.1
 
       
    42     rust-cbindgen >= 0.9.1
 
       
    43 - removed obsolete patches
 
       
    44     mozilla-bmo1573381.patch
 
       
    45     mozilla-nestegg-big-endian.patch
 
       
    46 
     1 -------------------------------------------------------------------
 
    47 -------------------------------------------------------------------
 
     2 Sun Oct 13 08:58:12 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
 
    48 Sun Oct 13 08:58:12 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
 
     3 
    49 
     4 - Mozilla Firefox 69.0.3
 
    50 - Mozilla Firefox 69.0.3
 
     5   * Fixed Yahoo mail users being prompted to download files when
 
    51   * Fixed Yahoo mail users being prompted to download files when
mozilla