Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
xulrunner/xulrunner.changes
branchfirefox17
changeset 562 9069817b5cac
parent 535 cba7622bad5d
child 564 9852e10fdf9b
equal deleted inserted replaced
556:a30fcfcd2e53 562:9069817b5cac 
     1 -------------------------------------------------------------------
 
     1 -------------------------------------------------------------------
 
     2 Tue Sep 11 09:26:09 UTC 2012 - wr@rosenauer.org
 
     2 Thu Oct 11 01:50:19 UTC 2012 - wr@rosenauer.org
 
     3 
     3 
     4 - update to 16.0b2
 
     4 - update to 16.0.1 (bnc#783533)
 
       
     5   * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
 
       
     6     Miscellaneous memory safety hazards
 
       
     7   * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
 
       
     8     defaultValue security checks not applied
 
       
     9 
       
    10 -------------------------------------------------------------------
 
       
    11 Sun Oct  7 21:41:01 UTC 2012 - wr@rosenauer.org
 
       
    12 
       
    13 - update to 16.0 (bnc#783533)
 
       
    14   * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
 
       
    15     Miscellaneous memory safety hazards
 
       
    16   * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
 
       
    17     select element persistance allows for attacks
 
       
    18   * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
 
       
    19     Continued access to initial origin after setting document.domain
 
       
    20   * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
 
       
    21     Some DOMWindowUtils methods bypass security checks
 
       
    22   * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
 
       
    23     DOS and crash with full screen and history navigation
 
       
    24   * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
 
       
    25     Crash with invalid cast when using instanceof operator
 
       
    26   * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
 
       
    27     GetProperty function can bypass security checks
 
       
    28   * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
 
       
    29     top object and location property accessible by plugins
 
       
    30   * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
 
       
    31     Chrome Object Wrapper (COW) does not disallow acces to privileged
 
       
    32     functions or properties
 
       
    33   * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
 
       
    34     Spoofing and script injection through location.hash
 
       
    35   * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
 
       
    36     CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
 
       
    37     Use-after-free, buffer overflow, and out of bounds read issues
 
       
    38     found using Address Sanitizer
 
       
    39   * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
 
       
    40     CVE-2012-4188
 
       
    41     Heap memory corruption issues found using Address Sanitizer
 
       
    42   * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
 
       
    43     Use-after-free in the IME State Manager
 
       
    44 - requires NSPR 4.9.2
 
       
    45 - removed upstreamed mozilla-crashreporter-restart-args.patch
 
       
    46 - updated translations-other with new languages
 
     5 
    47 
     6 -------------------------------------------------------------------
 
    48 -------------------------------------------------------------------
 
     7 Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org
 
    49 Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org
 
     8 
    50 
     9 - update to 15.0 (bnc#777588)
 
    51 - update to 15.0 (bnc#777588)
mozilla