1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Sat Apr 21 15:36:28 UTC 2012 - wr@rosenauer.org |
2 Sat Apr 21 15:36:28 UTC 2012 - wr@rosenauer.org |
3 |
3 |
4 - update to 10.0.4esr (bnc#758408) |
4 - update to 10.0.4esr (bnc#758408) |
|
5 * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 |
|
6 Miscellaneous memory safety hazards |
|
7 * MFSA 2012-22/CVE-2012-0469 (bmo#738985) |
|
8 use-after-free in IDBKeyRange |
|
9 * MFSA 2012-23/CVE-2012-0470 (bmo#734288) |
|
10 Invalid frees causes heap corruption in gfxImageSurface |
|
11 * MFSA 2012-24/CVE-2012-0471 (bmo#715319) |
|
12 Potential XSS via multibyte content processing errors |
|
13 * MFSA 2012-25/CVE-2012-0472 (bmo#744480) |
|
14 Potential memory corruption during font rendering using cairo-dwrite |
|
15 * MFSA 2012-26/CVE-2012-0473 (bmo#743475) |
|
16 WebGL.drawElements may read illegal video memory due to |
|
17 FindMaxUshortElement error |
|
18 * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) |
|
19 Page load short-circuit can lead to XSS |
|
20 * MFSA 2012-29/CVE-2012-0477 (bmo#718573) |
|
21 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues |
|
22 * MFSA 2012-30/CVE-2012-0478 (bmo#727547) |
|
23 Crash with WebGL content using textImage2D |
|
24 * MFSA 2012-31/CVE-2011-3062 (bmo#739925) |
|
25 Off-by-one error in OpenType Sanitizer |
|
26 * MFSA 2012-33/CVE-2012-0479 (bmo#714631) |
|
27 Potential site identity spoofing when loading RSS and Atom feeds |
5 |
28 |
6 ------------------------------------------------------------------- |
29 ------------------------------------------------------------------- |
7 Mon Mar 5 07:15:57 UTC 2012 - wr@rosenauer.org |
30 Mon Mar 5 07:15:57 UTC 2012 - wr@rosenauer.org |
8 |
31 |
9 - update to 10.0.3esr (bnc#750044) |
32 - update to 10.0.3esr (bnc#750044) |