Mercurial Mercurial > hg > mozilla / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
changeset 935 9ae2b79d3bb1
parent 933 7f60766aae16
child 936 096e59808e91
equal deleted inserted replaced
934:b61e849fe451 935:9ae2b79d3bb1 
       
     1 -------------------------------------------------------------------
 
       
     2 Fri Jan 20 13:57:56 UTC 2017 - wr@rosenauer.org
 
       
     3 
       
     4 - update to Firefox 51.0b14 (boo#)
 
       
     5   * requires NSPR >= 4.13.1, NSS >= 3.28.1
 
       
     6 - removed obsolete patches
 
       
     7   * mozilla-flex_buffer_overrun.patch
 
       
     8 
     1 -------------------------------------------------------------------
 
     9 -------------------------------------------------------------------
 
     2 Mon Dec 12 21:18:41 UTC 2016 - wr@rosenauer.org
 
    10 Mon Dec 12 21:18:41 UTC 2016 - wr@rosenauer.org
 
     3 
    11 
     4 - update to Firefox 50.1.0 (boo#)
 
    12 - update to Firefox 50.1.0 (boo#1015422)
 
       
    13   * MFSA 2016-94
 
       
    14     CVE-2016-9894: Buffer overflow in SkiaGL (bmo#1306628)
 
       
    15     CVE-2016-9899: Use-after-free while manipulating DOM events and
 
       
    16                    audio elements (bmo#1317409)
 
       
    17     CVE-2016-9895: CSP bypass using marquee tag (bmo#1312272)
 
       
    18     CVE-2016-9896: Use-after-free with WebVR (bmo#1315543)
 
       
    19     CVE-2016-9897: Memory corruption in libGLES (bmo#1301381)
 
       
    20     CVE-2016-9898: Use-after-free in Editor while manipulating
 
       
    21                    DOM subtrees (bmo#1314442)
 
       
    22     CVE-2016-9900: Restricted external resources can be loaded by
 
       
    23                    SVG images through data URLs (bmo#1319122)
 
       
    24     CVE-2016-9904: Cross-origin information leak in shared atoms
 
       
    25                    (bmo#1317936)
 
       
    26     CVE-2016-9901: Data from Pocket server improperly sanitized
 
       
    27                    before execution (bmo#1320057)
 
       
    28     CVE-2016-9902: Pocket extension does not validate the origin
 
       
    29                    of events (bmo#1320039)
 
       
    30     CVE-2016-9903: XSS injection vulnerability in add-ons SDK
 
       
    31                    (bmo#1315435)
 
       
    32     CVE-2016-9080: Memory safety bugs fixed in Firefox 50.1
 
       
    33     CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and
 
       
    34                    Firefox ESR 45.6
 
     5 
    35 
     6 -------------------------------------------------------------------
 
    36 -------------------------------------------------------------------
 
     7 Fri Dec  9 17:57:22 UTC 2016 - cgrobertson@novell.com
 
    37 Fri Dec  9 17:57:22 UTC 2016 - cgrobertson@novell.com
 
     8 
    38 
     9 - added patch mozilla-aarch64-startup-crash.patch (bsc#1011922)
 
    39 - added patch mozilla-aarch64-startup-crash.patch (bsc#1011922)
mozilla