|
1 ------------------------------------------------------------------- |
|
2 Wed Jun 23 14:40:35 CEST 2010 - wr@rosenauer.org |
|
3 |
|
4 - update to final 3.6.4 release (bnc#603356) |
|
5 * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/ |
|
6 CVE-2010-1203 |
|
7 Crashes with evidence of memory corruption (rv:1.9.2.4) |
|
8 * MFSA 2010-28/CVE-2010-1198 (bmo#532246) |
|
9 Freed object reuse across plugin instances |
|
10 * MFSA 2010-29/CVE-2010-1196 (bmo#534666) |
|
11 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal |
|
12 * MFSA 2010-30/CVE-2010-1199 (bmo#554255) |
|
13 Integer Overflow in XSLT Node Sorting |
|
14 * MFSA 2010-31/CVE-2010-1125 (bmo#552255) |
|
15 focus() behavior can be used to inject or steal keystrokes |
|
16 * MFSA 2010-32/CVE-2010-1197 (bmo#537120) |
|
17 Content-Disposition: attachment ignored if |
|
18 Content-Type: multipart also present |
|
19 * MFSA 2010-33/CVE-2008-5913 (bmo#475585) |
|
20 User tracking across sites using Math.random() |
|
21 |
|
22 ------------------------------------------------------------------- |
|
23 Mon Jun 7 07:07:33 CEST 2010 - wr@rosenauer.org |
|
24 |
|
25 - update to 3.6.4(build6) |
|
26 |
1 ------------------------------------------------------------------- |
27 ------------------------------------------------------------------- |
2 Sun Apr 18 09:42:40 CEST 2010 - wr@rosenauer.org |
28 Sun Apr 18 09:42:40 CEST 2010 - wr@rosenauer.org |
3 |
29 |
4 - security update to 3.6.4 (Lorentz) |
30 - security update to 3.6.4 (Lorentz) |
5 * enable crashreporter also for x86-64 |
31 * enable crashreporter also for x86-64 |