1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Thu Nov 25 09:25:50 UTC 2010 - wr@rosenauer.org |
2 Thu Nov 25 09:25:50 UTC 2010 - wr@rosenauer.org |
3 |
3 |
4 - security update to 1.9.2.13 (bnc#) |
4 - security update to 1.9.2.13 (bnc#657016) |
|
5 * MFSA 2010-74/CVE-2010-3776/CVE-2010-3777/CVE-2010-3778 |
|
6 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16) |
|
7 * MFSA 2010-75/CVE-2010-3769 (bmo#608336) |
|
8 Buffer overflow while line breaking after document.write with |
|
9 long string |
|
10 * MFSA 2010-76/CVE-2010-3771 (bmo#609437) |
|
11 Chrome privilege escalation with window.open and <isindex> element |
|
12 * MFSA 2010-77/CVE-2010-3772 (bmo#594547) |
|
13 Crash and remote code execution using HTML tags inside a XUL tree |
|
14 * MFSA 2010-78/CVE-2010-3768 (bmo#527276) |
|
15 Add support for OTS font sanitizer |
|
16 * MFSA 2010-79/CVE-2010-3775 |
|
17 Java security bypass from LiveConnect loaded via data: URL |
|
18 meta refresh |
|
19 * MFSA 2010-80/CVE-2010-3766 (bmo#590771) |
|
20 Use-after-free error with nsDOMAttribute MutationObserver |
|
21 * MFSA 2010-81/CVE-2010-3767 (bmo#599468) |
|
22 Integer overflow vulnerability in NewIdArray |
|
23 * MFSA 2010-82/CVE-2010-3773 (bmo#554449) |
|
24 Incomplete fix for CVE-2010-0179 |
|
25 * MFSA 2010-83/VE-2010-3774 (bmo#602780) |
|
26 Location bar SSL spoofing using network error page |
|
27 * MFSA 2010-84/CVE-2010-3770 (bmo#601429) |
|
28 XSS hazard in multiple character encodings |
5 |
29 |
6 ------------------------------------------------------------------- |
30 ------------------------------------------------------------------- |
7 Wed Oct 27 07:12:14 CEST 2010 - wr@rosenauer.org |
31 Wed Oct 27 07:12:14 CEST 2010 - wr@rosenauer.org |
8 |
32 |
9 - security update to 1.9.2.12 (bnc#649492) |
33 - security update to 1.9.2.12 (bnc#649492) |