1 ------------------------------------------------------------------- |
1 ------------------------------------------------------------------- |
2 Sun Apr 15 08:16:22 UTC 2012 - wr@rosenauer.org |
2 Wed Apr 25 11:45:10 UTC 2012 - wr@rosenauer.org |
3 |
3 |
4 - update to Aurora 13 (20120414) |
4 - update to Aurora 14 (20120425) |
|
5 |
|
6 ------------------------------------------------------------------- |
|
7 Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org |
|
8 |
|
9 - update to Firefox 12.0 (bnc#758408) |
|
10 * rebased patches |
|
11 * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 |
|
12 Miscellaneous memory safety hazards |
|
13 * MFSA 2012-22/CVE-2012-0469 (bmo#738985) |
|
14 use-after-free in IDBKeyRange |
|
15 * MFSA 2012-23/CVE-2012-0470 (bmo#734288) |
|
16 Invalid frees causes heap corruption in gfxImageSurface |
|
17 * MFSA 2012-24/CVE-2012-0471 (bmo#715319) |
|
18 Potential XSS via multibyte content processing errors |
|
19 * MFSA 2012-25/CVE-2012-0472 (bmo#744480) |
|
20 Potential memory corruption during font rendering using cairo-dwrite |
|
21 * MFSA 2012-26/CVE-2012-0473 (bmo#743475) |
|
22 WebGL.drawElements may read illegal video memory due to |
|
23 FindMaxUshortElement error |
|
24 * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) |
|
25 Page load short-circuit can lead to XSS |
|
26 * MFSA 2012-28/CVE-2012-0475 (bmo#694576) |
|
27 Ambiguous IPv6 in Origin headers may bypass webserver access |
|
28 restrictions |
|
29 * MFSA 2012-29/CVE-2012-0477 (bmo#718573) |
|
30 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues |
|
31 * MFSA 2012-30/CVE-2012-0478 (bmo#727547) |
|
32 Crash with WebGL content using textImage2D |
|
33 * MFSA 2012-31/CVE-2011-3062 (bmo#739925) |
|
34 Off-by-one error in OpenType Sanitizer |
|
35 * MFSA 2012-32/CVE-2011-1187 (bmo#624621) |
|
36 HTTP Redirections and remote content can be read by javascript errors |
|
37 * MFSA 2012-33/CVE-2012-0479 (bmo#714631) |
|
38 Potential site identity spoofing when loading RSS and Atom feeds |
|
39 - added mozilla-libnotify.patch to allow fallback from libnotify |
|
40 to xul based events if no notification-daemon is running |
|
41 - gcc 4.7 fixes |
|
42 * mozilla-gcc47.patch |
|
43 * disabled crashreporter temporarily for Factory |
|
44 - recommend libcanberra0 for proper sound notifications |
5 |
45 |
6 ------------------------------------------------------------------- |
46 ------------------------------------------------------------------- |
7 Fri Mar 9 21:47:07 UTC 2012 - wr@rosenauer.org |
47 Fri Mar 9 21:47:07 UTC 2012 - wr@rosenauer.org |
8 |
48 |
9 - update to Firefox 11.0 (bnc#750044) |
49 - update to Firefox 11.0 (bnc#750044) |