|
1 ------------------------------------------------------------------- |
|
2 Wed Sep 11 18:43:15 UTC 2013 - wr@rosenauer.org |
|
3 |
|
4 - update to Firefox 17.0.9esr (bnc#) |
|
5 |
|
6 ------------------------------------------------------------------- |
|
7 Fri Aug 2 09:58:06 UTC 2013 - wr@rosenauer.org |
|
8 |
|
9 - update to Firefox 17.0.8esr (bnc#833389) |
|
10 * MFSA 2013-63/CVE-2013-1701 |
|
11 Miscellaneous memory safety hazards |
|
12 * MFSA 2013-68/CVE-2013-1709 (bmo#838253) |
|
13 Document URI misrepresentation and masquerading |
|
14 * MFSA 2013-69/CVE-2013-1710 (bmo#871368) |
|
15 CRMF requests allow for code execution and XSS attacks |
|
16 * MFSA 2013-72/CVE-2013-1713 (bmo#887098) |
|
17 Wrong principal used for validating URI for some Javascript |
|
18 components |
|
19 * MFSA 2013-73/CVE-2013-1714 (bmo#879787) |
|
20 Same-origin bypass with web workers and XMLHttpRequest |
|
21 * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397) |
|
22 Local Java applets may read contents of local file system |
|
23 |
1 ------------------------------------------------------------------- |
24 ------------------------------------------------------------------- |
2 Wed Jun 19 21:05:21 UTC 2013 - wr@rosenauer.org |
25 Wed Jun 19 21:05:21 UTC 2013 - wr@rosenauer.org |
3 |
26 |
4 - update to Firefox 17.0.7esr (bnc#) |
27 - update to Firefox 17.0.7esr (bnc#825935) |
|
28 * MFSA 2013-49/CVE-2013-1682 |
|
29 Miscellaneous memory safety hazards |
|
30 * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 |
|
31 Memory corruption found using Address Sanitizer |
|
32 * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823) |
|
33 Privileged content access and execution via XBL |
|
34 * MFSA 2013-53/CVE-2013-1690 (bmo#857883) |
|
35 Execution of unmapped memory through onreadystatechange event |
|
36 * MFSA 2013-54/CVE-2013-1692 (bmo#866915) |
|
37 Data in the body of XHR HEAD requests leads to CSRF attacks |
|
38 * MFSA 2013-55/CVE-2013-1693 (bmo#711043) |
|
39 SVG filters can lead to information disclosure |
|
40 * MFSA 2013-56/CVE-2013-1694 (bmo#848535) |
|
41 PreserveWrapper has inconsistent behavior |
|
42 * MFSA 2013-59/CVE-2013-1697 (bmo#858101) |
|
43 XrayWrappers can be bypassed to run user defined methods in a |
|
44 privileged context |
5 |
45 |
6 ------------------------------------------------------------------- |
46 ------------------------------------------------------------------- |
7 Fri May 10 11:44:50 UTC 2013 - wr@rosenauer.org |
47 Fri May 10 11:44:50 UTC 2013 - wr@rosenauer.org |
8 |
48 |
9 - update to Firefox 17.0.6esr (bnc#819204) |
49 - update to Firefox 17.0.6esr (bnc#819204) |