Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
changeset 563 8349c239bff9
parent 547 65364282c9bc
child 568 2c74c5927ea2 
--- a/MozillaFirefox/MozillaFirefox.changes	Tue Oct 09 13:43:09 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Mon Oct 15 16:16:45 2012 +0200
@@ -1,19 +1,64 @@
 -------------------------------------------------------------------
-Thu Oct  4 04:51:23 UTC 2012 - wr@rosenauer.org
-
-- update to Aurora 17 (20121003)
+Mon Oct 15 14:15:53 UTC 2012 - wr@rosenauer.org
+
+- update to Aurora 18 (20121015)
+
+-------------------------------------------------------------------
+Mon Oct 15 14:07:12 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 17.0b1
 - use internal NSPR for now (bmo#776877)
 
 -------------------------------------------------------------------
-Thu Sep 27 18:20:18 UTC 2012 - wr@rosenauer.org
-
-- update to Firefox 16.0b5
+Thu Oct 11 01:51:16 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 16.0.1 (bnc#783533)
+  * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
+    Miscellaneous memory safety hazards
+  * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
+    defaultValue security checks not applied
+
+-------------------------------------------------------------------
+Sun Oct  7 21:40:14 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 16.0 (bnc#783533)
+  * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
+    Miscellaneous memory safety hazards
+  * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
+    select element persistance allows for attacks
+  * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
+    Continued access to initial origin after setting document.domain
+  * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
+    Some DOMWindowUtils methods bypass security checks
+  * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
+    DOS and crash with full screen and history navigation
+  * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
+    Crash with invalid cast when using instanceof operator
+  * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
+    GetProperty function can bypass security checks
+  * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
+    top object and location property accessible by plugins
+  * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
+    Chrome Object Wrapper (COW) does not disallow acces to privileged
+    functions or properties
+  * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
+    Spoofing and script injection through location.hash
+  * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
+    CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
+    Use-after-free, buffer overflow, and out of bounds read issues
+    found using Address Sanitizer
+  * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
+    CVE-2012-4188
+    Heap memory corruption issues found using Address Sanitizer
+  * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
+    Use-after-free in the IME State Manager
 - requires NSPR 4.9.2
 - improve GStreamer integration (bmo#760140)
 - removed upstreamed mozilla-crashreporter-restart-args.patch
 - webapprt now included
 - use kmozillahelper's new REVEAL command (bnc#777415)
   (requires mozilla-kde4-integration >= 0.6.4)
+- updated translations-other with new languages
 
 -------------------------------------------------------------------
 Mon Sep 10 19:37:56 UTC 2012 - wr@rosenauer.org
mozilla