Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
MozillaFirefox/MozillaFirefox.changes
changeset 539 b1134fe91f9a
parent 536 66730e3b1735
child 540 55fe9dc16b1f 
--- a/MozillaFirefox/MozillaFirefox.changes	Mon Aug 20 08:55:43 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Tue Sep 11 19:27:09 2012 +0200
@@ -1,13 +1,55 @@
 -------------------------------------------------------------------
-Mon Aug 20 06:53:05 UTC 2012 - wr@rosenauer.org
-
-- update to Aurora 16.0
+Tue Sep 11 09:55:36 UTC 2012 - wr@rosenauer.org
+
+- update to Aurora 17 (20120910)
+
+-------------------------------------------------------------------
+Tue Sep 11 06:16:38 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 16.0b2
+- requires NSPR 4.9.2
 - improve GStreamer integration (bmo#760140)
+- removed upstreamed mozilla-crashreporter-restart-args.patch
+- webapprt now included
+- use kmozillahelper's new REVEAL command (bnc#777415)
+  (requires new API version 7)
 
 -------------------------------------------------------------------
-Fri Aug 10 17:13:28 UTC 2012 - wr@rosenauer.org
-
-- update to Firefox 15.0b4
+Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 15.0 (bnc#777588)
+  * MFSA 2012-57/CVE-2012-1970
+    Miscellaneous memory safety hazards
+  * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+    CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+    CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+    Use-after-free issues found using Address Sanitizer
+  * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
+    Location object can be shadowed using Object.defineProperty
+  * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
+    Escalation of privilege through about:newtab
+  * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+    Memory corruption with bitmap format images with negative height
+  * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+    WebGL use-after-free and memory corruption
+  * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+    SVG buffer overflow and use-after-free issues
+  * MFSA 2012-64/CVE-2012-3971
+    Graphite 2 memory corruption
+  * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+    Out-of-bounds read in format-number in XSLT
+  * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
+    HTTPMonitor extension allows for remote debugging without explicit
+    activation
+  * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
+    DOMParser loads linked resources in extensions when parsing
+    text/html
+  * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+    Incorrect site SSL certificate data display
+  * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+    Location object security checks bypassed by chrome code
+  * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+    Web console eval capable of executing chrome-privileged code
 - fix HTML5 video crash with GStreamer enabled (bmo#761030)
 - GStreamer is only used for MP4 (no WebM, OGG)
 - updated filelist
mozilla