Mercurial Mercurial > hg > mozilla / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
xulrunner/xulrunner-esr.changes
branchesr17
changeset 665 efc8a8a62a09
parent 655 f812ab6b56ac
child 677 ef3b8d075242 
--- a/xulrunner/xulrunner-esr.changes	Mon Jun 24 12:09:20 2013 +0200
+++ b/xulrunner/xulrunner-esr.changes	Sat Sep 14 21:02:47 2013 +0200
@@ -1,7 +1,52 @@
 -------------------------------------------------------------------
-Fri Jun 21 05:49:37 UTC 2013 - wr@rosenauer.org
+Thu Sep 12 10:07:45 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.9esr (bnc#)
+
+-------------------------------------------------------------------
+Fri Aug  2 11:51:23 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.8esr (bnc#833389)
+  * MFSA 2013-63/CVE-2013-1701
+    Miscellaneous memory safety hazards
+  * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
+    Document URI misrepresentation and masquerading
+  * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
+    CRMF requests allow for code execution and XSS attacks
+  * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
+    Wrong principal used for validating URI for some Javascript
+    components
+  * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
+    Same-origin bypass with web workers and XMLHttpRequest
+  * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
+    Local Java applets may read contents of local file system
+
+-------------------------------------------------------------------
+Mon Jun 24 15:26:27 UTC 2013 - wr@rosenauer.org
 
 - update to 17.0.7esr (bnc#825935)
+  * MFSA 2013-49/CVE-2013-1682
+    Miscellaneous memory safety hazards
+  * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
+    Memory corruption found using Address Sanitizer
+  * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
+    Privileged content access and execution via XBL
+  * MFSA 2013-53/CVE-2013-1690 (bmo#857883)
+    Execution of unmapped memory through onreadystatechange event
+  * MFSA 2013-54/CVE-2013-1692 (bmo#866915)
+    Data in the body of XHR HEAD requests leads to CSRF attacks
+  * MFSA 2013-55/CVE-2013-1693 (bmo#711043)
+    SVG filters can lead to information disclosure
+  * MFSA 2013-56/CVE-2013-1694 (bmo#848535)
+    PreserveWrapper has inconsistent behavior
+  * MFSA 2013-59/CVE-2013-1697 (bmo#858101)
+    XrayWrappers can be bypassed to run user defined methods in a
+    privileged context
+
+-------------------------------------------------------------------
+Tue Jun  4 16:24:51 UTC 2013 - dvaleev@suse.com
+
+- Fix build on powerpc (ppc-xpcshell.patch)
 
 -------------------------------------------------------------------
 Fri May 10 17:27:58 UTC 2013 - wr@rosenauer.org
mozilla