diff -r b94dace970c6 -r 2fa2f92f6f37 xulrunner/xulrunner.changes
--- a/xulrunner/xulrunner.changes	Sat Dec 12 10:06:11 2015 +0100
+++ b/xulrunner/xulrunner.changes	Sat Dec 19 17:36:33 2015 +0100
@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Sat Dec 12 12:51:46 UTC 2015 - wr@rosenauer.org
+
+- update to xulrunner 38.5.0 (bnc#959277)
+  * MFSA 2015-134/CVE-2015-7201
+    Miscellaneous memory safety hazards
+  * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
+    Use-after-free in WebRTC when datachannel is used after being
+    destroyed
+  * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
+    Integer overflow allocating extremely large textures
+  * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
+    Underflow through code inspection
+  * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
+    Integer overflow in MP4 playback in 64-bit versions
+  * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
+    Integer underflow and buffer overflow processing MP4 metadata in
+    libstagefright
+  * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
+    Cross-site reading attack through data and view-source URIs
+
 -------------------------------------------------------------------
 Sat Oct 31 09:32:17 UTC 2015 - wr@rosenauer.org